who is using ansible for windows

42 views
Skip to first unread message

John Veliss

unread,
Nov 3, 2020, 3:08:05 PM11/3/20
to Ansible Project
are you using ansible to manage domain joined Windows servers?
If so, what authentication protocol are you using, kerberos or ntlm?

Adam Moore

unread,
Nov 3, 2020, 3:13:23 PM11/3/20
to Ansible Project
ntlm is a bad thing, kerberos across several forests, also windows behind Linux jump hosts we use SOCKS5/psrp to connect. 

John Veliss

unread,
Nov 3, 2020, 4:09:14 PM11/3/20
to Ansible Project
Does your ansible server need to auth to the domain controllers to run plays on MS member servers if using kerberos?

Arrumac

unread,
Nov 3, 2020, 4:15:39 PM11/3/20
to Ansible Project
Yes, ansible has to do a kinit first against the DC before the play can execute.

John Veliss

unread,
Nov 3, 2020, 5:43:59 PM11/3/20
to ansible...@googlegroups.com
Do you know if its just port 88 that needs to be open on the FW

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8a17b0b6-fca8-4690-86d8-34a770c4bc9bo%40googlegroups.com.

Arrumac

unread,
Nov 3, 2020, 6:05:28 PM11/3/20
to Ansible Project
at least 88 tcp/udp, you may need 53 tcp/udp for DNS also


On Tuesday, 3 November 2020 22:43:59 UTC, John Veliss wrote:
Do you know if its just port 88 that needs to be open on the FW

On Wed, Nov 4, 2020 at 8:15 AM Arrumac <arr...@gmail.com> wrote:
Yes, ansible has to do a kinit first against the DC before the play can execute.

On Tuesday, 3 November 2020 21:09:14 UTC, John Veliss wrote:
Does your ansible server need to auth to the domain controllers to run plays on MS member servers if using kerberos?

On Wednesday, November 4, 2020 at 7:13:23 AM UTC+11 Arrumac wrote:
ntlm is a bad thing, kerberos across several forests, also windows behind Linux jump hosts we use SOCKS5/psrp to connect. 

On Tuesday, 3 November 2020 at 20:08:05 UTC vel...@gmail.com wrote:
are you using ansible to manage domain joined Windows servers?
If so, what authentication protocol are you using, kerberos or ntlm?

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages