Hi everyone,

I’m trying to mount smb share on windows host (win10 pro) that requires authentication using win_mapped_drive/win_credential

Here is the playbook sample (based on docs example)

`

• name: Create mapped drive with credentials and save the username and password
  block:

• name: Save the network credentials required for the mapped drive
  win_credential:
  name: 10.0.20.1
  type: domain_password
  username: DOMAIN\admin
  secret: password
  state: present

• name: Create a mapped drive that requires authentication
  win_mapped_drive:
  letter: M
  path: \10.0.20.1\myshare1
  state: present
  vars:

become is required to save and retrieve the credentials in the tasks

ansible_become: yes
ansible_become_method: runas
ansible_become_user: ‘{{ ansible_user }}’
ansible_become_pass: ‘{{ ansible_password }}’

`

But the issue is:

• if ansible_become_pass variable is set win_mapped_drive task fails:

`
The full traceback is:
Exception calling “Invoke” with “2” argument(s): “Failed to map M: to ‘\10.0.20.1\myshare1’ with WNetAddConnection2W() (The specified network password is not correct, Win32ErrorCode 86)”
At line:420 char:17

• … $add_method.Invoke($null, [Object]@($letter_root, $path …
• CategoryInfo : NotSpecified: ( , ParentContainsErrorRecordException
• FullyQualifiedErrorId : Win32Exception

ScriptStackTrace:
at , : line 420
fatal: [win1]: FAILED! => {
“changed”: false,
“msg”: “Unhandled exception while executing module: Exception calling "Invoke" with "2" argument(s): "Failed to map M: to ‘\\10.0.20.1\myshare1’ with WNetAddConnection2W() (The specified network password is not correct, Win32ErrorCode 86)"”
}

`

• if ansible_become_pass variable is unset (or empty string) - everything works perfectly

So, AFAIK in 2.8+ become can work without password, as the docs say:
https://docs.ansible.com/ansible/latest/user_guide/become.html#become-without-setting-a-password

But my assumtions were, that with password defined it should wark just fine

My ansible version is - ansible 2.9.9

Windows host’s account i’m using is local admin

Can someone help me to debug the issue, it’s probably me missusing the module or some sort of admin account missconfiguration (e.g. disabled priveledges mb), but no ideas left for me to prove it, thanks in advance.

There’s been a recent issue on this problem https://github.com/ansible-collections/community.windows/issues/96. I can’t say I’ve experienced this problem personally as if you have a credential Windows should be using that to connect to the network path. Are you potentially on a newer build of Windows 10?

I’ve build the image for openstack via https://github.com/cloudbase/windows-openstack-imaging-tools
It’s Win10 Pro N

`
PS C:\Users\Admin> [System.Environment]::OSVersion.Version
Major Minor Build Revision

10 0 19041 0
`

The issue you’ve linked seems relevant, but in my case even net use doesn’t work when ansible_become_pass is set, i’ve found out that that when i use bacome w/o password all steps are executed in the same logon session (i’ve check it with subsequent win_whoami),
when become is used with password defined logon session ids are different, but it should work, cause cmdkey sees the target’s creds.

So workarounds for me:

1. delete ansible_become_pass var
2. define usename/password (for initial connection) for ansible_become_pass.

And the one more strange thing is that Error code may vary, sometimes it’s 86, sometimes it’s - “The user name or password is incorrect, Win32ErrorCode 1326” - this one is far beyond my understanding.

My initial task was to mount share for java app which works via nssm under Local System Account privelegies (i guess it’s the same as runas + SYSTEM user), so for that purpose (thx to your blog’s article) i’ve used “global” scope mapping.

Sorry, the 2nd one was incorrect:

So workarounds for me:

1. delete ansible_become_pass var
2. define usename/password (for initial connection) for win_mapped_drive

пятница, 19 июня 2020 г. в 17:58:01 UTC+3, viten...@gmail.com: