无法通过“领域:无法加入领域:无权执行此操作”

无法通过“领域:无法加入领域:无权执行此操作”
- name: Add targeted machine to domain
  become_user: <local user>
  expect:
   command: /bin/bash -c "/usr/sbin/realm join --user={{ prompted_user }}@domain.com domain.com
   responses:
     Password for .*: "{{ prompted_pass }}"

fatal: [<host-ip>]: FAILED => {
     "changed":true,
     "cmd": "bin/bash -c \"/usr/sbin/realm join [email protected] domain.com\"",
     "delta": "0:00:00.459430"
     "end"; "<date_time>"
     "invocation" : {
         "module_args": {
             "chdir": null,
             "command": "bin/bash -c \"/usr/sbin/realm join [email protected] domain.com\"",
             "creates": null,
             "echo": false
             "removes": null,
             "responses" : { 
                 "Password for .*": "<prompted_pass>"
             },
             "timeout": 30
        }
},
"msg": "non-zero return code",
"rc": 1,
"start": "<data_time>"
"stdout": "Password for [email protected]: \r\nrealm: Couldn't join realm: Not authorized to perform this action:,
"stdout_lines": [
    "Password for [email protected]: ",
    "realm: Couldn't join realm: Not authorized to perform this action"
    ]
}

顶部是任务,底部是输出。我不知道为什么它不传递密码,或者,如果是,我不知道为什么它不运行 sudo 当我在没有 ansible 的情况下以传统方式执行这些操作时,它工作得很好。绝对需要帮助。

谢谢

答案1

假设 prompt_user 和 prompt_pass 变量在其他地方填充,看起来像是become: yes缺失的,become_user:应该是root

- name: Add targeted machine to domain
  become_user: root
  become: yes
  expect:
   command: /bin/bash -c "/usr/sbin/realm join --user={{ prompted_user }}@domain.com domain.com
   responses:
     Password for .*: "{{ prompted_pass }}"

注意:如果您的角色中的或文件中有become_user: root和,或者您已经在命令行、剧本或角色级别应用它们,则无需在任务级别应用它们。become_method: sudo/etc/ansible/ansible.cfgansible.config

相关内容