Kerberos Authentication Failed | kerberos: authGSSClientStep() failed | Help URGENT

Hello,

I am trying to use Windows-2008-R2 AD domain authentication for my windows infrastructure playbooks however its failing with following error:
Also tried just for win_ping and ping but still everything fails.

ERROR:

Ansible winrm transport parameter try to use ntlm…not kerboroes…it might work

Hello Nandha,

Thanks for writing me but we have to use kerberos authentication due to security reasons.
So, need some help to troubleshoot this issue

I suspect the issue is to do with resolving the hostname, so potentially an issue with DNS.

Although you are using hostnames in your ansible inventory, it appears from the trace output that you are actually connecting via an IP address - 192.168.169.131
Kerberos requires DNS to be fully working. So you need to be able to nslookup and get the ip from the hostname and also be able to resolve the hostname from the ip address, otherwise it won’t work.
Kerberos, like https, deals in hostnames, not IPs, so its not surprising that it can’t find the server by name when it is receiving an ip address.
I hope this helps,
Jon

Hello J Hawkesworth,

I would like to thank you very much for the suggestion.
Issue got resolved now.
Thanks for your help :slight_smile:

Thanks,
Piyush

Glad to hear it.

Piyush,

Can you please share how it was resolved? We are having a similar issue.

Thanks.