Hi Andy, This isn't really the right group for general help using Ansible. This group is intended for questions related to developing Ansible or plugins. There's a separate group ansible-project, which you also seem to have posted to, which is better suited to these kinds of questions. Additionally, there is also the forum: https://forum.ansible.com/
That said, while I'm not familiar with the AD plugin, it looks like the "auto" plugin has attempted to use your inventory file and successfully passed it onto the AD inventory plugin. The problem appears to be in the error/warning message: On Fri, 2 Feb 2024 at 18:53, Andy Magana <andy.mag...@gmail.com> wrote: > [WARNING]: * Failed to parse /home/ansible/inventories/microsoft.ad.ldap.yml > with auto plugin: Configuration file does not specify default realm > -1765328160 > "Configuration file does not specify default realm -1765328160" is a Kerberos error message, and likely means that the plugin tried to authenticate to the LDAP server using GSSAPI (Kerberos), but failed due to an authentication issue. It's been a long time since I had much to do with AD, but from what I recall AD generally doesn't like unauthenticated access to the LDAP service component of AD, instead it expects kerberos based authentication. Your controller is likely looking for the kerberos configuration in /etc/krb5.conf. There's an example of someone trying to configure the configuration for AD on the Red Hat access.redhat.com forums which may be of help: https://access.redhat.com/discussions/3479491 . I don't expect you to need to join the controller to the domain, but you do need to tell it enough information for it to contact the KDC service, so that it can authenticate and obtain a TGT. Mark -- Mark Chappell Senior Principal Systems Engineer, Red Hat GmbH Red Hat GmbH <https://www.redhat.com/de/global/dach>, Sitz: Werner von Siemens Ring 12, D-85630 Grasbrunn Handelsregister: Amtsgericht München, HRB 153243, Geschäftsführer: Ryan Barnhart, Charles Cachera, Michael O'Neill, Amy Ross -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-devel/CAMCBCyLKOokfTydg8%3DwJLBctyeQC65pJJn%2BrQ-asWq9o6xFy6A%40mail.gmail.com.
