How do I pass a password as an argument?

Archives Ansible Project
1

I have a playbook that installs the appropriate packages for Active Directory Authentication. When it gets to the “join” portion, Ansible just sits there because the join process is asking the user for the password of the account that has access to join the system to Active Directory. How can I pass my password from vars_prompt? I have highlighted where I call the variable but I know that is the wrong place since it’s going to try to pass it to my “realm join” command, which isn’t supported. I only added it there to show I want to call it after the “realm join” portion is called.

Here is my playbook:

`

2

I changed this a bit by removing the vars_prompt and using expect. Here is what I did:

`

3

Ok, I figured this out. This is how I did it:

`

4

Thanks, I was just looking for this tonight. Awesome timing!

For encrypting your password, use Ansible Vault. Here’s a quick example:
https://gist.github.com/tristanfisher/e5a306144a637dc739e7

I have a vars file called bind_creds.yml with bind_user and bind_password defined.

5

Glad this post helped you. Also, thank you very much for the Ansible Vault info!!

6

Ohh thank you for this tips :wink:

7

Hi guys,

Do you do anything for “pre flight checks”? Or is this a one-off playbook your run on newly provisioned servers?

Wouldn’t mind something that goes “am I joined? notify: join ad”

Cheers
Jacob

8

`

  • name: Check if machine is bound
    shell: /bin/bash -c “realm list | grep sssd”
    register: realmd_bound
    changed_when: false
    ignore_errors: true

  • name: Join using realmd
    expect:
    command: “/bin/bash -c ‘/usr/sbin/realm join -U {{ bind_user }} {{ bind_domain }}’”
    responses:
    Password for.*: “{{ bind_password }}”
    when: realmd_bound|failed

`

I’m planning on getting away from realmd but that’s one way to do it with realm.

9

That’s awesome Chris, thank you very much!

I’m still learning Ansible so that’s a huge help. Thanks again!