Ansible ND Playbook not working with Remote User

[soumukhe]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions:

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ ansible --version ansible 2.9.6 config file = /etc/ansible/ansible.cfg configured module search path = ['/home/aciadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/lib/python3.7/site-packages/ansible executable location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/bin/ansible python version = 3.7.9 (default, Aug 24 2020, 23:58:02) [GCC 7.5.0]

ND Version: tried both vND 2.1.1e and vND 2.1.1d

Description

Ansible ND Playbook not working with Remote User

Details:

inventory file (vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat hosts

[nd]
nd1 ansible_host=10.0.0.94

[nd:vars]
ansible_connection=ansible.netcommon.httpapi
ansible_network_os=cisco.nd.nd
#ansible_network_os=cisco.mso.mso
ansible_httpapi_validate_certs=False
ansible_httpapi_use_ssl=True
ansible_httpapi_use_proxy=True
ansible_python_interpreter=/usr/bin/python3

playbook (vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat nd-simpleQuery_remoteUser.yaml

- hosts: nd
  gather_facts: no
  connection: httpapi

  tasks:
  - name: Get ND version
    cisco.nd.nd_version:
        host: "nd"
        username: "soumukhe"
        password: "soumu101"
        login_domain: "raddb"
        validate_certs: false
        state: query

usage: ansible-playbook nd-simpleQuery_remoteUser.yaml -i hosts -vvv

Results of running playbook with Remote User: (please note that soumukhe/soumu101 is a legitimate nd remote user using radius domain)

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ ansible-playbook nd-simpleQuery_remoteUser.yaml -i hosts -vvv
ansible-playbook 2.9.6
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/aciadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/lib/python3.7/site-packages/ansible
  executable location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/bin/ansible-playbook
  python version = 3.7.9 (default, Aug 24 2020, 23:58:02) [GCC 7.5.0]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
script declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
auto declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
Parsed /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts inventory source with ini plugin

PLAYBOOK: nd-simpleQuery_remoteUser.yaml ******************************************************************************************************************************************************************************************************
1 plays in nd-simpleQuery_remoteUser.yaml

PLAY [nd] *************************************************************************************************************************************************************************************************************************************
META: ran handlers

TASK [Get ND version] *************************************************************************************************************************************************************************************************************************
task path: /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/nd-simpleQuery_remoteUser.yaml:6
<10.0.0.94> ESTABLISH LOCAL CONNECTION FOR USER: aciadmin
<10.0.0.94> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355 `" && echo ansible-tmp-1638138656.8873029-258455380168355="` echo /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355 `" ) && sleep 0'
Using module file /home/aciadmin/.ansible/collections/ansible_collections/cisco/nd/plugins/modules/nd_version.py
<10.0.0.94> PUT /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/tmp1jumdyb9 TO /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/AnsiballZ_nd_version.py
<10.0.0.94> EXEC /bin/sh -c 'chmod u+x /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/ /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c '/usr/bin/python3 /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c 'rm -f -r /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/ > /dev/null 2>&1 && sleep 0'
**The full traceback is:
  File "/tmp/ansible_cisco.nd.nd_version_payload_u0jv470e/ansible_cisco.nd.nd_version_payload.zip/ansible_collections/cisco/nd/plugins/module_utils/nd.py", line 201, in request
    info = conn.send_request(method, uri, json.dumps(data))
  File "/tmp/ansible_cisco.nd.nd_version_payload_u0jv470e/ansible_cisco.nd.nd_version_payload.zip/ansible/module_utils/connection.py", line 185, in __rpc__
    raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [nd1]: FAILED! => {**
    "changed": false,
    "current": {},
    "data": null,
    "invocation": {
        "module_args": {
            "host": "nd",
            "login_domain": "raddb",
            "output_level": "normal",
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": null,
            "state": "query",
            "timeout": 30,
            "use_proxy": null,
            "use_ssl": null,
            "username": "soumukhe",
            "validate_certs": null
        }
    },
    "msg": {
        "error": "Invalid Username/Password",
        "statusCode": 401
    }
}

PLAY RECAP ************************************************************************************************************************************************************************************************************************************
nd1                        : ok=0    changed=0    unreachable=0    **failed=1**    skipped=0    rescued=0    ignored=0   

As a side note, this works fine with local user

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat nd-simpleQuery_localUser.yaml

- hosts: nd
  gather_facts: no
  connection: httpapi

  tasks:
  - name: Get ND version
    cisco.nd.nd_version:
        host: "nd"
        username: "ansible"
        password: "Ansible101!"
        validate_certs: false
        #login_domain: "raddb"
        state: query

#usage:  ansible-playbook nd-simpleQuery_localUser.yaml -i hosts -vvv 

Results when playbook run with local user:

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ ansible-playbook nd-simpleQuery_localUser.yaml -i hosts -vvv
ansible-playbook 2.9.6
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/aciadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/lib/python3.7/site-packages/ansible
  executable location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/bin/ansible-playbook
  python version = 3.7.9 (default, Aug 24 2020, 23:58:02) [GCC 7.5.0]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
script declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
auto declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
Parsed /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts inventory source with ini plugin

PLAYBOOK: nd-simpleQuery_localUser.yaml *******************************************************************************************************************************************************************************************************
1 plays in nd-simpleQuery_localUser.yaml

PLAY [nd] *************************************************************************************************************************************************************************************************************************************
META: ran handlers

TASK [Get ND version] *************************************************************************************************************************************************************************************************************************
task path: /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/nd-simpleQuery_localUser.yaml:6
<10.0.0.94> ESTABLISH LOCAL CONNECTION FOR USER: aciadmin
<10.0.0.94> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207 `" && echo ansible-tmp-1638139060.748573-221645577411207="` echo /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207 `" ) && sleep 0'
Using module file /home/aciadmin/.ansible/collections/ansible_collections/cisco/nd/plugins/modules/nd_version.py
<10.0.0.94> PUT /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/tmp4k_gxgs0 TO /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/AnsiballZ_nd_version.py
<10.0.0.94> EXEC /bin/sh -c 'chmod u+x /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/ /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c '/usr/bin/python3 /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c 'rm -f -r /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/ > /dev/null 2>&1 && sleep 0'
ok: [nd1] => {
    "changed": false,
    "current": {
        "build_host": "kube13",
        "build_time": "now",
        "commit_id": "fa370d783",
        "maintenance": 1,
        "major": 2,
        "minor": 1,
        "patch": "d",
        "product_id": "nd",
        "product_name": "Nexus Dashboard",
        "release": false,
        "user": "root"
    },
    "data": null,
    "invocation": {
        "module_args": {
            "host": "nd",
            "login_domain": "local",
            "output_level": "normal",
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": null,
            "state": "query",
            "timeout": 30,
            "use_proxy": null,
            "use_ssl": null,
            "username": "ansible",
            "validate_certs": null
        }
    },
    "socket": "/home/aciadmin/.ansible/pc/df36fcc82e"
}
META: ran handlers
META: ran handlers

PLAY RECAP ************************************************************************************************************************************************************************************************************************************
nd1                        : ok=1    changed=0    unreachable=0    **failed=0**    skipped=0    rescued=0    ignored=0   

[lhercot]

This is fixed in v0.1.1. Please update using ansible-galaxy collection install cisco.nd --force

[soumukhe]

Lionel, Thank You for fixing this !!! I tested this out and it works fine now.

Note from Lionel:

Fixed in ND collection release v0.1.1

You can update by running: ansible-galaxy collection install cisco.nd --force