win_domain_controller "controller for the domain could not be contacted"

pixel_fairy · September 8, 2019, 3:01am

After making a new domain, and adding a server to it, cant promote that server to domain controller.

heres how im trying,

`

hosts: domaincontrollers[1:]
tasks:
name: set dns for other domain controllers
win_dns_client:
adapter_names: ‘*’
ipv4_addresses:
#- “{{ hostvars[item][‘ansible_facts’][‘ip_addresses’][2] }}”
10.6.5.10
1.1.1.1

loop: “{{ groups[‘domaincontrollers’] }}”

name: join the domain
win_domain_membership:
dns_domain_name: foo.local
hostname: “{{inventory_hostname}}”
domain_admin_user: foo\dom
domain_admin_password: A1!vagrant
state: domain
register: dmout
win_reboot:
when: dmout.reboot_required
name: make domain controllers
win_domain_controller:
dns_domain_name: foo.local
domain_admin_user: foo\dom
domain_admin_password: A1!vagrant
safe_mode_password: A1!vagrant
state: domain_controller
register: newdc
name: reboot for new settings
win_reboot:
test_command: ‘exit (Get-Service -Name Netlogon).Status -ne “Running”’
post_reboot_delay: 600
when: newdc.reboot_required

`

and heres the error,
`

TASK [Gathering Facts] **************************************************************************************
ok: [domain1]

TASK [set dns for other domain controllers] *****************************************************************
ok: [domain1]

TASK [join the domain] **************************************************************************************
ok: [domain1]

TASK [win_reboot] *******************************************************************************************
skipping: [domain1]

TASK [make domain controllers] ******************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: at , : line 214
fatal: [domain1]: FAILED! => {“changed”: false, “msg”: “Unhandled exception while executing module: Verification of user credential permissions failed. An Active Directory domain controller for the domain "foo.local" could not be contacted.\r\n\r\nEnsure that you supplied the correct DNS domain name.\r\n\r\n\r\n”}

PLAY RECAP **************************************************************************************************
domain0 : ok=3 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
domain1 : ok=3 changed=0 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0

`

the one change on domain0 is making the new domain admin, which is always redone (setting its password)

domain1 is on the domain, can log in “dom”, and can ping domain0.foo.local

pixel_fairy · September 8, 2019, 3:13am

somehow, waiting like 1/2hr and it works. any ideas?

Topic		Replies	Views
windows domain controller(s) set up Ansible Project windows	4	2	March 23, 2017
win_domain, win_reboot, what to wait or test_command for? Ansible Project	0	0	September 8, 2019
Access denied renaming windows domain joined server Ansible Project windows	5	1	July 4, 2018
win_domain: The specified argument 'InstallDNS' was not recognized Ansible Project	0	0	May 27, 2018
VM not joining domain Ansible Project	3	2	June 11, 2020

win_domain_controller "controller for the domain could not be contacted"

loop: “{{ groups[‘domaincontrollers’] }}”

Related topics