Hello Ronald,
On 3/1/19 11:19 AM, Ronald Wimmer via FreeIPA-users wrote:
Hi,
I set up relevant ansible files exaclty like described in:
https://www.freeipa.org/page/V4/ClientInstallationWithAnsible#Ansible_ipa...
The ipaclient role was fetched from here:
https://github.com/freeipa/ansible-freeipa/tree/master/roles
Uninstalling an ipaclient works. Installing an ipaclient fails with:
> ERROR! no action detected in task. This often indicates a misspelled module
> name, or incorrect module path.
>
> The error appears to have been in '/srv/ansible/install.yml': line 12, column
> 5, but may
> be elsewhere in the file depending on the exact syntax problem.
>
> The offending line appears to be:
>
>
> - name: Configure IPA client
> ^ here
Most likely the ipaclient module cannot be found. I downloaded
https://github.com/freeipa/ansible-freeipa/tree/master/module_utils and put the
three python files into the library directory next to my install.yml playbook
file. I also put them into ~/.ansible/plugins/modules. But that still did not
work.
This is my install.yml:
Please clone and use the roles from ansible-freeipa as described in
https://github.com/freeipa/ansible-freeipa/blob/master/README.md
It is needed to clone the repo, and start the installation from inside the
repository. module_utils may not be placed within the library directory.
Ansible is expecting them in and also only loading them from the module_utils
directory.
> ---
> - name: Playbook to configure IPA clients with username/password
> hosts: ipaclients
> become: true
>
> tasks:
> - name: Install IPA client package
> package:
> name: ipa-client
> state: present
>
> - name: Configure IPA client
> ipaclient:
> state: present
> domain: "{{ ipaclient_domain }}"
> realm: "{{ ipaclient_realm }}"
> principal: "{{ ipaclient_principal }}"
> password: "{{ ipaclient_password }}"
> extra_args: "{{ ipaclient_extraargs }}"
The package installation process is part of the ipaclient role. There is no
need to set domain, realm, .. in the playbook as these are already set in the
inventory file below. Please have a look at
https://github.com/freeipa/ansible-freeipa/blob/master/README.md and
https://github.com/freeipa/ansible-freeipa/blob/master/CLIENT.md .
And this my inventory file:
> [ipaclients]
> ipa-test.linux.mydomain.at
>
> [ipaclients:vars]
> ipaclient_domain=linux.mydomain.at
> ipaclient_realm=LINUX.MYDOMAIN.AT
> #ipaclient_extraargs=[ '--kinit-attempts=3', '--mkhomedir']
> ipaclient_principal=enroll
> ipaclient_password=somepass
How old is your clone of the ansible-freeipa repository? ipaclient_extraargs
was only used in the beginning. ipaclient_principal is the wrong name. Please
update your ansible-freeipa clone.
What am I missing here?
Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
Regards,
Thomas