On 5/20/20 12:23 PM, Jerome Meyer wrote:
> Thanks for your reply and tips.
> So, has requested I've checked out the stdout message:
>
> I've received only message when the domain already joined, like:
>
> |
> ok:[localhost]=>{
> "ad_join_status.stdout_lines":[
> " 3 server_name@domain",
> " 3 server_name@domain",
> " 3 server_name@domain",
> " 3 host/server_name@domain",
> " 3 host/server_name@domain",
> [...]
> |
>
> Otherwise, the klist cannot start because it doesn't found the file :
> /etc/krb5.keytab :
> |
> # /usr/bin/klist -k|grep -i server_name
> klist:Keytable file '/etc/krb5.keytab'notfound whilestarting keytab
> |
>
> And in this case nothing appears in stdout:
> |
> ok:[localhost]=>
>
> ad_join_status.stdout:''
> |
>
>
> That's means, I should use an another test for checking domain joining... :(
Right, so far this isn't really Ansible related. Determine a command which
reliably tells you
whether the domain is already joined *before* you are trying to automate it.
Regards
Racke
>
>
> On Tuesday, May 19, 2020 at 4:23:27 PM UTC+2, Jerome Meyer wrote:
>
> Hi Teams,
>
> I'm looking for to do a test before to execute a task. I need to checkup
> if my computer has already joined the domain
> before to join it. otherwise, the adcli will failed.
> When computer isn't in domain, the klist will return a "not found"
> message and at this time the "join active
> directory" must be running...
> Something goes wrong because this task will not be runned.
> Here're the portion of task:
>
> |
> [...]
> -name:checking ifdomain already joined
> shell:/bin/bash -c "/usr/bin/klist -k|grep -i {{ ansible_hostname }}"
> register:ad_join_status
> ignore_errors:true
>
> -name:join active directory
> shell:/bin/bash -c "/usr/sbin/realm join --one-time-password={{
> ad_server_onetime }} {{ ad_server_domain }}"
> register:ad_active
> args:
> executable:/usr/bin/bash
> when:ad_join_status =="not found"
> [...]
> |
>
>
> Do you have any Idea?
> Is my test ok or should be another one?
> Thanks and best regards, J.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> ansible-project+unsubscr...@googlegroups.com
> <mailto:ansible-project+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2b03d0ae-482f-46e8-a7e7-afb7286f1adc%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/2b03d0ae-482f-46e8-a7e7-afb7286f1adc%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e93b20a3-392f-2839-adf1-a7ab3154a39d%40linuxia.de.
signature.asc
Description: OpenPGP digital signature
