On 5/20/20 12:23 PM, Jerome Meyer wrote:
> Thanks for your reply and tips.
> So, has requested I've checked out the stdout message:
>
> I've received only message when the domain already joined, like:
>
> |
> ok:[localhost]=>{
> "ad_join_status.stdout_lines":[
> " 3 server_name@domain",
> " 3 server_name@domain",
> " 3 server_name@domain",
> " 3 host/server_name@domain",
> " 3 host/server_name@domain",
> [...]
> |
>
> Otherwise, the klist cannot start because it doesn't found the file :
> /etc/krb5.keytab :
> |
> # /usr/bin/klist -k|grep -i server_name
> klist:Keytable file '/etc/krb5.keytab'notfound whilestarting keytab
> |
>
> And in this case nothing appears in stdout:
> |
> ok:[localhost]=>
>
> ad_join_status.stdout:''
> |
>
>
> That's means, I should use an another test for checking domain joining... :(
Right, so far this isn't really Ansible related. Determine a command which
reliably tells you
whether the domain is already joined *before* you are trying to automate it.
Regards
Racke
>
>
> On Tuesday, May 19, 2020 at 4:23:27 PM UTC+2, Jerome Meyer wrote:
>
> Hi Teams,
>
> I'm looking for to do a test before to execute a task. I need to checkup
> if my computer has already joined the domain
> before to join it. otherwise, the adcli will failed.
> When computer isn't in domain, the klist will return a "not found"
> message and at this time the "join active
> directory" must be running...
> Something goes wrong because this task will not be runned.
> Here're the portion of task:
>
> |
> [...]
> -name:checking ifdomain already joined
> shell:/bin/bash -c "/usr/bin/klist -k|grep -i {{ ansible_hostname }}"
> register:ad_join_status
> ignore_errors:true
>
> -name:join active directory
> shell:/bin/bash -c "/usr/sbin/realm join --one-time-password={{
> ad_server_onetime }} {{ ad_server_domain }}"
> register:ad_active
> args:
> executable:/usr/bin/bash
> when:ad_join_status =="not found"
> [...]
> |
>
>
> Do you have any Idea?
> Is my test ok or should be another one?
> Thanks and best regards, J.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2b03d0ae-482f-46e8-a7e7-afb7286f1adc%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/2b03d0ae-482f-46e8-a7e7-afb7286f1adc%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e93b20a3-392f-2839-adf1-a7ab3154a39d%40linuxia.de.
signature.asc
Description: OpenPGP digital signature
