Akasurde
commented
4 years ago From @JAORMX on Feb 13, 2019 17:23
I authored #52031 which added support for GSSAPI to the FreeIPA modules. So feel free to add me as a reviewer to PR when it comes up.
Closed Akasurde closed 4 years ago
Akasurde
commented
4 years ago From @JAORMX on Feb 13, 2019 17:23
I authored #52031 which added support for GSSAPI to the FreeIPA modules. So feel free to add me as a reviewer to PR when it comes up.
Akasurde
commented
4 years ago From @Akasurde on Feb 13, 2019 17:27
@JAORMX Yes, definitely.
Akasurde
commented
4 years ago From @Akasurde on Dec 12, 2019 03:35
cc @pgbidkar This is aligned with the requirement, you suggested me in the IRC conversation.
mariolenz
commented
4 years ago Integrated Windows Authentication (IWA) is deprecated in vSphere 7.
As far as I understand, you want to use a Kerberos ticket to authenticate to a vCenter or to an ESXi host. But you can't do that if the vCenter or the ESXi host isn't a member of the AD (Kerberos) domain if I understand AD / Kerberos correctly.
If I'm right, I wouldn't put work into this. I'd really like VMware to un-deprecate IWA, but as long as they don't I think implementing your feature request would be unnecessary work because it probably won't work for future vSphere versions. Do put some work into this if you want to, but keep in mind that IWA (as VMware calls it, that is: being an AD member) is deprecated.
Akasurde
commented
4 years ago @mariolenz Thanks for the valuable information. I think it is better to shelve the idea for now. Thanks.
From @Akasurde on Feb 13, 2019 17:16
SUMMARY
ISSUE TYPE
COMPONENT NAME
lib/ansible/module_utils/vmware.py
ADDITIONAL INFORMATION
Just like FreeIPA add support for GSSAPI for vmware_* modules.
https://github.com/ansible/ansible/pull/52031
Copied from original issue: ansible/ansible#52180