Hi,
is anybody running Ansible from a CI Server (Teamcity, Jenkins, GoCD) using a Domain User / LDAP user to connect to a Windows machine?
We are currently facing the issue of “How to automatically create / renew the kerberos ticket”.
How do other people tackle this?
The problem is that kinit, if run from a playbook, will log the whole call in cleartext, including the password. Obviously not acceptable.
Guidance appreciated.
Cheers
David
The system however would still have it in its shell history, right?
Brian_Coca
(Brian Coca)
October 28, 2015, 12:44pm
4
local history will have the ansible invocation, the remote history
should have at most the ansible modules run (but no args). Most of the
time ansible uses not interactive sessions which should not write to
history file.
I will give it a go.
Would still wish that we could just go, tell Ansible to use a domain user and it would get a ticket by itself.