using domain user account for ansible_user on inventory

Da_Ye · December 6, 2022, 4:31pm

Can someone let me know if I can using Windows AD domain user account for the ansilbe_user on the inventory file. I have no problem using the windows local user account , but could not establish connection using AD account

I have used :
adusername@MYDOMAIN.COM
adusername%MYDOMAIN.COM

None of them worked.

error message:
msg": “ssl: the specified credentials were rejected by the server”,

Here is my host vars config

ansible_user=adusername@MYDOMAIN
ansible_password=‘myadpassword’
ansible_port=5986
ansible_connection=winrm
ansible_winrm_scheme=https
ansible_winrm_server_cert_validation=ignore
ansible_winrm_kerberos_delegation=true

Thanks for any input.

jborean · December 6, 2022, 8:45pm

The problem here is that it’s using Basic auth for the authentication which only works for local accounts. You either need to setup Kerberos auth or use ntlm. Both can be specified with ansible_winrm_transport (ntlm or kerberos).

Topic		Replies	Views
Ansible - configuring windows win_acl Ansible Project windows	1	1	November 28, 2015
ansible and active directory Ansible Project windows	1	0	August 16, 2015
Windows domain account using Kerberos Ansible Project windows	1	1	October 12, 2015
Kerberos Auth - the specified credentials were rejected by the server Ansible Project windows	6	2	April 6, 2017
Ansible AD Domain Authentication Ansible Project	15	0	April 18, 2016

using domain user account for ansible_user on inventory

Related topics