I use 2.9 and playbook
---
- name: become as SYSTEM
win_whoami:
become: yes
become_method: runas
become_user: System
register: sys_whoami
- debug: var=sys_whoami
---
All work no problem.
Add line : ansible_become_flags: logon_type=new_credentials
logon_flags=netcredentials_only
ERROR:
---
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: at
System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame
frame)
fatal: [VM-WIN81-1.AD]: FAILED! => {"changed": false, "msg": "internal
error: failed to become user 'System': Exception calling
\"CreateProcessAsUser\" with \"9\" argument(s): \"Failed to get token for
NT AUTHORITY\\SYSTEM required for become as a service account or an account
without a password\""}
============================================
I change ansible to version 2.7
Both options work without any problems.
=====
wbinfo -n "NT AUTHORITY\\SYSTEM"
S-1-5-18 SID_WKN_GROUP (5)
wbinfo -s S-1-5-18
NT AUTHORITY\system 5
среда, 24 мая 2023 г. в 16:22:14 UTC+4, [email protected]:
> Pardon my English.
> I have a fully configured CentOS 7. I want to overwrite a file from a
> remote samba server (it enters AD via winbind) to a remote windows computer
> in the same domain.
>
> In the beginning, nothing worked. I added a line:
> ansible_become_flags: logon_type=new_credentials
> logon_flags=netcredentials_only
>
> Ansible 2.7 worked without any problems but 2.9 doesn't work.
>
> Is this really broken in 2.9 ?
> (ansible 2.9 from epel el7)
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/dabc92c4-855a-4319-bf89-45f56005ed91n%40googlegroups.com.
