Further troubleshooting makes this seem like it has something to do with
time (GPO applying maybe?)
I can run another job with the same connection to staging_domain and
eventually it starts working.
I'm still trying to figure it out, ill post back here if I find anything
On Saturday, February 29, 2020 at 7:33:38 PM UTC-8, Dave York wrote:
>
> Thanks Jordan, I think you kicked me in the right direction, but still
> missing something. I'm following your guidance somewhat, but I'm adding
> the inventory within the playbook instead of in the inventory:
>
> - name: add new host staging_domain to inventory
> add_host:
> name: staging_domain
> ansible_host: serverA.internal.domain
> ansible_user: '{{ ansible_user }}'
> ansible_password: '{{ ansible_password }}'
> ansible_connection: winrm
> ansible_port: 5985
>
> - name: add new host staging_localadmin to inventory
> add_host:
> name: staging_localadmin
> ansible_host: serverA.internal.domain
> ansible_user: Administrator
> ansible_password: '{{ randopass }}'
> ansible_connection: winrm
> ansible_port: 5985
>
> The above works when I connect to staging_localadmin, but does NOT when I
> connect to staging_domain.
>
> When connecting to staging_domain, I get:
>
> plaintext: the specified credentials were rejected by the server
>
> I'm running this from tower, so the {{ ansible_user }} and {{
> ansible_password }} I'm passing staging_domain should be the machine
> credentials. I verified this with some debug statements.
>
>
> On Friday, February 28, 2020 at 4:48:20 PM UTC-8, Jordan Borean wrote:
>>
>> What you have there is one way but by default WinRM only allows local
>> administrators to connect to the host so you need to make sure you either
>> the domain user is also a local admin or adjust the WinRM security to allow
>> non-admins to connect.
>>
>> Another option is to define the host twice in your inventory like so
>>
>> [windows]
>> serverA_local ansible_host=serverA.internal.domain
>> ansible_user=administrator
>> ansible_password=pass
>> serverA_domain ansible_host=serverA.internal.domain
>> ansible_user=DOMAIN\user
>> ansible_password=pass
>>
>> [windows:vars]
>> ansible_connection=winrm
>> ansible_port=5985
>>
>> In your play you would set hosts: serverA_local for the local inventory
>> entry and hosts: serverA_domain for the domain inventory.
>>
>> Thanks
>>
>> Jordan
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/5d2a7197-2530-4031-a5dc-0f13194fed4b%40googlegroups.com.
