I can't see the output of your execution with Ansible but your main issue is around the error message you get when running kinit with your domain account. It is unable to get the Kerberos ticket for your user as it can't connect to your domain/realm. You will need to solve this issue first if you want to use Kerberos auth with Ansible but that is outside the scope of Ansible.
Once you resolve that it would be highly recommended to change the ansible_port to 5986 so it is run over HTTPS and your messages are encrypted. If you don't change this Ansible will probably fail as Windows by default doesn't allow un-encrypted messages to be sent to it. On Monday, April 24, 2017 at 10:12:35 AM UTC+10, Nergalgreed Es wrote: > > Hello all. > > I am a ansible Rookie. I am trying to setup ansible to manage Windows > machines. but i got some issues. here I will share some information about > my system and my configuration. > > I hope you can help me. > > Thank you. > > linux machine > > Python 2.7.5 > REDHAT_SUPPORT_PRODUCT_VERSION="7.1" > Red Hat Enterprise Linux Server release 7.1 (Maipo) > kerberos 1.14.1 > ansible 2.2.1.0 > > > kerberos configuration > > /etc/krb5.conf.d/ > > [logging] > default = FILE:/var/log/krb5libs.log > kdc = FILE:/var/log/krb5kdc.log > admin_server = FILE:/var/log/kadmind.log > > [libdefaults] > dns_lookup_realm = true > ticket_lifetime = 24h > renew_lifetime = 7d > forwardable = true > rdns = false > # default_realm = EXAMPLE.COM > default_ccache_name = KEYRING:persistent:%{uid} > > [realms] > STT.COM = { > kdc = myserver.stt.com > > } > > [domain_realm] > .stt.com = STT.COM > > when I run kinit the folloing error appeard > # kinit -C myu...@stt.com <javascript:> > kinit: Cannot contact any KDC for realm 'STT.COM' while getting initial > credential > > ansible files > group_vars/winndoes.yml > ansible_user: myu...@stt.com <javascript:> > ansible_password: mypas > ansible_port: 5985 > ansible_winrm_transport: kerberos > ansible_winrm_server_cert_validation: ignore > > on my windows machine I executed the following command > > @powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((new-object > net.webclient).DownloadString(' > https://github.com/ansible/ansible/raw/devel/examples/scripts/ConfigureRemotingForAnsible.ps1') > )" > > > when I run the following commnad ansible winnodes -i winhosts -m win_ping > > I got this > ansible winnodes -i winhosts -m win_ping > > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1b3c2cae-014c-43be-bdbd-347f9e3e872f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.