Hi Team,
In our environment , basic , ntlm ,credssp is disabled by default in windows2012 machines and I tried it out with last option that is kerberos .
Scenario -
centos machine has ansible controller
new domain has been created and it has few servers with it
I added the domain fqdn in etc/hosts to make it reachable because initially only IP is reachable from ansible
I installed all kerberos libraries uisng pip and configured krb.conf file accordingly
includedir /etc/krb5.conf.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = OPS68.ISYNTAX.NET
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
OPS68.ISYNTAX.NET = {
kdc = OPS68.isyntax.net
default_domain = OPS68.ISYNTAX.NET
}
[domain_realm]
OPS68.ISYNTAX.NET = OPS68.ISYNTAX.NET
.OPS68.ISYNTAX.NET = OPS68.ISYNTAX.NET
But still if i try to run playbooks , it says “Cannot find
KDC for realm "ops68.isyntax.net" while getting initial credentials”,
Any help is appreciated?