[ansible-project] Re: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password)
Hi Amadin,
Follow below steps to to ping hosts:
Create ssh connection with host
And ping to the host using below command:
#ansible -i -m ping
and then run playbook on that host.
Or
You can avoid this by providing ansible_password (The password to use to
authenticate to the host) in inventory
Hope this will work.
Regards,
Nivedita
On Tuesday, January 7, 2020 at 8:46:50 AM UTC+5:30, Amadin Jones wrote:
>
> Dear Colleagues,
>
> I have been working of ansible with my ping command working well with pong
> response but whenever i want to deploy playbooks it will fail with this
> command atal: [172.31.85.22]: UNREACHABLE! => {"changed": false, "msg":
> "Failed to connect to the host via ssh: Permission denied
> (publickey,gssapi-keyex,gssapi-with-mic,password).", "unreachable": true}
> even when i do password authentication to yes and host check to false it
> will still not connect . please colleagues help me
>
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/c8c24a43-3309-46a2-8cb4-8651a5bde00e%40googlegroups.com.
[ansible-project] Foreman inventory source plugin and dynamic groups
This says: https://docs.ansible.com/ansible/latest/plugins/inventory.html
"create dynamic groups using host variables with the constructed
keyed_groups option. The option groups can also be used to create groups
and compose creates and modifies host variables.
Here is an aws_ec2 example utilizing constructed features:".
me thinks however that this does not work with the Foreman inventory plugin.
Here we have the "script" version of dynamic inventory from Foreman (versus
the plugin):
https://github.com/ansible/ansible/blob/devel/contrib/inventory/foreman.ini
And it its .ini file comments we have the following which I have never been
able to wrap my head around :(
Knowing that my Foreman setup is simple, one big host group, and hosts in
Foreman can't be in multiple host groups, how can I, is it possible, to
create dynamic Ansible groups on the fly based on Foreman host var's ?
# Furthermore Ansible groups can be created on the fly using the
# *group_patterns* variable in *foreman.ini* so that you can build up
# hierarchies using parameters on the hostgroup and host variables.
#
# Lets assume you have a host that is built using this nested hostgroup:
#
# myapp / webtier / datacenter1
#
# and each of the hostgroups defines a parameters respectively:
#
# myapp: app_param = myapp
# webtier: tier_param = webtier
# datacenter1: dc_param = datacenter1
#
# The host is also in a subnet called "mysubnet" and provisioned via an
image
# then *group_patterns* like:
#
# [ansible]
# group_patterns = ["{app_param}-{tier_param}-{dc_param}",
# "{app_param}-{tier_param}",
# "{app_param}",
# "{subnet_name}-{provision_method}"]
#
# would put the host into the additional Ansible groups:
#
# - myapp-webtier-datacenter1
# - myapp-webtier
# - myapp
# - mysubnet-image
#
# by recursively resolving the hostgroups, getting the parameter keys
# and values and doing a Python *string.format()* like replacement on
# it.
#
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/12771125-224b-4b4a-9024-74949aaee8ce%40googlegroups.com.
[ansible-project] Re: How can I connect to Windows Server using WinRM without password(like linux ssh authentication)?
WinRM HTTPS Listener The ConfigWinRMListenerPlugin configures a WinRM HTTPS listener with a self signed certificate generated on the spot and enables (optionally) basic authentication, which means that a secure communication channel can be established between any client and the server being provisioned, without the requirement of having both the client and the server in the same domain. A firewall rule is added by cloudbase-init in the Windows firewall for TCP port 5986. A this point you can login into your server. To begin with, don’t forget to add a rule to your security groups in OpenStack! 1 nova secgroup-add-rule default tcp 5986 5986 0.0.0.0/0 Get the admin password for the instance: 1 nova get-password yourinstance ~/.ssh/your_ssh_rsa_key On your client connect to your instance as shown in the following PowerShell snippet: 1 2 3 4 5 6 $ComputerName = "yourserveraddress" # Provide your username and password (by default "Admin" and the password you just obtained) $c = Get-Credential $opt = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck $session = New-PSSession -ComputerName $ComputerName -UseSSL -SessionOption $opt -Authentication Basic -Credential $c Enter-PSSession $session On Thursday, January 16, 2020 at 9:21:33 AM UTC+5:30, Jiwoong Lee wrote: > > Hi, all. > > Now I can connect to Linux server without password, It just using SSH key. > > And I need to connect Windows Server using WinRM but it need to Windows > account and password. > > How can I connect to Windows Server without password? > > Please let me know any methods. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2962a383-92a2-4b85-b80f-da757b99e945%40googlegroups.com.
[ansible-project] How can I connect to Windows Server using WinRM without password(like linux ssh authentication)?
Hi, all. Now I can connect to Linux server without password, It just using SSH key. And I need to connect Windows Server using WinRM but it need to Windows account and password. How can I connect to Windows Server without password? Please let me know any methods. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c4dc3567-5d24-4a2e-999d-0e25597a955c%40googlegroups.com.
[ansible-project] unable to install vim plugin via shell module
I want to install vim plugins with ansible shell module the task is quite simple as follow - name: install vim vundle plugin > shell: "vim +PluginInstall +qall" > but the playbook will hang at this task like forever. even with -vv or -vvv , there`s no more detail log , it just hangs ! any suggestions ?? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d38c01c1-ba10-435c-96e3-d9a3e4278a73%40googlegroups.com.
[ansible-project] New Ansible releases 2.9.3, 2.8.8, and 2.7.16
Hi all- we're happy to announce that the general release of Ansible 2.9.3, 2.8.8, and 2.7.16 are now available! How do you get it? -- $ pip install ansible==2.9.3 --user or $ pip install ansible==2.8.8 --user or $ pip install ansible==2.7.16 --user The tar.gz of the releases can be found here: * 2.9.3 https://releases.ansible.com/ansible/ansible-2.9.3.tar.gz SHA256: 36f501a17fb15d210722b649d53582acf47835ea0bbda7eab79e13c945e4eac2 * 2.8.8 https://releases.ansible.com/ansible/ansible-2.8.8.tar.gz SHA256: c364ff5807cb88af29b161a3a1d88ff737f10b930a24be66d88769ee204f4536 * 2.7.16 https://releases.ansible.com/ansible/ansible-2.7.16.tar.gz SHA256: bb4a95a3e1a0f9e1aabd8cf628de68f5218fba3057b970b6b3c41cc53ab06268 What's new in 2.9.3, 2.8.8, and 2.7.16 -- These releases are maintenance releases containing security fixes for CVE-2019-14904 (solaris_zone module) and CVE-2019-14905 (nxos_file_copy module), as well as various bugfixes. The full changelogs are at: * 2.9.3 https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst * 2.8.8 https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst * 2.7.16 https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7.rst What's the schedule for future maintenance releases? Future maintenance releases in the 2.9 series will occur approximately every 3 weeks. So expect the next one around 2020-02-06. The 2.8 series is only accepting critical bugfixes, and the 2.7 series is only accepting critical security bugfixes, so releases will occur only as necessary. Porting Help We've published a porting guide at https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.9.html to help migrate your content to 2.9. If you discover any errors or if any of your working playbooks break when you upgrade to 2.9.3, please use the following link to report the regression: https://github.com/ansible/ansible/issues/new/choose In your issue, be sure to mention the Ansible version that works and the one that doesn't. Thanks! -Matt Davis -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1c897836-22f7-41c4-8daf-c1dbc17bdafd%40googlegroups.com.
[ansible-project] Re: Windows mapped drives – what the hell is going on?
Unfortunately I cannot explain this at all, a couple of final question/clarifications - When you map it manually with net use, can you log off and back on and the drive still remains connected and visible in Windows Explorer? - The output for 'net use' on a limited process is showing that the Z map is configured but is unavailable, does the drive show up in Windows Explorer, maybe with a red X - If yes to the above, what happens when you try and open it up or just navigate to Z - Can you use Ansible to map a shared path on any other server - In your limited/admin processes you ran the tests on, are they the same account or is your admin account a completely separate account The only extra thing you can do is enable file share audit logs on the UNC target and attempt to audit why the connections are failing. I don't know of any way to audit the LANMan Redirector locally to see why it failed to map the drive when you log in after Ansible is run. Thanks Jordan -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20f83465-7990-4437-8c4e-61065451c490%40googlegroups.com.
Re: [ansible-project] Gathering Facts hangs when using become
Thank you for the print idea. I was able to trace it to the following commands: /usr/bin/facter --puppet –json Looks like the version of facter doesn't like the --puppet option. WIll probably have to look into uprading it. Thanks again. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/db98376e-9a93-48c6-8c9c-e5f9de7b1e9d%40googlegroups.com.
Re: [ansible-project] Re: Does current Ansible support templates macro?
