Ansible Not Passing Domain

[navar...@gmail.com]

I'm trying to get Ansible working with Windows Systems. I'm currently testing it against 2k8 box. 

Run: ansible windows -m win_ping -vvvvv  (I have one system in the windows group)

Returns:

<System.DOMAIN.COM> ESTABLISH WINRM CONNECTION FOR USER: ansible_user on PORT 5986 TO System.DOMAIN.COM

<System.DOMAIN.COM> WINRM CONNECT: transport=plaintext endpoint=https://System.DOMAIN.COM:5986/wsman

<System.DOMAIN.COM> WINRM CONNECTION ERROR: 401 Unauthorized. basic auth failed

System.DOMAIN.COM | FAILED => 401 Unauthorized. basic auth failed

My windows.yml looks like this

ansible_ssh_user: ansibl...@DOMAIN.COM

ansible_ssh_pass: PASSWORD

ansible_ssh_port: 5986

ansible_connection: winrm

So the error seems pretty straight forward and the event viewer on the system shows the same issue as you can see below. Looking at the below log when the failure happens the Account Domain is showing up as the local system name. It appears the domain portion over the username is not being sent to the windows system. Can anyone provide assistance to what I may be doing wrong here? 

An account failed to log on.

Subject:

Security ID: NETWORK SERVICE

Account Name: System$

Account Domain: Domain

Logon ID: 0x3e4

Logon Type: 3

Account For Which Logon Failed:

Security ID: NULL SID

Account Name: ansible_user

Account Domain: System

Failure Information:

Failure Reason: Unknown user name or bad password.

Status: 0xc000006d

Sub Status: 0xc0000064

Process Information:

Caller Process ID: 0x4e8

Caller Process Name: C:\Windows\System32\svchost.exe

Network Information:

Workstation Name: System

Source Network Address: -

Source Port: -

Detailed Authentication Information:

Logon Process: Advapi  

Authentication Package: Negotiate

Transited Services: -

Package Name (NTLM only): -

Key Length: 0

Also krb is setup and kinit ansibl...@DOMAIN.COM  does work correctly. 

[navar...@gmail.com]

Also it's ansible 1.9.4

[J Hawkesworth]

My guess would be that you don't have the python kerberos library installed as it looks like ansible is making a plaintext connection rather than a kerberos one.

from the command line on your ansible controller, start python and enter

   import kerberos

if you don't have kerberos you will get a python traceback, if you do you don't get an error.

Hope this helps,

Jon

[navar...@gmail.com]

I do have python-kerberos installed. 

[Jeff]

Did you find a solution to this issue?