search

ansible-collections / microsoft.ad

Ansible collection for Active Directory management
GNU General Public License v3.0
39 stars 22 forks source link

Unable to parse microsoft.ad.ldap.yaml #90

Closed Akasurde closed 7 months ago

Akasurde commented 8 months ago

Summary

ansible-inventory -i inventories/microsoft.ad.ldap.yml --list -vvv

Gets error about not able to parse yaml file.

Issue Type

Bug Report

Component Name

microsoft.ad.ldap dynamic inventory

Ansible Version

$ ansible --version
ansible-core.x86_64                                                           1:2.14.9-1.el9

Configuration

ansible [core 2.14.9]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ansible/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.9.18 (main, Jan  4 2024, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

pip3.9 is installed and pip3.11

[ansible@ct01 inventories]$ pip3.11 list
Package      Version
------------ -------
cffi         1.16.0
cryptography 42.0.2
pip          22.3.1
pycparser    2.21
pyspnego     0.10.2
setuptools   65.5.1

OS / Environment

Red Hat Enterprise Linux release 9.3 (Plow)

Steps to Reproduce

ansible-inventory -i inventories/microsoft.ad.ldap.yml --list -vvv

ansible-inventory [core 2.14.9]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ansible/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-inventory
  python version = 3.9.18 (main, Jan  4 2024, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
auto declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
[WARNING]: Unable to parse /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
{
    "_meta": {
        "hostvars": {}
    },
    "all": {
        "children": [
            "ungrouped"
        ]
    }
}
[ansible@ct01 inventories]$

Expected Results

Should not do that I expect to list target hosts.

Actual Results

[ansible@ct01 inventories]$ ansible-inventory -i inventories/microsoft.ad.ldap.yml --list -vvv
ansible-inventory [core 2.14.9]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ansible/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-inventory
  python version = 3.9.18 (main, Jan  4 2024, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
auto declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as it did not pass its verify_file() method
[WARNING]: Unable to parse /home/ansible/inventories/inventories/microsoft.ad.ldap.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
{
    "_meta": {
        "hostvars": {}
    },
    "all": {
        "children": [
            "ungrouped"
        ]
    }
}
[ansible@ct01 inventories]$

Code of Conduct

Akasurde commented 8 months ago

cc @andysmagana

jborean93 commented 8 months ago

Can you share the actual microsoft.ad.ldap.yaml file please @andysmagana. Looking briefly at https://github.com/ansible/ansible/issues/82633#issuecomment-1921048349 the error seems to be

[WARNING]:  * Failed to parse /home/ansible/inventories/microsoft.ad.ldap.yml with ansible_collections.microsoft.ad.plugins.inventory.ldap plugin: Cannot lookup server without the
python libraries krb5
  File "/usr/lib/python3.9/site-packages/ansible/inventory/manager.py", line 293, in parse_source
    plugin.parse(self._inventory, self._loader, source, cache=cache)
  File "/home/ansible/collections/ansible_collections/microsoft/ad/plugins/inventory/ldap.py", line 310, in parse
    with create_ldap_connection(**connection_options) as client:
  File "/home/ansible/collections/ansible_collections/microsoft/ad/plugins/plugin_utils/_ldap/__init__.py", line 86, in create_ldap_connection
    server, lookup_port = lookup_ldap_server()
  File "/home/ansible/collections/ansible_collections/microsoft/ad/plugins/plugin_utils/_ldap/_lookup.py", line 88, in lookup_ldap_server
    raise ImportError(f"Cannot lookup server without the python libraries {', '.join(missing_libs)}")

It seems like you haven't specified a domain controller to lookup, the implicit domain controller only works if you have certain Python libraries installed and Kerberos has been configured with a default realm. In this case the error is saying you don't have the krb5 Python library. You can see more by running the microsoft.ad.debug_ldap_client

- hosts: localhost
  gather_facts: false
  tasks:
  - microsoft.ad.debug_ldap_client:

The packages return value tells you what Python libraries are present and what ones are misssing. If the krb5 Python library is installed it also tells you what the default realm would be as well as some other information that might be useful.

jborean93 commented 7 months ago

Closing due to no response.