On Wed, 15 Jan 2020 11:57:49 -0800 (PST)
Xinhuan Zheng wrote:
> I tested the solution, it doesn't work. item.1 becomes:
> {u'id_provider': u'local', u'auth_provider': u'local', u'enumerate': True}
> So I get error there is no keys on {{ item.1.keys().0 }}
Both versions works for me. Double-check the code. The playbook
- hosts: localhost
vars:
sssd_config:
sssd:
debug_level: 1
nss:
reconnection_retries: 3
pam:
debug_level: 5
tasks:
- template:
src: template.j2
dest: config.ini
with the template
% for item in sssd_config.items() %}
[{{ item.0 }}]
{{ item.1.keys().0 }}={{ item.1.values().0 }}
{% endfor %}
# --
{% for item in sssd_config.items() %}
[{{ item.0 }}]
{% for iitem in item.1.items() %}
{{ iitem.0 }}={{ iitem.1 }}
{% endfor %}
{% endfor %}
gives
[nss]
reconnection_retries=3
[pam]
debug_level=5
[sssd]
debug_level=1
# --
[nss]
reconnection_retries=3
[pam]
debug_level=5
[sssd]
debug_level=1
--
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200115214530.69ad45fa%40gmail.com.
pgpcXl283B1n3.pgp
Description: OpenPGP digital signature
[ansible-project] loop and pass variables from vars_files to task command
Hi Folks,
I'm trying to loop over a list of production vlan's using a vars_file named
exos_vlans.yml.
The playbook runs fine on the first vlan but doesn't attempt to create the
2nd vlan. It just starts the next task and finishes up w/out any errors.
My file includes 3 variables (vlan_name, vlan_id, vlan_subnet).
Here's my playbook, any suggestions would be appreciated.
---
- hosts: 172.16.1.1
connection: local
tags: conf_vlan
vars_files:
- group_vars/exos_reqs.yml
- vault/exos_admin.yml
- group_vars/exos_vlans.yml # My list of VLAN/IP/VID
tasks:
- name: Create production VLAN's
exos_config:
lines:
- create vlan "{{ vlan_name }}" tag "{{ vlan_id }}"
- name: Configure VLAN IP
exos_config:
lines:
- configure vlan "{{ vlan_name }}" ipaddress "{{ vlan_subnet }}"
- enable ipforwarding vlan "{{ vlan_name }}"
- name: Show VLAN
exos_command:
commands: show vlan
register: show_vlan
- debug: var=show_vlan.stdout_lines
- name: save running to startup when modified
exos_config:
save_when: modified
My vars_file
--- - vlan_name: Test1 vlan_id: 10 vlan_subnet: 10.3.10.2/24 - vlan_name:
Test2 vlan_id: 20 vlan_subnet: 10.3.20.2/24
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/bc9b2e4d-1027-4e5d-9acc-395c2b4e0f89%40googlegroups.com.
Re: [ansible-project] Re: Does current Ansible support templates macro?
Got this error:
"AnsibleUndefinedVariable: 'list object' has no attribute 'items' for
item.1.items()
- Xinhuan
On Wednesday, January 15, 2020 at 1:56:58 PM UTC-5, Vladimir Botka wrote:
>
> On Wed, 15 Jan 2020 19:47:23 +0100
> Vladimir Botka > wrote:
>
> > Fit the template to your needs. For example the template
> >
> > {% for item in sssd_config.items() %}
> > [{{ item.0 }}]
> > {{ item.1.keys().0 }}={{ item.1.values().0 }}
> > {% endfor %}
> >
> > gives
> >
> > [nss]
> > reconnection_retries=3
> > [pam]
> > debug_level=5
> > [sssd]
> > debug_level=1
>
> There might be more items in the configuration sections. The template
> below gives the same result and would include other parameters if present
>
> {% for item in sssd_config.items() %}
> [{{ item.0 }}]
> {% for iitem in item.1.items() %}
> {{ iitem.0 }}={{ iitem.1 }}
> {% endfor %}
> {% endfor %}
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/adc7d7b9-8e64-4b26-967a-2e74a3f03bd2%40googlegroups.com.
[ansible-project] Pass variables to template file from Ansible.
Hi,
I'm using Ansible 2.9 and I'm using roles as well. I have the following
variable defined in my "role-directory"/var/main.yml file:
routers:
bbrs:
- BBR-ROUTER01
- BBR-ROUTER02
bprs:
- BPR-ROUTER01
- BPR-ROUTER02
BBRS and BPRS are a specific type of hardware type. So depending on the
hardware type a unique configuration file needs to be created for the
routers associated with a specific hardware type.
For example, BBR-ROUTERs will need to have a configuration file assigned
that is different than BPR-ROUTERs.
If I manually create the source template file for each router type and then
call that template file to generate the config it works as expected. But I
want to be able to have Ansible generate the source template files
automatically based on the hardware types that are configured in the
main.yml file. Then I would use those dynamically created source template
files to create the appropriate config for each router belonging to a
specific hardware type.
This is what I have in my create template file task:
- name: Create Template Files
template:
src: "bb-build-templates.j2" -> *I WANT TO PASS A VARIABLE TO
THE SOURCE TEMPLATE FILE SO THAT IT CAN TAKE PROPER ACTION*
dest: "{{ templates_dir }}/testing-{{ role_name }}-{{ item.key
}}-test_conf.j2"
loop: "{{ routers|dict2items }}"
tags:
- create_templates
Thanks,
Mo
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/67e24eec-dbb3-45b5-8937-b223644f1371%40googlegroups.com.
Re: [ansible-project] Re: Does current Ansible support templates macro?
I tested the solution, it doesn't work. item.1 becomes:
{u'id_provider': u'local', u'auth_provider': u'local', u'enumerate': True}
So I get error there is no keys on {{ item.1.keys().0 }}
- Xinhuan
On Wednesday, January 15, 2020 at 1:47:42 PM UTC-5, Vladimir Botka wrote:
>
> On Wed, 15 Jan 2020 10:40:53 -0800 (PST)
> Xinhuan Zheng > wrote:
>
> > Tried what you said. Here is what {{ item }} look like:
> >
> > [(u'sssd', {u'debug_level': 5, u'reconnection_retries': 3,
> > u'config_file_version': 2, u'sbus_timeout': 30})]
> > [(u'services', [u'nss', u'pam', u'ssh'])]
> >
> > What should I do next?
>
> Fit the template to your needs. For example the template
>
> {% for item in sssd_config.items() %}
> [{{ item.0 }}]
> {{ item.1.keys().0 }}={{ item.1.values().0 }}
> {% endfor %}
>
> gives
>
> [nss]
> reconnection_retries=3
> [pam]
> debug_level=5
> [sssd]
> debug_level=1
>
> HTH,
>
> -vlado
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e5bb467d-0c5c-440e-adfc-41dbcbef9e6f%40googlegroups.com.
Re: [ansible-project] Re: Does current Ansible support templates macro?
On Wed, 15 Jan 2020 19:47:23 +0100
Vladimir Botka wrote:
> Fit the template to your needs. For example the template
>
> {% for item in sssd_config.items() %}
> [{{ item.0 }}]
> {{ item.1.keys().0 }}={{ item.1.values().0 }}
> {% endfor %}
>
> gives
>
> [nss]
> reconnection_retries=3
> [pam]
> debug_level=5
> [sssd]
> debug_level=1
There might be more items in the configuration sections. The template
below gives the same result and would include other parameters if present
{% for item in sssd_config.items() %}
[{{ item.0 }}]
{% for iitem in item.1.items() %}
{{ iitem.0 }}={{ iitem.1 }}
{% endfor %}
{% endfor %}
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200115195642.0c84d845%40gmail.com.
pgpn1hDVCVexx.pgp
Description: OpenPGP digital signature
Re: [ansible-project] Re: Does current Ansible support templates macro?
On Wed, 15 Jan 2020 10:40:53 -0800 (PST)
Xinhuan Zheng wrote:
> Tried what you said. Here is what {{ item }} look like:
>
> [(u'sssd', {u'debug_level': 5, u'reconnection_retries': 3,
> u'config_file_version': 2, u'sbus_timeout': 30})]
> [(u'services', [u'nss', u'pam', u'ssh'])]
>
> What should I do next?
Fit the template to your needs. For example the template
{% for item in sssd_config.items() %}
[{{ item.0 }}]
{{ item.1.keys().0 }}={{ item.1.values().0 }}
{% endfor %}
gives
[nss]
reconnection_retries=3
[pam]
debug_level=5
[sssd]
debug_level=1
HTH,
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200115194723.3d5744c0%40gmail.com.
pgp3WDQTXEHMh.pgp
Description: OpenPGP digital signature
[ansible-project] Re: Does current Ansible support templates macro?
Tried what you said. Here is what {{ item }} look like:
[(u'sssd', {u'debug_level': 5, u'reconnection_retries': 3,
u'config_file_version': 2, u'sbus_timeout': 30})]
[(u'services', [u'nss', u'pam', u'ssh'])]
...
What should I do next?
