Use ansible to allow AD authentication

36 views
Skip to first unread message

David McPherson

unread,
Jun 20, 2019, 2:44:33 PM6/20/19
to Ansible Project
I am trying to push AD authentication out to a series of Oracle Linux machines.
The command is:  realm join --verbose "domain.local" --user "domain_service"

---
- tasks: Add server to AD
  hosts: 'ud-srv'
  become: true
  vars:
    realm_name:
      realm: "domain.local"
      user: "domain_service"
      pass: 'Passwd!!'

  tasks:
   - name: Join the AD Domain
     command: realm join --verbose "{{realm_name.realm}}" --user "{{realm_name.user}}" --one-time-password= "{{realm_name.pass}}"

   
The playbook does not seem to pass the password into the command and it fails.

how do I get ansible to wait for the password prompt or pass in the password for this command?

Thanks,

Dave

Angel Rengifo Cancino

unread,
Jun 20, 2019, 3:03:25 PM6/20/19
to ansible...@googlegroups.com
Hi:

On Thu, Jun 20, 2019 at 1:44 PM David McPherson <dave...@gmail.com> wrote:
I am trying to push AD authentication out to a series of Oracle Linux machines.
The command is:  realm join --verbose "domain.local" --user "domain_service"

---
- tasks: Add server to AD
  hosts: 'ud-srv'
  become: true
  vars:
    realm_name:
      realm: "domain.local"
      user: "domain_service"
      pass: 'Passwd!!'

  tasks:
   - name: Join the AD Domain
     command: realm join --verbose "{{realm_name.realm}}" --user "{{realm_name.user}}" --one-time-password= "{{realm_name.pass}}"
Have you manually tried this same exact command on the shell? Is it supposed to not ask for a password? Also, I can notice there's a white space between "=" and "{{realm_name.pass}}", is that intentional or a mistake?

When I'm not sure how a command (or shell instruction) might work when running through ansible, I use to put an echo at the beginning, register the output in a variable, show it to stdout and copy &paste manually on the shell for testing:

- name: Join the AD Domain
  command: echo realm join --verbose "{{realm_name.realm}}" --user "{{realm_name.user}}" --one-time-password= "{{realm_name.pass}}"
  register: result

- debug: msg={{ result }}

Hope this helps you.

   
The playbook does not seem to pass the password into the command and it fails.

how do I get ansible to wait for the password prompt or pass in the password for this command?

Thanks,

Dave

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0c5705eb-4b50-41fb-94a1-8a84a548d9f0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Jonathan Lozada De La Matta

unread,
Jun 20, 2019, 3:05:01 PM6/20/19
to ansible...@googlegroups.com
do you get an error or anything?

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAA3McK_4AU19yFKBtDost-KLxKmaqnsAdDt%3DCxWz_MTRaw7bdA%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.


--

Jonathan Cha'gara Lozada De La Matta

He / Him / His

Automation Practice

Senior Automation Consultant & Automation CoP Manager

Red Hat


 

David McPherson

unread,
Jun 20, 2019, 3:52:55 PM6/20/19
to Ansible Project
The shell command is #realm join --verbose "domain.local" --user "vm_service" 
Then it prompts for the vm_service password
Reply all
Reply to author
Forward
0 new messages