kerberos authentication issue with Azure Dynamic Inventory

[Aravind Sivaraman]

I am testing Azure Dynamic Inventory Plugin against my windows VM using Kerberos authentication it fails with the error.

 

The dynamic inventory works fine when authentication is set to ‘basic’ and when testing with static inventory both “basic and Kerberos” works fine.  I have verified the DNS resolution and FQDN using nslookup everything looks good. Verified my group_vars for both static and dynamic inventory both are same.  

[ansible@NBP-HO7-Ansible01 windows]$ ansible tag_Owner_Ansible -i nbpazure_rm.yml -m win_ping -vvv

ansible 2.9.4

  config file = None

  configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']

  ansible python module location = /home/ansible/.local/lib/python3.6/site-packages/ansible

  executable location = /usr/local/bin/ansible

  python version = 3.6.8 (default, Aug  7 2019, 17:28:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]

No config file found; using defaults

host_list declined parsing /home/ansible/ansible/windows/nbpazure_rm.yml as it did not pass its verify_file() method

script declined parsing /home/ansible/ansible/windows/nbpazure_rm.yml as it did not pass its verify_file() method

Parsed /home/ansible/ansible/windows/nbpazure_rm.yml inventory source with auto plugin

META: ran handlers

Using module file /home/ansible/.local/lib/python3.6/site-packages/ansible/modules/windows/win_ping.ps1

Pipelining is enabled.

<10.112.1.5> ESTABLISH WINRM CONNECTION FOR USER: ans...@example.COM on PORT 5986 TO 10.112.1.5

an-testvm01 | UNREACHABLE! => {

    "changed": false,

    "msg": "kerberos: authGSSClientStep() failed: (('Unspecified GSS failure.  Minor code may provide more information', 851968), ('Server not found in Kerberos database', -1765328377))",

    "unreachable": true

}

[ansible@NBP-HO7-Ansible01 windows]$ ansible windows -i inventory -m win_ping -vvv

ansible 2.9.4

  config file = None

  configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']

  ansible python module location = /home/ansible/.local/lib/python3.6/site-packages/ansible

  executable location = /usr/local/bin/ansible

  python version = 3.6.8 (default, Aug  7 2019, 17:28:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]

No config file found; using defaults

host_list declined parsing /home/ansible/ansible/windows/inventory as it did not pass its verify_file() method

script declined parsing /home/ansible/ansible/windows/inventory as it did not pass its verify_file() method

auto declined parsing /home/ansible/ansible/windows/inventory as it did not pass its verify_file() method

Parsed /home/ansible/ansible/windows/inventory inventory source with ini plugin

META: ran handlers

Using module file /home/ansible/.local/lib/python3.6/site-packages/ansible/modules/windows/win_ping.ps1

Pipelining is enabled.

<AN-TESTVM01> ESTABLISH WINRM CONNECTION FOR USER: ans...@example.COM on PORT 5986 TO AN-TESTVM01

EXEC (via pipeline wrapper)

AN-TESTVM01 | SUCCESS => {

    "changed": false,

    "invocation": {

        "module_args": {

            "data": "pong"

        }

    },

    "ping": "pong"

}

META: ran handlers

META: ran handlers