Thanks again,
- Xinhuan
On Tuesday, January 14, 2020 at 4:27:45 PM UTC-5, Xinhuan Zheng wrote:
>
> Hello,
>
> I'm working on a role for system SSSD daemon. I found this piece of code
> online:
>
> https://github.com/picotrading/ansible-sssd/blob/master/templates/sssd.conf.j2
>
> I have defined my own sssd_config variable in my role's defaults
> directory, so I'd like to use that piece of code. That code is neat.
> However, I don't understand what it is doing in line:
> {% from "templates/encoder/macros/ini_encode_macro.j2" import ini_encode
> with context -%}
>
> Also does current Ansible support templates macro like above?
>
> If it doesn't, then sssd_config variable is a large dictionary map, with
> INI-style different sections. What really needs to happen is based on that
> variable, change it to use = symbol as delimiter for each INI section. For
> example:
>
> sssd_config:
> sssd:
> debug_level: 1
> config_file_version: 2
> ...
>
> Then the produced sssd.conf file would look like below:
>
> [sssd]
> debug_level=1
> config_file_version=2
>
> Thank you,
>
> Xinhuan Zheng
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/58c3be45-1e40-4c86-8421-ebfc5112d88d%40googlegroups.com.
Re: [ansible-project] Does current Ansible support templates macro?
On Wed, 15 Jan 2020 09:45:41 -0800 (PST)
Xinhuan Zheng wrote:
> *I still cannot figure out how to loop through my variable:*
>
> *sssd_config:*
> * sssd:*
> *debug_level: 1*
> * nss:*
> *reconnection_retries: 3*
> * pam:*
> * debug_level: 5*
>
> Here is my template code:
>
> {% for item in sssd_config %}
> [{{ item }}]
Variable 'sssd_config' is dictionary. It's not possible to iterate
dictionary. Try for example
{% for item in sssd_config.items() %}
{{ item }}
{% endfor %}
see the 'items' in the created file and fit the template to your needs.
HTH,
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200115193544.3e66a74b%40gmail.com.
pgp2JoGdePfu8.pgp
Description: OpenPGP digital signature
Re: [ansible-project] register results in a text file after retrieving it on a device with (gather_facts)
instead of the 2 debug statements use a `template` action https://docs.ansible.com/ansible/latest/modules/template_module.html if you delegate_to: localhost it will write the file on the controller. -- -- Brian Coca -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7dzV9ZWkCXtFUpki8v-WnS2y%3D-YdnQO68QOyiTvp%2BfatA%40mail.gmail.com.
Re: [ansible-project] Does current Ansible support templates macro?
*I still cannot figure out how to loop through my variable:*
*sssd_config:*
* sssd:*
*debug_level: 1*
* nss:*
*reconnection_retries: 3*
* pam:*
* debug_level: 5*
Here is my template code:
{% for item in sssd_config %}
[{{ item }}]
{% set list = sssd_config[item] %}
{% for i in list %}
{{ i }} =
{% endfor %}
{% endfor %}
I cannot figure out what to put after {{ i }}. Please HELP!
Thank you,
- Xinhuan Zheng
On Tuesday, January 14, 2020 at 5:42:22 PM UTC-5, Vladimir Botka wrote:
>
> On Tue, 14 Jan 2020 13:27:45 -0800 (PST)
> Xinhuan Zheng > wrote:
>
> > ... However, I don't understand what it is doing in line:
> > {% from "templates/encoder/macros/ini_encode_macro.j2" import ini_encode
> > with context -%}
>
> This link to the Jinja doc will help you
> https://jinja.palletsprojects.com/en/2.10.x/templates/#import
>
> -vlado
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f83716c1-d475-4034-8b54-95c578503d0b%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Wed, 15 Jan 2020 05:36:23 -0800 (PST)
Yehuda Pinhas wrote:
> fatal: [R-TEST-SNIF]: UNREACHABLE! => {"changed": false, "msg": "Failed to
> connect to the host via ssh: Warning: Permanently added
> 'r-test-snif,10.70.54.102' (RSA) to the list of known hosts.\r\nPermission
> denied (publickey,keyboard-interactive,password).", "unreachable": true}
It's SSH problem now. Find out why 'password' permission was denied.
See "Network Debug and Troubleshooting Guide"
https://docs.ansible.com/ansible/latest/network/user_guide/network_debug_troubleshooting.html#network-debug-and-troubleshooting-guide
and "Enabling Networking device interaction logging" in particular
https://docs.ansible.com/ansible/latest/network/user_guide/network_debug_troubleshooting.html#enabling-networking-device-interaction-logging
HTH,
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200115172311.59d7feb8%40gmail.com.
pgprAhq9AWVVL.pgp
Description: OpenPGP digital signature
Re: [ansible-project] Re: curl and Ansible AWX
Awesome! My apologies, I was not aware of the AWX group.
Thank you and I'll try there,
On Wed, Jan 15, 2020 at 9:47 AM Matt Martz wrote:
> You may want to try the AWX mailing list instead:
> https://groups.google.com/forum/#!forum/awx-project
>
> Typically speaking, this list is solely for the purpose of discussing
> ansible proper.
>
> On Wed, Jan 15, 2020 at 9:45 AM Douglas Thompson <
> douglas.thomp...@peripatetics.net> wrote:
>
>> Anyone have any ideas? I have 'prompt at launch' setup on the AWX job
>> template.
>>
>> On Wednesday, January 8, 2020 at 2:32:55 PM UTC-6, Douglas Thompson wrote:
>>>
>>> anyone know why this curl command passes the host_config_key but not the
>>> extra_vars?
>>>
>>> curl -f -k -H 'Content-Type: application/json' -XPOST -d
>>> '{"host_config_key": "--", "extra_vars":
>>> "{\"ansible_variable\": \"some_value\"}"}'
>>> https://awxserver.somedomain.com:443/api/v2/job_templates/00/callback/
>>>
>>>
>>>
>>>
>>> Thanks,
>>> --
>>> Douglas Thompson
>>> ---
>>> Is life so dear or peace so sweet as to be purchased at the price of
>>> chains and slavery? - Patrick Henry
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/6b5e795e-b43e-431d-8b3b-262903a0e3c8%40googlegroups.com
>>
>> .
>>
>
>
> --
> Matt Martz
> @sivel
> sivel.net
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAD8N0v9MbtmEcnEgf6f8vqXTajRZ%3DVsqYRnhsN_vUS%3DxoS94Xg%40mail.gmail.com
>
> .
>
--
Douglas Thompson
---
Is life so dear or peace so sweet as to be purchased at the price of chains
and slavery? - Patrick Henry
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAPR%3DG0mnBhzZB8-Gf15tvmLsTGW45P9J77pWMxvASd-Vx%3DATLA%40mail.gmail.com.
Re: [ansible-project] Re: curl and Ansible AWX
You may want to try the AWX mailing list instead:
https://groups.google.com/forum/#!forum/awx-project
Typically speaking, this list is solely for the purpose of discussing
ansible proper.
On Wed, Jan 15, 2020 at 9:45 AM Douglas Thompson <
douglas.thomp...@peripatetics.net> wrote:
> Anyone have any ideas? I have 'prompt at launch' setup on the AWX job
> template.
>
> On Wednesday, January 8, 2020 at 2:32:55 PM UTC-6, Douglas Thompson wrote:
>>
>> anyone know why this curl command passes the host_config_key but not the
>> extra_vars?
>>
>> curl -f -k -H 'Content-Type: application/json' -XPOST -d
>> '{"host_config_key": "--", "extra_vars":
>> "{\"ansible_variable\": \"some_value\"}"}'
>> https://awxserver.somedomain.com:443/api/v2/job_templates/00/callback/
>>
>>
>>
>>
>> Thanks,
>> --
>> Douglas Thompson
>> ---
>> Is life so dear or peace so sweet as to be purchased at the price of
>> chains and slavery? - Patrick Henry
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6b5e795e-b43e-431d-8b3b-262903a0e3c8%40googlegroups.com
>
> .
>
--
Matt Martz
@sivel
sivel.net
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9MbtmEcnEgf6f8vqXTajRZ%3DVsqYRnhsN_vUS%3DxoS94Xg%40mail.gmail.com.
[ansible-project] Re: curl and Ansible AWX
Anyone have any ideas? I have 'prompt at launch' setup on the AWX job
template.
On Wednesday, January 8, 2020 at 2:32:55 PM UTC-6, Douglas Thompson wrote:
>
> anyone know why this curl command passes the host_config_key but not the
> extra_vars?
>
> curl -f -k -H 'Content-Type: application/json' -XPOST -d
> '{"host_config_key": "--", "extra_vars":
> "{\"ansible_variable\": \"some_value\"}"}'
> https://awxserver.somedomain.com:443/api/v2/job_templates/00/callback/
>
>
>
>
> Thanks,
> --
> Douglas Thompson
> ---
> Is life so dear or peace so sweet as to be purchased at the price of
> chains and slavery? - Patrick Henry
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/6b5e795e-b43e-431d-8b3b-262903a0e3c8%40googlegroups.com.
Re: [ansible-project] Unable to print regex registered variable in Ansible
On 15.01.2020 06:34, Shifa Shaikh wrote:
I wish to search for all entries of string starting with "SSLFile" or
starting with "SSLFile" in a file(httpd.conf) and register it
to a variable and print all the matches found.
The string is found as evident from the output and the file is not modified
which is good; but I'm unable to print (debug) it. I get error as I try to
print. Below is my playbook:
- name: Find entries
lineinfile:
path: "/tmp/httpd.conf"
regexp: "\\sSSLFile.*"
state: absent
check_mode: yes
changed_when: false
register: filedet
- debug:
msg: "{{ filedet }}"
- debug:
msg: "{{ item.split()[1] }}"
with_items:
- "{{ filedet.stdout_lines }}"
Can you please suggest what is the correct way to print all the searched
matched strings without modifying the file ? I wish to use the the
registered variable to perform other actions later in the playbook.
Just use grep
- command: grep -P "^\s*SSLFILE" /tmp/httpd.conf
register: results
- debug: msg="{{ results.stdout }}"
- debug: msg="{{ item }}"
with_items: "{{ results.stdout_lines }}"
--
Kai Stian Olstad
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/35f8142c-79b6-9e73-4df6-cb07462af366%40olstad.com.
Re: [ansible-project] Gathering Facts hangs when using become
On 15.01.2020 00:53, Chris Thro wrote:
Thank you. I did the strace and it shows that it is just repeating the same
two lines over and over again.
select(7, [4 6], [], [4 6], {1, 0}) = 0 (Timeout)
wait4(29548, 0x7fff6a145c84, WNOHANG, NULL) = 0
When I checked the details of the select I get the following:
lsof -p 10984 -ad 4,6
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
python2.7 10984 root4r FIFO0,7 0t0 819132068 pipe
python2.7 10984 root6r FIFO0,7 0t0 819132069 pipe
What happens right before it goes into this loop is probably the interesting
part and can identifies what it trying to access.
If not you probably need to add print statements in the python code to
identifies where it hangs.
--
Kai Stian Olstad
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/9a405b8f-f362-1abc-ee27-b817b5905757%40olstad.com.
[ansible-project] Ansible create module mssql_querry
Hello,
I have create module mssql_query in my repertory library/mssql_query.py
for execut commande ligne on my database MSSQL
with this website :
https://github.com/melmorabity/ansible-mssql-query/blob/master/mssql_query.py
My task is :
- local_action:
module: mssql_query
login_host: my_name_host
login_user: my_user
port: 1433
login_password: my_password
query: SELECT * FROM dbo.my_table
db: my_database
autocommit: true
tds_version: 7.1
as_dict: false
delegate_to: localhost(or delegate_to: mydatabase)
but the error is :
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: TypeError: connect() got an unexpected keyword
argument 'port'
fatal: [my_name_host -> localhost]: FAILED! => {"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"\",
line 113, in \n File \"\", line 105, in _ansiballz_main\n
File \"\", line 48, in invoke_module\n File
\"/tmp/ansible_mssql_query_payload_hXTFhK/__main__.py\", line 155, in
\n File \"/tmp/ansible_mssql_query_payload_hXTFhK/__main__.py\",
line 143, in main\nTypeError: connect() got an unexpected keyword argument
'port'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr
for the exact error", "rc": 1}
Someone have any idea please ??!! :)
I need a expert ansible for my problem please !!
Best Regards,
Karther
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/2a09810c-a857-4e8c-a9fa-0e5f1bfa0a95%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
*Hi Vladimir,*
*with this code on the playbook:*
---
- name:
--- 1. Applying Layer 2 Configuration ---
hosts: Snif_TEST
connection: network_cli
tasks:
- include_vars:
dir: /etc/ansible/roles/new_vlan/vars/
- include_role:
name: new_vlan
tasks_from: show_vlan.yml
*And on the vars file:*
ansible_ssh_common_args:
-o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts
ansible_user: ansible
ansible_password: ansible
*This is the result:*
[ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml
PLAY [--- 1. Applying Layer 2 Configuration
---]
**
TASK [Gathering Facts]
fatal: [R-TEST-SNIF]: FAILED! => {"msg": "Unable to automatically determine
host network os. Please manually configure ansible_network_os value for
this host"}
*With this code on the playbook:*
---
- name:
--- 1. Applying Layer 2 Configuration ---
hosts: Snif_TEST
tasks:
- include_vars:
dir: /etc/ansible/roles/new_vlan/vars/
- include_role:
name: new_vlan
tasks_from: show_vlan.yml
*And on the vars file:*
ansible_ssh_common_args:
-o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts
ansible_connection: network_cli
ansible_network_os: ios
ansible_user: ansible
ansible_password: ansible
*This is the result:*
[ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml
PLAY [--- 1. Applying Layer 2 Configuration
---]
**
TASK [Gathering Facts]
fatal: [R-TEST-SNIF]: UNREACHABLE! => {"changed": false, "msg": "Failed to
connect to the host via ssh: Warning: Permanently added
'r-test-snif,10.70.54.102' (RSA) to the list of known hosts.\r\nPermission
denied (publickey,keyboard-interactive,password).", "unreachable": true}
PLAY RECAP
R-TEST-SNIF: ok=0changed=0unreachable=1
failed=0skipped=0rescued=0ignored=0
*Keep in mind that in anytime I have no problem with sshing to the machine.
example:*
[image: Capture.PNG]
*Also remember that I always can add the pubkey configuration to the router
and run ansible successfuly.*
*Have any idea what to do next?*
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/bb69793a-cf26-4db4-8e0d-20f58d00f087%40googlegroups.com.
[ansible-project] register results in a text file after retrieving it on a device with (gather_facts)
Hello all
my tesk consist to register the number of vlan available in the device (
cisco switch) in a texte file
1) I want to get just the value of vlan sotred in the item"vlan_id"
I hope someone can help me :)
This my script
---
- hosts:
- switch1
gather_facts: yes # on recupere les infomations acctuel sur le switch
mais fichier ne sera pas a jour ==> on recupere les facts avant de faire
les changements
vars:
ansible_connection: network_cli
ansible_network_os: ios
ansible_user : "cisco"
ansible_password : "cisco"
ansible_become: yes
ansible_become_method: enable
ansible_become_password: "cisco"
tasks:
- name: collect resources# on a plus besoin car on a deja tous
recuprer, j'ai deja les infomrmations dans la base de donnees
ios_facts:
gather_subset: all
gather_network_resources: vlans
- name: get all vlan configure on switch
debug:
msg:
# - "{{item.key}}"
- "{{item.value}}"
when : '"vlan_id" in item.key'
register: result
with_dict: "{{ansible_network_resources.vlans.item}}"
loop: "{{ansible_network_resources.vlans}}"
- name: write list of vlans
debug :
msg : "{{ result }}"
-
from this file who i gather all facts of the device and and i make
conditions
[image: Capture.PNG]
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/228cee1c-d57a-4b08-8c9a-69755e58e2c8%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Wed, 15 Jan 2020 03:56:14 -0800 (PST) Yehuda Pinhas wrote: > *Cisco IOS Software Version 15.4(1)T (I86BI_LINUX-ADVENTERPRISEK9-M)* Cisco IOS is supported platform https://access.redhat.com/articles/3168091 > - name: > hosts: Snif_TEST > connection: local The connection should be 'network_cli'. See "Ansible Network Examples" https://docs.ansible.com/ansible/latest/network/user_guide/network_best_practices_2.5.html#ansible-network-examples and "Privilege escalation" in particular https://docs.ansible.com/ansible/latest/network/user_guide/network_best_practices_2.5.html#privilege-escalation - name: hosts: Snif_TEST connection: network_cli HTH, -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200115140653.4f45aed5%40gmail.com. pgpjWpHsdePP6.pgp Description: OpenPGP digital signature
Re: [ansible-project] Unable to print regex registered variable in Ansible
Not undestanding exactly what you want to achieve...
For the syntax error you forgot a quote
So instead of this
target: "{{ input | regex_replace('\\sSSLFile.*, '\\1') }}"
You need this
target: "{{ input | regex_replace('\\sSSLFile.*' , '\\1') }}"
Regards,
Le 15 janvier 2020 08:59:32 GMT+01:00, Shifa Shaikh a
écrit :
>Reading the contents of the file is not the challenge. I used both
>sllurp
>as well as cat and I can see the file contents in the debug. The error
>occurs when I regex for the desired string.
