Open danielladd opened 8 years ago
have you looked at the Overthere project? some useful troublshooting info, e.g https://github.com/xebialabs/overthere#kerberos-authentication-fails-with-the-message-server-not-found-in-kerberos-database-7
Yup, it looks like it might be a bug as I switched it for the rd-winrm-plugin and that works without issue. https://github.com/NetDocuments/rd-winrm-plugin
I have configured a Rundeck instance on a Ubuntu host on AWS with the overthere-winrm plugin in order to execute scripts against Windows hosts. The instance is configured to access these hosts as an Active Directory domain service account by retrieving a Kerberos ticket from a specified KDC. This configuration is working great locally where the machines Rundeck accesses are hosted on the same domain controller that the Kerberos ticket originates from:
When I attempt to have Rundeck connect to a domain host on RackSpace I receive a 401 authentication error.
When viewing the analytic event log for WinRM I only see that the service saw the request and returned a 401:
In the Rundeck log I get the following error:
I know that WinRM is setup correctly as I am able to use the powershell Test-WSMan function from a Windows host on AWS to connect to the Rackspace machine. Also, if I point Rundeck at the Rackspace Domain Controller I can still access the AWS windows servers, but not the Rackspace ones which has me confused.