search

ansible-collections / community.windows

Windows community collection for Ansible
https://galaxy.ansible.com/community/windows
GNU General Public License v3.0
193 stars 152 forks source link

win_dns_record: state changed but nothing is done when adding record #564

Open nuuantoine opened 2 months ago

nuuantoine commented 2 months ago
SUMMARY

Trying to add record to DNS using win_dns_record : 

  tasks:
   - name: Create DNS record
     community.windows.win_dns_record:
       name: "thisisatestrecord"
       zone: "domain.lan"
       type: "A"
       value: "10.4.95.70"
       computer_name: "DNS-SERVER.domain.lan"
     delegate_to: bastion-machine

WinRM Connection works, I can run thos command from a powershell session myself. the status I get is Changed.
However being adding a record or editing a record do not do anything.

ISSUE TYPE
COMPONENT NAME

win_dns_record

ANSIBLE VERSION
ansible [core 2.15.8]
  config file = None
  configured module search path = ['/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
  ansible collection location = /runner/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.9.18 (main, Jan  4 2024, 00:00:00) [GCC 11.4.1 20231218 (Red Hat 11.4.1-3)] (/usr/bin/python3)
  jinja version = 3.1.3
  libyaml = True
COLLECTION VERSION
amazon.aws              7.2.0
ansible.netcommon       6.0.0
ansible.posix           1.5.4
ansible.utils           3.0.0
ansible.windows         2.2.0
awx.awx                 23.6.0
azure.azcollection      2.1.1
chocolatey.chocolatey   1.5.1
cloud.common            3.0.0
community.general       8.2.0
community.mongodb       1.4.2
community.vmware        4.0.1
community.windows       2.1.0
datadog.dd              5.0.1
f5networks.f5_modules   1.27.1
google.cloud            1.3.0
kubernetes.core         3.0.0
openstack.cloud         2.2.0
ovirt.ovirt             3.2.0
redhatinsights.insights 1.2.2
theforeman.foreman      4.0.0
vmware.vmware_rest      3.0.0
EXPECTED RESULTS

DNS record is updated or added.

ACTUAL RESULTS

Everything seems OK but nothing happen on the DNS server.
No modification, no new record either.

Using module file /usr/share/ansible/collections/ansible_collections/community/windows/plugins/modules/win_dns_record.ps1
Pipelining is enabled.
<bastion-machine.DOMAIN.LAN> ESTABLISH WINRM CONNECTION FOR USER: ADMIN@DOMAIN.LAN on PORT 5985 TO bastion-machine.DOMAIN.LAN
creating Kerberos CC at /tmp/tmpl0w0iyc3
calling kinit with pexpect for principal ADMIN@DOMAIN.LAN
kinit succeeded for principal ADMIN@DOMAIN.LAN
<bastion-machine.DOMAIN.LAN> WINRM CONNECT: transport=kerberos endpoint=http://bastion-machine.DOMAIN.LAN:5985/wsman
<bastion-machine.DOMAIN.LAN> WINRM OPEN SHELL: 06AF7DF0-4E52-4037-8726-A8B0FBDBEB3B
EXEC (via pipeline wrapper)
<bastion-machine.DOMAIN.LAN> WINRM EXEC 'PowerShell' ['-NoProfile', '-NonInteractive', '-ExecutionPolicy', 'Unrestricted', '-EncodedCommand', '[TRUNCATED]']
<bastion-machine.DOMAIN.LAN> WINRM RESULT '<Response code 0, out "{"changed":true,"inv", err "#< CLIXML\\r\\n<Objs Ver">'
<bastion-machine.DOMAIN.LAN> WINRM CLOSE SHELL: 06AF7DF0-4E52-4037-8726-A8B0FBDBEB3B

<bastion-machine.domain.lan> WINRM CLOSE SHELL: 06AF7DF0-4E52-4037-8726-A8B0FBDBEB3B
changed: [machine -> bastion-machine.domain.lan] => {
    "changed": true,
    "debug_splat_args": {
        "A": true,
        "IPv4Address": "10.4.95.70"
    },
    "invocation": {
        "module_args": {
            "aging": false,
            "computer_name": "DNS-SERVER.domain.lan",
            "name": "thisisatestrecord",
            "port": null,
            "priority": null,
            "state": "present",
            "ttl": 3600,
            "type": "A",
            "value": [
                "10.4.95.70"
            ],
            "weight": null,
            "zone": "domain.lan",
            "zone_scope": null
        }
    }
}

Truncated part convert to that output (using base64 -d twice gices that: 

&chcp.com 65001 > $null
if ($PSVersionTable.PSVersion -lt [Version]"3.0") {
'{"failed":true,"msg":"Ansible requires PowerShell v3.0 or newer"}'
exit 1
}
$exec_wrapper_str = $input | Out-String
$split_parts = $exec_wrapper_str.Split(@("`0`0`0`0"), 2, [StringSplitOptions]::RemoveEmptyEntries)
If (-not $split_parts.Length -eq 2) { throw "invalid payload" }
Set-Variable -Name json_raw -Value $split_parts[1]
$exec_wrapper = [ScriptBlock]::Create($splbase64: invalid input
rhounsell commented 1 month ago

We are experiencing similar behaviour when trying to add a CNAME to a DNS forward lookup table using community.windows.win_dns_record. Occasionally, the CNAME will simply not be present when examining the DNS configuration in the DNS Manager dialog of the Server Manager tool. No error indication of any kind.

Ansible [core 2.16.7] python version 3.10.12 jinja version 3.1.4 libyaml = true

community.windows 2.2.0