>
>- name: Slurp certificate entries
> slurp:
>src: "{{ httpd_home }}/conf/httpd.conf"
> register: filecontent
>
>- name: Find certificate entries
> set_fact:
>input: "{{ filecontent['content'] | b64decode }}"
>
>- debug:
>msg: "{{ input }}"
>
>- name: Regex String
> set_fact:
>target: "{{ input | regex_replace('\\sSSLFile.*, '\\1') }}"
>
>
>The regex task fails where we are assigning the set_fact "target" with
>the
>below error:
>
>TASK [Regex String] ***
>>
>> *task path: /app/test.yml:908*The full traceback is:
>> Traceback (most recent call last):
>> File
>"/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py",
>> line 144, in run
>> res = self._execute()
>> File
>"/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py",
>> line 576, in _execute
>> self._task.post_validate(templar=templar)
>> File "/usr/lib/python2.7/site-packages/ansible/playbook/task.py",
>line
>> 268, in post_validate
>> super(Task, self).post_validate(templar)
>> File "/usr/lib/python2.7/site-packages/ansible/playbook/base.py",
>line
>> 384, in post_validate
>> value = templar.template(getattr(self, name))
>> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py",
>line
>> 584, in template
>> disable_lookups=disable_lookups,
>> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py",
>line
>> 539, in template
>> disable_lookups=disable_lookups,
>> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py",
>line
>> 773, in do_template
>> data = _escape_backslashes(data, myenv)
>> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py",
>line
>> 145, in _escape_backslashes
>> for token in jinja_env.lex(d2):
>> File "/usr/lib/python2.7/site-packages/jinja2/lexer.py", line 733, in
>
>> tokeniter
>> name, filename)
>> TemplateSyntaxError: unexpected char u'\\' at 51
>> line 1 fatal: [10.9.9.11]: FAILED! => {
>> "msg": "Unexpected failure during module execution.",
>> "stdout": ""
>> }
>
>
>On Wednesday, January 15, 2020 at 12:04:52 PM UTC+5:30, Jean-Yves
>LENHOF
>wrote:
>>
>> Hi,
>>
>> Perhaps you should better use slurp module to register the content of
>the
>> file and do some regexp to print what you want on it...
>>
>>
>>
>https://docs.ansible.com/ansible/latest/modules/slurp_module.html#slurp-module
>>
>> Regards,
>>
>>
>> Le 15/01/2020 à 06:34, Shifa Shaikh a écrit :
>>
>> I wish to search for all entries of string starting with "SSLFile" or
>
>> starting with "SSLFile" in a file(httpd.conf) and
>register
>> it to a variable and print all the matches found.
>>
>> The string is found as evident from the output and the file is not
>> modified which is good; but I'm unable to print (debug) it. I get
>error as
>> I try to print. Below is my playbook:
>>
>> - name: Find entries
>> lineinfile:
>> path: "/tmp/httpd.conf"
>> regexp: "\\sSSLFile.*"
>> state: absent
>> check_mode: yes
>> changed_when: false
>> register: filedet
>>
>> - debug:
>> msg: "{{ filedet }}"
>>
>> - debug:
>> msg: "{{ item.split()[1] }}"
>> with_items:
>> - "{{ filedet.stdout_lines }}"
>>
>> I get the below error when i run the playbook:
>>
>>
>> ok: [10.9.9.11] => {
>>> "backup": "",
>>> "changed": false,
>>> "diff": [
>>> {
>>> "after": "",
>>> "after_header": "/tmp/httpd.conf (content)",
>>> "before": "",
>>> "before_header": "/tmp/httpd.conf (content)"
>>> },
>>> {
>>> "after_header": "/tmp/httpd.conf (file attributes)",
>>> "before_header": "/tmp/httpd.conf (file attributes)"
>>> }
>>> ],
>>> "found": 1,
>>> "invocation": {
>>> "module_args": {
>>> "attributes": null,
>>> "backrefs": false,
>>> "backup": false,
>>> "content": null,
>>> "create": false,
>>> "delimiter": null,
>>> "directory_mode": null,
>>> "firstmatch": false,
>>> "follow": false,
>>> "force": null,
>>> "group": null,
>>> "insertafter": null,
>>> "insertbefore": null,
>>> "line": null,
>>> "mode": null,
>>> "owner": null,
>>> "path": "/tmp/httpd.conf",
>>> "regexp": "\\sSSLFile.*",
>>> "remote_src": null,
>>> "selevel": null,
>>> "serole": null,
>>> "setype": null,
>>> "seuser": null,
>>> "src": null,
>>> "state": "absent",
>>> "unsafe_writes": null,
>>> "validate": null
>>> }
>>> },
>>> "msg": "1 line(s) removed"
>>> } TASK [debug]
>>>
[ansible-project] Re: Windows mapped drives – what the hell is going on?
1) What is the full command you run to map the drive normally (outside of Ansible)? - net use z: \\bellagio.intra.vegas.net\how\the\hell\to\solve\this\issue /persistent:yes' 2) If you manually map it through the GUI are you connecting with explicit credentials? - I'm connecting using mRemote, RDP protocol with the same credentials as configured in Ansible: username:elvis ; domain:bellagio ; password:elvis123 3) a) after mapping via Ansible, nonAdministrator: PS C:\Users\elvis> cmdkey.exe /list Currently stored credentials: Target: MicrosoftAccount:target=SSO_POP_Device Type: Generic User: 02yahgcuuqfcntfq Saved for this logon only Target: WindowsLive:target=virtualapp/didlogical Type: Generic User: 02yahgcuuqfcntfq Local machine persistence b) after mapping via Ansible, Administrator: PS C:\Windows\system32> cmdkey.exe /list Currently stored credentials: Target: MicrosoftAccount:target=SSO_POP_Device Type: Generic User: 02yahgcuuqfcntfq Saved for this logon only Target: WindowsLive:target=virtualapp/didlogical Type: Generic User: 02yahgcuuqfcntfq Local machine persistence c) after manual map, nonAdministrator: PS C:\Users\elvis> cmdkey.exe /list Currently stored credentials: Target: MicrosoftAccount:target=SSO_POP_Device Type: Generic User: 02yahgcuuqfcntfq Saved for this logon only Target: WindowsLive:target=virtualapp/didlogical Type: Generic User: 02yahgcuuqfcntfq Local machine persistence On Wednesday, January 15, 2020 at 12:25:46 PM UTC+1, Jordan Borean wrote: > That is very curious, typically the opposite is the case where the > standard (limited) process is able to see the mapped drive but the admin > process is not. We can see that in both scenarios net use can see that > there is a valid configuration for the mapped drive but it is only > successfully connecting under the administrative process. We can also see > that the registry settings are exactly the same compared to when you map it > manually and when Ansible does it for you. > > This pretty much means there's some sort of credential/authentication > issue that occurs with your limited process compared to the admin process. > >- What is the full command you run to map the drive normally (outside >of Ansible). >- If you manually map it through the GUI are you connecting with >explicit credentials? >- When you map it manually and there is a mapped drive in the GUI, >what is the output for 'cmdkey.exe /list', is there an entry for ' >bellagio.intra.vegas.net'? > > If the answer to the last 2 (or even 1) is with an explicit credential you > will have to do the same thing with Ansible with the win_credential module. > Having a credential present for the server specified will mean that > credential is used for outbound authentication. > > Thanks > > Jordan > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/b171ef85-9aa6-4c98-b4df-71f8bd71b610%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
*Oh. of course.*
*The router is virtual image - IOL.*
*Cisco IOS Software Version 15.4(1)T (I86BI_LINUX-ADVENTERPRISEK9-M)*
*Full code is:*
*/etc/ansible/roles/new_vlan/new_vlan_playbook.yml:*
---
- name:
--- 1. Applying Layer 2 Configuration ---
hosts: Snif_TEST
connection: local
tasks:
- include_vars:
dir: /etc/ansible/roles/new_vlan/vars/
- include_role:
name: new_vlan
tasks_from: show_vlan.yml
*/etc/ansible/roles/new_vlan/tasks/show_vlan.yml*
---
- name: --- 1. Show VLAN --
ios_command:
commands:
- show ip int br
register: show_vlan
- debug: msg="{{ show_vlan.stdout_lines }}"
* /etc/ansible/roles/new_vlan/vars/new_vlan_vars.yml*
ansible_ssh_common_args:
-o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts
ansible_user: ansible
ansible_password: ansible
*/etc/ansible/inventory/POC_ENV.yml*
all:
children:
POC_ENV:
hosts:
TEST-NXOS2:
TEST-NXOS3:
Snif_TEST:
hosts:
R-TEST-SNIF:
*Ill mention again that when i add this configuration on the router ansible
works perfectly:*
ip ssh pubkey-chain
username ansible
key-string
ssh-rsa
B3NzaC1yc2EDAQABAAABAQDuKpCznL9Gb7L/jVypzsHxFcceKBL2Xg0Enjr5XnGtaAsycD+ToiXYANzn2J21z3IqxyVG7NELLkW03CCclBVMCkdbzD8sRaVuIZCjYdzD4KX7O8goBXnz0+sPO4FhccSBhMfAO/IphliQ0oFBM26OG8UsxZISI5/04GdObk6AwM7jDk6Fga1Wcmqpo0P2XfarXckbL0LxAYEaGr5JR6X4p
n+0x4C/DuOIIKQuvDyiaWTlD+ewRW6kMUUgo8AnVcHekZG+7GDzS4yVuAKZ73pl+Pe8EBa2eUP4FSE1ZXqnQvunKyGo7ifrZCcbikAnkB2is48Y67E3c21ZxhSkI36P
ansible@Netauto-Dev
*What do you think?*
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a7f6c8a5-e945-4fa0-a3e6-ce11934427ac%40googlegroups.com.
