[ansible-project] Issue running get-aduser in powershell from playbook

Mon, 01 May 2023 18:27:39 -0700 

Hi, 

I'm currently testing using AWX as an API to run PowerShell commands via 
ansible playbooks. 

I'm currently testing using the Get-AD user command as this is close to 
what I'll be doing. 

I'm using the following Ansible playbook  

- name: Test Extra Variables and PowerShell Command
  hosts: all
  collections:
  tasks:
    - name: Show Extra Variables
      debug:
        msg:
          - "NewUserName: {{ NewUserName }}"
          - "UserManager: {{ UserManager }}"

    - name: Run PowerShell Command with SYSTEM account
      ansible.windows.win_shell: |
        whoami
        Test-NetConnection server.Domain.local -port 9389
        Get-ADDomainController -ForceDiscover -Discover -Service ADWS 
-NextClosestSite
        Get-ADUser -Identity {{ NewUserName }}        
      register: result

    - name: Show PowerShell Command Result
      debug:
        var: result.stdout_lines

 but get-ADUser errors with : 

Get-ADUser : Unable to contact the server. This may be because this server 
does not exist, it is currently down, or it 
does not have the Active Directory Web Services running.
At line:4 char:1
+ Get-ADUser -Identity bbuilder
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (bbuilder:ADUser) 
[Get-ADUser], ADServerDownException
    + FullyQualifiedErrorId : 
ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.GetADUser

but I don't have any issues running Get-ADUser under my account or the 
service account used for the playbook on the same server. 

the following in the playbook work as expected: 
        Test-NetConnection server.Domain.local -port 9389
        Get-ADDomainController -ForceDiscover -Discover -Service ADWS 
-NextClosestSite

 It feels like there is something missing PowerShell environment used by 
Ansible, but I cant see what could cause this.

Please advise.

thank you
G




-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/92897990-93a0-4186-8484-7d20e83faaa4n%40googlegroups.com.

Reply via email to