When installing on Windows with via Python and VMWare, following error occurs during the vulnerabilities.yml playbook:
TASK [ps : Play task ../ad/GOAD/scripts/asrep_roasting.ps1] ************************************************************
changed: [dc02]
[started TASK: ps : Play task {{ps_script}} on dc02]
TASK [ps : Play task ../ad/GOAD/scripts/constrained_delegation_use_any.ps1] ********************************************
changed: [dc02]
[started TASK: ps : Play task {{ps_script}} on dc02]
TASK [ps : Play task ../ad/GOAD/scripts/constrained_delegation_kerb_only.ps1] ******************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NoneType: None
fatal: [dc02]: FAILED! => {"changed": true, "msg": "non-zero return code", "rc": 1, "stderr": "Cannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'.At C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1:2 char:1+ Set-ADComputer -Identity \"castelblack$\" -ServicePrincipalNames @{Add= ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (castelblack$:ADComputer) [Set-ADComputer], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADComputerScriptStackTrace:at <ScriptBlock>, C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1: line 2at <ScriptBlock>, <No file>: line 1Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException: Cannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'. at Microsoft.ActiveDirectory.Management.Commands.ADFactoryUtil.GetObjectFromIdentitySearcher(ADObjectSearcher searcher, ADEntity identityObj, String searchRoot, AttributeSetRequest attrs, CmdletSessionInfo cmdletSessionInfo, String[]& warningMessages) at Microsoft.ActiveDirectory.Management.Commands.ADFactory`1.GetDirectoryObjectFromIdentity(T identityObj, String searchRoot, Boolean showDeleted) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.SetFromIdentity(O identity) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.ADSetCmdletBaseProcessCSRoutine() at Microsoft.ActiveDirectory.Management.CmdletSubroutinePipeline.Invoke() at Microsoft.ActiveDirectory.Management.Commands.ADCmdletBase`1.ProcessRecord()\r\nCannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'.At C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1:3 char:1+ Set-ADComputer -Identity \"castelblack$\" -Add @{'msDS-AllowedToDelegat ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (castelblack$:ADComputer) [Set-ADComputer], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADComputerScriptStackTrace:at <ScriptBlock>, C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1: line 3at <ScriptBlock>, <No file>: line 1Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException: Cannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'. at Microsoft.ActiveDirectory.Management.Commands.ADFactoryUtil.GetObjectFromIdentitySearcher(ADObjectSearcher searcher, ADEntity identityObj, String searchRoot, AttributeSetRequest attrs, CmdletSessionInfo cmdletSessionInfo, String[]& warningMessages) at Microsoft.ActiveDirectory.Management.Commands.ADFactory`1.GetDirectoryObjectFromIdentity(T identityObj, String searchRoot, Boolean showDeleted) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.SetFromIdentity(O identity) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.ADSetCmdletBaseProcessCSRoutine() at Microsoft.ActiveDirectory.Management.CmdletSubroutinePipeline.Invoke() at Microsoft.ActiveDirectory.Management.Commands.ADCmdletBase`1.ProcessRecord()", "stderr_lines": ["Cannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'.At C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1:2 char:1+ Set-ADComputer -Identity \"castelblack$\" -ServicePrincipalNames @{Add= ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (castelblack$:ADComputer) [Set-ADComputer], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADComputerScriptStackTrace:at <ScriptBlock>, C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1: line 2at <ScriptBlock>, <No file>: line 1Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException: Cannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'. at Microsoft.ActiveDirectory.Management.Commands.ADFactoryUtil.GetObjectFromIdentitySearcher(ADObjectSearcher searcher, ADEntity identityObj, String searchRoot, AttributeSetRequest attrs, CmdletSessionInfo cmdletSessionInfo, String[]& warningMessages) at Microsoft.ActiveDirectory.Management.Commands.ADFactory`1.GetDirectoryObjectFromIdentity(T identityObj, String searchRoot, Boolean showDeleted) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.SetFromIdentity(O identity) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.ADSetCmdletBaseProcessCSRoutine() at Microsoft.ActiveDirectory.Management.CmdletSubroutinePipeline.Invoke() at Microsoft.ActiveDirectory.Management.Commands.ADCmdletBase`1.ProcessRecord()", "Cannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'.At C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1:3 char:1+ Set-ADComputer -Identity \"castelblack$\" -Add @{'msDS-AllowedToDelegat ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (castelblack$:ADComputer) [Set-ADComputer], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADComputerScriptStackTrace:at <ScriptBlock>, C:\\Users\\vagrant\\AppData\\Local\\Temp\\ansible-tmp-1729624503.4768317-9182-219099530930137\\constrained_delegation_kerb_only.ps1: line 3at <ScriptBlock>, <No file>: line 1Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException: Cannot find an object with identity: 'castelblack$' under: 'DC=north,DC=sevenkingdoms,DC=local'. at Microsoft.ActiveDirectory.Management.Commands.ADFactoryUtil.GetObjectFromIdentitySearcher(ADObjectSearcher searcher, ADEntity identityObj, String searchRoot, AttributeSetRequest attrs, CmdletSessionInfo cmdletSessionInfo, String[]& warningMessages) at Microsoft.ActiveDirectory.Management.Commands.ADFactory`1.GetDirectoryObjectFromIdentity(T identityObj, String searchRoot, Boolean showDeleted) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.SetFromIdentity(O identity) at Microsoft.ActiveDirectory.Management.Commands.ADSetCmdletBase`3.ADSetCmdletBaseProcessCSRoutine() at Microsoft.ActiveDirectory.Management.CmdletSubroutinePipeline.Invoke() at Microsoft.ActiveDirectory.Management.Commands.ADCmdletBase`1.ProcessRecord()"], "stdout": "", "stdout_lines": []}
[started TASK: ps : Play task {{ps_script}} on dc03]
TASK [ps : Play task ../ad/GOAD/scripts/asrep_roasting2.ps1] ***********************************************************
changed: [dc03]
PLAY RECAP *************************************************************************************************************
dc01 : ok=9 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
dc02 : ok=11 changed=5 unreachable=0 failed=1 skipped=2 rescued=0 ignored=0
dc03 : ok=5 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
srv02 : ok=13 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
srv03 : ok=10 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
Connection to 192.168.56.3 closed.
[-] 3 fails abort.
[-] Something wrong during the provisioning task : vulnerabilities.yml
The same error persists after reinstalling the lab.
Important to note
The provisioning of non 2019 servers aka. DC03 and SRV03 fail.
DC03 timesout at fix_ip.ps1 even though it runs successfully.
SRV03 timesout at connecting WinRM even though the server is reachable.
I fixed it by running the missing scripts manually.
Because of the failed install, I can't be sure the playbook error doesn't occure because of the failed provision.
AV and firewall were turned off during download and install and VMWares Networksettings are correct.
Mayfly277
commented
4 weeks ago
When installing on Windows with via Python and VMWare, following error occurs during the vulnerabilities.yml playbook:
The same error persists after reinstalling the lab.
Important to note
The provisioning of non 2019 servers aka. DC03 and SRV03 fail. DC03 timesout at fix_ip.ps1 even though it runs successfully. SRV03 timesout at connecting WinRM even though the server is reachable.
I fixed it by running the missing scripts manually.
Because of the failed install, I can't be sure the playbook error doesn't occure because of the failed provision.
AV and firewall were turned off during download and install and VMWares Networksettings are correct.