[ansible-project] Re: Windows mapped drives – what the hell is going on?
1) What is the full command you run to map the drive normally (outside of Ansible)? - net use z: \\burak2.intra.noklab.net\Global_veryfication\[4]_TP\Ansible /persistent:yes' 2) If you manually map it through the GUI are you connecting with explicit credentials? - I'm connection using mRemote, RDP protocol with the same credentials as configured in Ansible: username:elvis ; domain:bellagio ; password:elvis123 3) a) after mapping via Ansible, nonAdministrator: PS C:\Users\elvis> cmdkey.exe /list Currently stored credentials: Target: MicrosoftAccount:target=SSO_POP_Device Type: Generic User: 02yahgcuuqfcntfq Saved for this logon only Target: WindowsLive:target=virtualapp/didlogical Type: Generic User: 02yahgcuuqfcntfq Local machine persistence b) after mapping via Ansible, Administrator: PS C:\Windows\system32> cmdkey.exe /list Currently stored credentials: Target: MicrosoftAccount:target=SSO_POP_Device Type: Generic User: 02yahgcuuqfcntfq Saved for this logon only Target: WindowsLive:target=virtualapp/didlogical Type: Generic User: 02yahgcuuqfcntfq Local machine persistence c) after manual map, nonAdministrator: PS C:\Users\elvis> cmdkey.exe /list Currently stored credentials: Target: MicrosoftAccount:target=SSO_POP_Device Type: Generic User: 02yahgcuuqfcntfq Saved for this logon only Target: WindowsLive:target=virtualapp/didlogical Type: Generic User: 02yahgcuuqfcntfq Local machine persistence On Wednesday, January 15, 2020 at 12:25:46 PM UTC+1, Jordan Borean wrote: > > That is very curious, typically the opposite is the case where the > standard (limited) process is able to see the mapped drive but the admin > process is not. We can see that in both scenarios net use can see that > there is a valid configuration for the mapped drive but it is only > successfully connecting under the administrative process. We can also see > that the registry settings are exactly the same compared to when you map it > manually and when Ansible does it for you. > > This pretty much means there's some sort of credential/authentication > issue that occurs with your limited process compared to the admin process. > >- What is the full command you run to map the drive normally (outside >of Ansible). >- If you manually map it through the GUI are you connecting with >explicit credentials? >- When you map it manually and there is a mapped drive in the GUI, >what is the output for 'cmdkey.exe /list', is there an entry for ' >bellagio.intra.vegas.net'? > > If the answer to the last 2 (or even 1) is with an explicit credential you > will have to do the same thing with Ansible with the win_credential module. > Having a credential present for the server specified will mean that > credential is used for outbound authentication. > > Thanks > > Jordan > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f6964258-2d11-45c5-a7a6-0135071d0058%40googlegroups.com.
[ansible-project] Re: Windows mapped drives – what the hell is going on?
That is very curious, typically the opposite is the case where the standard (limited) process is able to see the mapped drive but the admin process is not. We can see that in both scenarios net use can see that there is a valid configuration for the mapped drive but it is only successfully connecting under the administrative process. We can also see that the registry settings are exactly the same compared to when you map it manually and when Ansible does it for you. This pretty much means there's some sort of credential/authentication issue that occurs with your limited process compared to the admin process. - What is the full command you run to map the drive normally (outside of Ansible). - If you manually map it through the GUI are you connecting with explicit credentials? - When you map it manually and there is a mapped drive in the GUI, what is the output for 'cmdkey.exe /list', is there an entry for 'bellagio.intra.vegas.net'? If the answer to the last 2 (or even 1) is with an explicit credential you will have to do the same thing with Ansible with the win_credential module. Having a credential present for the server specified will mean that credential is used for outbound authentication. Thanks Jordan -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2b8190d5-bf2f-43dd-806a-010cb89c2574%40googlegroups.com.
Re: [ansible-project] Unable to print regex registered variable in Ansible
On Wed, 15 Jan 2020 at 06:35, Shifa Shaikh wrote: > > I wish to search for all entries of string starting with "SSLFile" or > starting with "SSLFile" in a file(httpd.conf) and register it to > a variable and print all the matches found. It's not entirely clear what you mean by this. Can you post an example httpd.conf, and what you want to get out of it? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwOBLGAbfgGRNVX%2B10vpOrRnv3f6RA%2BWPZGKRSiC03gjew%40mail.gmail.com.
Re: [ansible-project] Ansible passwordless login not working
On Wed, 15 Jan 2020 01:26:07 -0800 (PST) Yehuda Pinhas wrote: > The device is a router Sure it is. Could you disclose the brand and type? > 1. If im sshing normaly with ansible:ansible credentials it works > 2. If im installing ssh keypair (publickey on the router) the ansible is > working. It's seems that the problem might be isolated. 'Gathering_Facts' and 'include_vars' was 'OK'. Then the play failed. Find out which variable, from the included variables, changed and made the play fail /etc/ansible/roles/new_vlan/vars/new_vlan_vars.yml -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200115120505.6919831f%40gmail.com. pgpkrMfrkLQzM.pgp Description: OpenPGP digital signature
[ansible-project] Ansible - How get status of all users on my Active Directory Windows
Hello Guy !! :) I want to know how get status of all users on my Active Directory Windows. So i want to know if the user has status enabled or disabled on my Active Directory I know there is this ansible website but i don't find what i want ... Thanks for your help community Ansible ;) Best Regards, Karther -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/64dd7d59-5cf3-47fd-bb00-2b4924a26d3a%40googlegroups.com.
[ansible-project] Re: Windows mapped drives – what the hell is going on?
EDIT: 2) PowerShell as Administrator: PS C:\Windows\system32> gdr -PSProvider 'FileSystem' > > > Name Used (GB) Free (GB) Provider Root > CurrentLocation > - - > --- > A FileSystemA:\ > C 17.67 81.79 FileSystemC:\ > Windows\system32 > D FileSystemD:\ > E 0.14 99.86 FileSystemE:\ > Z 465267.94 178455.74 FileSystem\bellagio.intra.vegas > .net\how... > > PS C:\Windows\system32> net use > New connections will be remembered. > > Status Local RemoteNetwork > > --- > OK Z:\\bellagio.intra.vegas.net\how\the\hell\to\solve\ > this\issue > Microsoft Windows Network >\\TSCLIENT\C Microsoft Terminal > Services >\\TSCLIENT\S Microsoft Terminal > Services >\\TSCLIENT\V Microsoft Terminal > Services >\\TSCLIENT\W Microsoft Terminal > Services >\\TSCLIENT\X Microsoft Terminal > Services >\\TSCLIENT\Y Microsoft Terminal > Services >\\TSCLIENT\Z Microsoft Terminal > Services > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5d74539d-3f16-4124-ac47-989bda2e0ebd%40googlegroups.com.
[ansible-project] Re: Windows mapped drives – what the hell is going on?
