Hi,
I set up relevant ansible files exaclty like described in:
https://www.freeipa.org/page/V4/ClientInstallationWithAnsible#Ansible_ipacli...
The ipaclient role was fetched from here: https://github.com/freeipa/ansible-freeipa/tree/master/roles
Uninstalling an ipaclient works. Installing an ipaclient fails with:
ERROR! no action detected in task. This often indicates a misspelled module name, or incorrect module path.
The error appears to have been in '/srv/ansible/install.yml': line 12, column 5, but may be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Configure IPA client ^ here
Most likely the ipaclient module cannot be found. I downloaded https://github.com/freeipa/ansible-freeipa/tree/master/module_utils and put the three python files into the library directory next to my install.yml playbook file. I also put them into ~/.ansible/plugins/modules. But that still did not work.
This is my install.yml:
- name: Playbook to configure IPA clients with username/password
hosts: ipaclients become: true
tasks: - name: Install IPA client package package: name: ipa-client state: present
- name: Configure IPA client ipaclient: state: present domain: "{{ ipaclient_domain }}" realm: "{{ ipaclient_realm }}" principal: "{{ ipaclient_principal }}" password: "{{ ipaclient_password }}" extra_args: "{{ ipaclient_extraargs }}"
And this my inventory file:
[ipaclients] ipa-test.linux.mydomain.at
[ipaclients:vars] ipaclient_domain=linux.mydomain.at ipaclient_realm=LINUX.MYDOMAIN.AT #ipaclient_extraargs=[ '--kinit-attempts=3', '--mkhomedir'] ipaclient_principal=enroll ipaclient_password=somepass
What am I missing here?
Cheers, Ronald
Hello Ronald,
On 3/1/19 11:19 AM, Ronald Wimmer via FreeIPA-users wrote:
Hi,
I set up relevant ansible files exaclty like described in:
https://www.freeipa.org/page/V4/ClientInstallationWithAnsible#Ansible_ipacli...
The ipaclient role was fetched from here: https://github.com/freeipa/ansible-freeipa/tree/master/roles
Uninstalling an ipaclient works. Installing an ipaclient fails with:
ERROR! no action detected in task. This often indicates a misspelled module name, or incorrect module path.
The error appears to have been in '/srv/ansible/install.yml': line 12, column 5, but may be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Configure IPA client ^ here
Most likely the ipaclient module cannot be found. I downloaded https://github.com/freeipa/ansible-freeipa/tree/master/module_utils and put the three python files into the library directory next to my install.yml playbook file. I also put them into ~/.ansible/plugins/modules. But that still did not work.
This is my install.yml:
Please clone and use the roles from ansible-freeipa as described in https://github.com/freeipa/ansible-freeipa/blob/master/README.md
It is needed to clone the repo, and start the installation from inside the repository. module_utils may not be placed within the library directory. Ansible is expecting them in and also only loading them from the module_utils directory.
- name: Playbook to configure IPA clients with username/password
hosts: ipaclients become: true
tasks: - name: Install IPA client package package: name: ipa-client state: present
- name: Configure IPA client ipaclient: state: present domain: "{{ ipaclient_domain }}" realm: "{{ ipaclient_realm }}" principal: "{{ ipaclient_principal }}" password: "{{ ipaclient_password }}" extra_args: "{{ ipaclient_extraargs }}"
The package installation process is part of the ipaclient role. There is no need to set domain, realm, .. in the playbook as these are already set in the inventory file below. Please have a look at https://github.com/freeipa/ansible-freeipa/blob/master/README.md and https://github.com/freeipa/ansible-freeipa/blob/master/CLIENT.md .
And this my inventory file:
[ipaclients] ipa-test.linux.mydomain.at
[ipaclients:vars] ipaclient_domain=linux.mydomain.at ipaclient_realm=LINUX.MYDOMAIN.AT #ipaclient_extraargs=[ '--kinit-attempts=3', '--mkhomedir'] ipaclient_principal=enroll ipaclient_password=somepass
How old is your clone of the ansible-freeipa repository? ipaclient_extraargs was only used in the beginning. ipaclient_principal is the wrong name. Please update your ansible-freeipa clone.
What am I missing here?
Cheers, Ronald
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
Regards, Thomas
On 01.03.19 16:49, Thomas Woerner wrote:
Hello Ronald,
[...]
How old is your clone of the ansible-freeipa repository? ipaclient_extraargs was only used in the beginning. ipaclient_principal is the wrong name. Please update your ansible-freeipa clone.
Oh my god. You were completely right. Everything works perfectly now.
Cheers Ronald
freeipa-users@lists.fedorahosted.org