It turned out that this issue is somehow related to permissions/security settings - any suggestions? I asked our internal IT team to check security event log: Please, look what I've found: * RDP login, user: elvis * I've mounted drive under Z: letter, Z: drive is visible. Computer\HKEY_CURRENT_USER\Network\Z (Default): REG_SZ (value not set) ConnectFlags: REG_DWORD 0x ConnectionType: REG_DWORD 0x0001 DeferFlags: REG_DWORD 0x0004 ProviderName: REG_SZ Microsoft Windows Network ProviderType: REG_DWORD 0x0002 RemotePath: REG_SZ \\bellagio.intra.vegas.net\how\the\hell\to\solve\this\ issue UserName REG_SZ I've disconnected Z: drive, Z: drive disappeared. Computer\HKEY_CURRENT_USER\Network - there is no Z: * Ansible, ansible_user=el...@intra.vegas.net * I've executed playbook, Z: drive isn't visible in GUI. Computer\HKEY_CURRENT_USER\Network\Z (Default): REG_SZ (value not set) ConnectFlags: REG_DWORD 0x ConnectionType: REG_DWORD 0x0001 DeferFlags: REG_DWORD 0x0004 ProviderName: REG_SZ Microsoft Windows Network ProviderType: REG_DWORD 0x0002 RemotePath: REG_SZ \\bellagio.intra.vegas.net\how\the\hell\to\solve\this\ issue UserName REG_SZ 1) PowerShell normal: PS C:\Users\elvis> gdr -PSProvider 'FileSystem' Name Used (GB) Free (GB) Provider Root CurrentLocation - - --- A FileSystemA:\ C 17.67 81.79 FileSystemC:\ Users\elvis D FileSystemD:\ E 0.14 99.86 FileSystemE:\ PS C:\Users\elvis> net use New connections will be remembered. Status Local RemoteNetwork --- Unavailable Z:\\bellagio.intra.vegas.net\how\the\hell\to\solve\this \issue Microsoft Windows Network \\TSCLIENT\C Microsoft Terminal Services \\TSCLIENT\S Microsoft Terminal Services \\TSCLIENT\V Microsoft Terminal Services \\TSCLIENT\W Microsoft Terminal Services \\TSCLIENT\X Microsoft Terminal Services \\TSCLIENT\Y Microsoft Terminal Services \\TSCLIENT\Z Microsoft Terminal Services The command completed successfully. 2) PowerShell as Administrator: PS C:\Windows\system32> gdr -PSProvider 'FileSystem' Name Used (GB) Free (GB) Provider Root CurrentLocation - - --- A FileSystemA:\ C 17.67 81.79 FileSystemC:\ Windows\system32 D FileSystemD:\ E 0.14 99.86 FileSystemE:\ Z 465267.94 178455.74 FileSystem\bellagio.intra.vegas. net\how... PS C:\Windows\system32> net use New connections will be remembered. Status Local RemoteNetwork --- OK Z:\\bellagio.intra.vegas.net\how\the\hell\to\solve\this \issue Microsoft Windows Network \\TSCLIENT\C Microsoft Terminal Services \\TSCLIENT\S Microsoft Terminal Services \\TSCLIENT\V Microsoft Terminal Services \\TSCLIENT\W Microsoft Terminal Services \\TSCLIENT\X Microsoft Terminal Services \\TSCLIENT\Y Microsoft Terminal Services \\TSCLIENT\Z Microsoft Terminal Services The command completed successfully. On Wednesday, January 15, 2020 at 10:25:54 AM UTC+1, Jordan Borean wrote: > > Sorry about the option name mismatch but glad you found the correct one. > > Your task seems to be correct so it's curious as to why it isn't showing > up. What I recommend you look at; > >- See if the key 'HKCU:\Network\Z' is present and if the entries match >what you set >- Run the command 'net use' on both a normal and elevated (Run as >administrator) and see if any of them show the Z drive > - If they do, see what the status is for it >- Look at the security event logs for
Re: [ansible-project] Ansible passwordless login not working
Hi Vladimir, The device is a router, and I have made few more checks: 1. If im sshing normaly with ansible:ansible credentials it works 2. If im installing ssh keypair (publickey on the router) the ansible is working. Problem occurs once I take off the public key from the router and try to ssh with username + password instead of username + pubkey. I have even tryed to add the ansible_connection feature like this: ansible_connection: network_cli ansible_network_os: ios ansible_ssh_common_args: -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts ansible_user: ansible ansible_password: ansible And this is the error: [image: Capture.PNG] I have no idea what to do -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7c3b0d67-6a7b-4bb2-bc68-a7ecce4a4023%40googlegroups.com.
[ansible-project] Re: Windows mapped drives – what the hell is going on?
Sorry about the option name mismatch but glad you found the correct one. Your task seems to be correct so it's curious as to why it isn't showing up. What I recommend you look at; - See if the key 'HKCU:\Network\Z' is present and if the entries match what you set - Run the command 'net use' on both a normal and elevated (Run as administrator) and see if any of them show the Z drive - If they do, see what the status is for it - Look at the security event logs for both the server you are RDP'ing to as well as the target UNC server (bellagio). Thanks Jordan -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d18ff19d-4d6e-44cc-8462-e1e2a1694d93%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
> > Hi Vladimir, The device is a router, and I have made few more checks: 1. If im sshing normaly with ansible:ansible credentials it works 2. If im installing ssh keypair (publickey on the router) the ansible is working. Problem occurs once I take off the public key from the router and try to ssh with username + password instead of username + pubkey. I have even tryed to add the ansible_connection feature and this is the error: [image: Capture.PNG] I have no idea what to do -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a2232f9d-f8de-4b63-a1d6-ad60507dcd4e%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Tue, 14 Jan 2020 23:30:43 -0800 (PST)
Yehuda Pinhas wrote:
> using connection plugin network_cli (was local)
> [...]
> fatal: [R-TEST-SNIF]: FAILED! => {
> "changed": false,
> "msg": "command timeout triggered, timeout value is 10 secs.\nSee the
> timeout setting options in the Network Debug and Troubleshooting Guide."
> }
What is the device that's making troubles?
Make sure the device is working with the connection plugin 'network_cli'.
See "How Network Automation is Different"
https://docs.ansible.com/ansible/latest/network/getting_started/network_differences.html#how-network-automation-is-different
and in particular "Multiple Communication Protocols"
https://docs.ansible.com/ansible/latest/network/getting_started/network_differences.html#multiple-communication-protocols
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200115101512.574c97fd%40gmail.com.
pgpomBdoWXOPu.pgp
Description: OpenPGP digital signature
[ansible-project] Re: Windows mapped drives – what the hell is going on?
Hi Jordan,
First of all big thanks for your reply, I'm really surprised how
efficiently this community works.
So, let's cut to the chase. I focused on your first hint and according to
it, I've corrected my playbook: (for others info: there was a 'typo' - name
instead of letter)
- name: Mount Z drive
win_mapped_drive:
letter: Z
path: \\bellagio.infra.vegas.net\how\the\hell\to\solve\this\issue
state: present
become: yes
become_method: runas
vars:
ansible_become_user: '{{ ansible_user }}'
ansible_become_pass: '{{ ansible_password }}'
Playbook has been executed successfully:
TASK [Mount Z drive]
task path: /etc/ansible/playbooks/test.yml:13
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/windows/
win_mapped_drive.ps1
Pipelining is enabled.
<99.88.77.60> ESTABLISH WINRM CONNECTION FOR USER: el...@intra.vegas.net on
PORT 5986 TO 99.88.77.66
EXEC (via pipeline wrapper)
changed: [99.88.77.66] => {
"changed": true,
"invocation": {
"module_args": {
"letter": "Z",
"password": null,
"path":
"bellagio.infra.vegas.net\how\the\hell\to\solve\this\issue",
"state": "present",
"username": null
}
}
}
META: ran handlers
META: ran handlers
PLAY RECAP
**
10.42.197.227 : ok=2changed=1unreachable=0failed=0
skipped=0rescued=0ignored=0
but after I logon using RDP:
domain: INTRA.VEGAS.NET
login: elvis
pass: elvis123
there is still no Z: hard drive mounted.
PS C:\Users\elvis> gdr -PSProvider 'FileSystem'
Name Used (GB) Free (GB) Provider Root
CurrentLocation
- -
---
A FileSystemA:\
C 17.67 81.80 FileSystemC:\
Users\elvis
D FileSystemD:\
E 0.14 99.86 FileSystemE:\
Is it still my wrong understanding of some issue with env? Could you be so
kind to share with me how to investigate this issue?
On Tuesday, January 14, 2020 at 8:39:08 PM UTC+1, Jordan Borean wrote:
>
> Hi, the blog is still accepting comments, I just need to approve them so
> it doesn't get spammed.
>
> As for your issue at hand.
>
> 1) to use Ansible to map this network drive automatically in all VMs for
>> the domain user (mapped drive should be visible after VM reboots, during
>> every RDP sessions using this credentials?
>>
>
> You should be using the win_mapped_drive to create the mapping for the
> user you want. This should be as simple as
>
> - win_mapped_drive:
> name: Z
> path: \\bellagio.infra.vegas.net\how\the\hell\to\solve\this\issue
> state: present
> become: yes
> become_method: runas
> vars:
> ansible_become_user: '{{ ansible_user }}'
> ansible_become_pass: '{{ ansible_password }}'
>
> Because you are using NTLM authentication, the task will not be able to
> access the network path so become is being used to bypass that limitation.
> If you are connecting with Ansible to one account but want the mapped drive
> for another, change the become user/pass vars to the account in question.
> What this task will do is create the mapped drive Z for the become user and
> that drive will appear when they log on locally. When they try and access
> it locally it will use their logon credentials to access the UNC path.
>
> If you need to connect to the UNC path with custom credentials you can add
> the following task *before* the win_mapped_drive one.
>
> - win_credential:
> name: bellagio.infra.vegas.net
> type: domain_password
> username: custom user
> secret: password
> state: present
> become: yes
> become_method: runas
> vars:
> ansible_become_user: '{{ ansible_user }}'
> ansible_become_pass: '{{ ansible_password }}'
>
> This task creates a credential for that host in the become user's
> credential manager and it is used for any outbound authentication attempts
> on that particular host. This enables you to save a credential for a
> network host and then use that credential for the mapped drive. Once again
> become is important for this task to work as the credential manager can
> only be accessed through become when using WinRM. The win_credential module
> is pretty much a wrapper for the same
[ansible-project] Re: Windows mapped drives – what the hell is going on?
Hi Jordan,
First of all big thanks for your reply, I'm really surprised
how efficiently this community works.
So, let's cut to the chase. I focused on your first hint and according to
it, I've corrected my playbook: (for others info: there was a 'typo' -
*name* instead of *letter*)
- name: Mount Z drive
win_mapped_drive:
letter: Z
path: \\bellagio.infra.vegas.net\how\the\hell\to\solve\this\issue
state: present
become: yes
become_method: runas
vars:
ansible_become_user: '{{ ansible_user }}'
ansible_become_pass: '{{ ansible_password }}'
Playbook has been executed successfully:
TASK [Mount Z drive]
task path: /etc/ansible/playbooks/test.yml:13
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/windows/
win_mapped_drive.ps1
Pipelining is enabled.
<10.42.197.227> ESTABLISH WINRM CONNECTION FOR USER: wro4...@intra.noklab.net
on PORT 5986 TO 10.42.197.227
EXEC (via pipeline wrapper)
changed: [99.88.77.66] => {
"changed": true,
"invocation": {
"module_args": {
"letter": "Z",
"password": null,
"path": "bellagio.infra.vegas.net\how\the\hell\to\solve\this
\issue",
"state": "present",
"username": null
}
}
}
META: ran handlers
META: ran handlers
PLAY RECAP
**
10.42.197.227 : ok=2changed=1unreachable=0failed=0
skipped=0rescued=0ignored=0
but after I logon using RDP:
domain: INTRA.VEGAS.NET
login: elvis
pass: elvis123
there is still no Z: hard drive mounted.
PS C:\Users\elvis> gdr -PSProvider 'FileSystem'
Name Used (GB) Free (GB) Provider Root
CurrentLocation
- -
---
A FileSystemA:\
C 17.67 81.80 FileSystemC:\
Users\elvis
D FileSystemD:\
E 0.14 99.86 FileSystemE:\
Is it still my wrong understanding of some issue with env? Could you be so
kind to share with me how to
On Tuesday, January 14, 2020 at 8:39:08 PM UTC+1, Jordan Borean wrote:
>
> Hi, the blog is still accepting comments, I just need to approve them so
> it doesn't get spammed.
>
> As for your issue at hand.
>
> 1) to use Ansible to map this network drive automatically in all VMs for
>> the domain user (mapped drive should be visible after VM reboots, during
>> every RDP sessions using this credentials?
>>
>
> You should be using the win_mapped_drive to create the mapping for the
> user you want. This should be as simple as
>
> - win_mapped_drive:
> name: Z
> path: \\bellagio.infra.vegas.net\how\the\hell\to\solve\this\issue
> state: present
> become: yes
> become_method: runas
> vars:
> ansible_become_user: '{{ ansible_user }}'
> ansible_become_pass: '{{ ansible_password }}'
>
> Because you are using NTLM authentication, the task will not be able to
> access the network path so become is being used to bypass that limitation.
> If you are connecting with Ansible to one account but want the mapped drive
> for another, change the become user/pass vars to the account in question.
> What this task will do is create the mapped drive Z for the become user and
> that drive will appear when they log on locally. When they try and access
> it locally it will use their logon credentials to access the UNC path.
>
> If you need to connect to the UNC path with custom credentials you can add
> the following task *before* the win_mapped_drive one.
>
> - win_credential:
> name: bellagio.infra.vegas.net
> type: domain_password
> username: custom user
> secret: password
> state: present
> become: yes
> become_method: runas
> vars:
> ansible_become_user: '{{ ansible_user }}'
> ansible_become_pass: '{{ ansible_password }}'
>
> This task creates a credential for that host in the become user's
> credential manager and it is used for any outbound authentication attempts
> on that particular host. This enables you to save a credential for a
> network host and then use that credential for the mapped drive. Once again
> become is important for this task to work as the credential manager can
> only be accessed through become when using WinRM. The win_credential module
> is pretty much a wrapper for the same functionality that
Re: [ansible-project] Unable to print regex registered variable in Ansible
Reading the contents of the file is not the challenge. I used both sllurp
as well as cat and I can see the file contents in the debug. The error
occurs when I regex for the desired string.
- name: Slurp certificate entries
slurp:
src: "{{ httpd_home }}/conf/httpd.conf"
register: filecontent
- name: Find certificate entries
set_fact:
input: "{{ filecontent['content'] | b64decode }}"
- debug:
msg: "{{ input }}"
- name: Regex String
set_fact:
target: "{{ input | regex_replace('\\sSSLFile.*, '\\1') }}"
The regex task fails where we are assigning the set_fact "target" with the
below error:
TASK [Regex String] ***
>
> *task path: /app/test.yml:908*The full traceback is:
> Traceback (most recent call last):
> File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py",
> line 144, in run
> res = self._execute()
> File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py",
> line 576, in _execute
> self._task.post_validate(templar=templar)
> File "/usr/lib/python2.7/site-packages/ansible/playbook/task.py", line
> 268, in post_validate
> super(Task, self).post_validate(templar)
> File "/usr/lib/python2.7/site-packages/ansible/playbook/base.py", line
> 384, in post_validate
> value = templar.template(getattr(self, name))
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line
> 584, in template
> disable_lookups=disable_lookups,
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line
> 539, in template
> disable_lookups=disable_lookups,
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line
> 773, in do_template
> data = _escape_backslashes(data, myenv)
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line
> 145, in _escape_backslashes
> for token in jinja_env.lex(d2):
> File "/usr/lib/python2.7/site-packages/jinja2/lexer.py", line 733, in
> tokeniter
> name, filename)
> TemplateSyntaxError: unexpected char u'\\' at 51
> line 1 fatal: [10.9.9.11]: FAILED! => {
> "msg": "Unexpected failure during module execution.",
> "stdout": ""
> }
On Wednesday, January 15, 2020 at 12:04:52 PM UTC+5:30, Jean-Yves LENHOF
wrote:
>
> Hi,
>
> Perhaps you should better use slurp module to register the content of the
> file and do some regexp to print what you want on it...
>
>
> https://docs.ansible.com/ansible/latest/modules/slurp_module.html#slurp-module
>
> Regards,
>
>
> Le 15/01/2020 à 06:34, Shifa Shaikh a écrit :
>
> I wish to search for all entries of string starting with "SSLFile" or
> starting with "SSLFile" in a file(httpd.conf) and register
> it to a variable and print all the matches found.
>
> The string is found as evident from the output and the file is not
> modified which is good; but I'm unable to print (debug) it. I get error as
> I try to print. Below is my playbook:
>
> - name: Find entries
> lineinfile:
> path: "/tmp/httpd.conf"
> regexp: "\\sSSLFile.*"
> state: absent
> check_mode: yes
> changed_when: false
> register: filedet
>
> - debug:
> msg: "{{ filedet }}"
>
> - debug:
> msg: "{{ item.split()[1] }}"
> with_items:
> - "{{ filedet.stdout_lines }}"
>
> I get the below error when i run the playbook:
>
>
> ok: [10.9.9.11] => {
>> "backup": "",
>> "changed": false,
>> "diff": [
>> {
>> "after": "",
>> "after_header": "/tmp/httpd.conf (content)",
>> "before": "",
>> "before_header": "/tmp/httpd.conf (content)"
>> },
>> {
>> "after_header": "/tmp/httpd.conf (file attributes)",
>> "before_header": "/tmp/httpd.conf (file attributes)"
>> }
>> ],
>> "found": 1,
>> "invocation": {
>> "module_args": {
>> "attributes": null,
>> "backrefs": false,
>> "backup": false,
>> "content": null,
>> "create": false,
>> "delimiter": null,
>> "directory_mode": null,
>> "firstmatch": false,
>> "follow": false,
>> "force": null,
>> "group": null,
>> "insertafter": null,
>> "insertbefore": null,
>> "line": null,
>> "mode": null,
>> "owner": null,
>> "path": "/tmp/httpd.conf",
>> "regexp": "\\sSSLFile.*",
>> "remote_src": null,
>> "selevel": null,
>> "serole": null,
>> "setype": null,
>> "seuser": null,
>> "src": null,
>> "state": "absent",
>> "unsafe_writes": null,
>> "validate": null
>> }
>> },
>> "msg": "1 line(s) removed"
>> } TASK [debug]
>> ***
>>
>> *task path: /app/test.yml:924 *ok: [10.9.9.11] => {
>> "msg": {
>> "backup": "",
>> "changed": false,
>> "diff": [
>> {
>> "after": "",
>> "after_header": "/tmp/httpd.conf (content)",
>> "before": "",
>> "before_header": "/tmp/httpd.conf (content)"
>> },
>> {
>> "after_header": "/tmp/httpd.conf (file attributes)",
>> "before_header": "/tmp/httpd.conf (file attributes)"
>> }
>> ],
>> "failed": false,
>> "found": 1,
>> "msg": "1 line(s)
