Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

win_dns_record: state changed but nothing is done when adding record #564

Open
ySp-chld opened this issue May 6, 2024 · 3 comments
Open

Comments

@ySp-chld
Copy link

ySp-chld commented May 6, 2024

SUMMARY

Trying to add record to DNS using win_dns_record :

  tasks:
   - name: Create DNS record
     community.windows.win_dns_record:
       name: "thisisatestrecord"
       zone: "domain.lan"
       type: "A"
       value: "10.4.95.70"
       computer_name: "DNS-SERVER.domain.lan"
     delegate_to: bastion-machine

WinRM Connection works, I can run thos command from a powershell session myself. the status I get is Changed.
However being adding a record or editing a record do not do anything.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

win_dns_record

ANSIBLE VERSION
ansible [core 2.15.8]
  config file = None
  configured module search path = ['/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
  ansible collection location = /runner/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.9.18 (main, Jan  4 2024, 00:00:00) [GCC 11.4.1 20231218 (Red Hat 11.4.1-3)] (/usr/bin/python3)
  jinja version = 3.1.3
  libyaml = True
COLLECTION VERSION
amazon.aws              7.2.0
ansible.netcommon       6.0.0
ansible.posix           1.5.4
ansible.utils           3.0.0
ansible.windows         2.2.0
awx.awx                 23.6.0
azure.azcollection      2.1.1
chocolatey.chocolatey   1.5.1
cloud.common            3.0.0
community.general       8.2.0
community.mongodb       1.4.2
community.vmware        4.0.1
community.windows       2.1.0
datadog.dd              5.0.1
f5networks.f5_modules   1.27.1
google.cloud            1.3.0
kubernetes.core         3.0.0
openstack.cloud         2.2.0
ovirt.ovirt             3.2.0
redhatinsights.insights 1.2.2
theforeman.foreman      4.0.0
vmware.vmware_rest      3.0.0
EXPECTED RESULTS

DNS record is updated or added.

ACTUAL RESULTS

Everything seems OK but nothing happen on the DNS server.
No modification, no new record either.

Using module file /usr/share/ansible/collections/ansible_collections/community/windows/plugins/modules/win_dns_record.ps1
Pipelining is enabled.
<bastion-machine.DOMAIN.LAN> ESTABLISH WINRM CONNECTION FOR USER: ADMIN@DOMAIN.LAN on PORT 5985 TO bastion-machine.DOMAIN.LAN
creating Kerberos CC at /tmp/tmpl0w0iyc3
calling kinit with pexpect for principal ADMIN@DOMAIN.LAN
kinit succeeded for principal ADMIN@DOMAIN.LAN
<bastion-machine.DOMAIN.LAN> WINRM CONNECT: transport=kerberos endpoint=http://bastion-machine.DOMAIN.LAN:5985/wsman
<bastion-machine.DOMAIN.LAN> WINRM OPEN SHELL: 06AF7DF0-4E52-4037-8726-A8B0FBDBEB3B
EXEC (via pipeline wrapper)
<bastion-machine.DOMAIN.LAN> WINRM EXEC 'PowerShell' ['-NoProfile', '-NonInteractive', '-ExecutionPolicy', 'Unrestricted', '-EncodedCommand', '[TRUNCATED]']
<bastion-machine.DOMAIN.LAN> WINRM RESULT '<Response code 0, out "{"changed":true,"inv", err "#< CLIXML\\r\\n<Objs Ver">'
<bastion-machine.DOMAIN.LAN> WINRM CLOSE SHELL: 06AF7DF0-4E52-4037-8726-A8B0FBDBEB3B

<bastion-machine.domain.lan> WINRM CLOSE SHELL: 06AF7DF0-4E52-4037-8726-A8B0FBDBEB3B
changed: [machine -> bastion-machine.domain.lan] => {
    "changed": true,
    "debug_splat_args": {
        "A": true,
        "IPv4Address": "10.4.95.70"
    },
    "invocation": {
        "module_args": {
            "aging": false,
            "computer_name": "DNS-SERVER.domain.lan",
            "name": "thisisatestrecord",
            "port": null,
            "priority": null,
            "state": "present",
            "ttl": 3600,
            "type": "A",
            "value": [
                "10.4.95.70"
            ],
            "weight": null,
            "zone": "domain.lan",
            "zone_scope": null
        }
    }
}

Truncated part convert to that output (using base64 -d twice gices that:

&chcp.com 65001 > $null
if ($PSVersionTable.PSVersion -lt [Version]"3.0") {
'{"failed":true,"msg":"Ansible requires PowerShell v3.0 or newer"}'
exit 1
}
$exec_wrapper_str = $input | Out-String
$split_parts = $exec_wrapper_str.Split(@("`0`0`0`0"), 2, [StringSplitOptions]::RemoveEmptyEntries)
If (-not $split_parts.Length -eq 2) { throw "invalid payload" }
Set-Variable -Name json_raw -Value $split_parts[1]
$exec_wrapper = [ScriptBlock]::Create($splbase64: invalid input
@rhounsell
Copy link

We are experiencing similar behaviour when trying to add a CNAME to a DNS forward lookup table using community.windows.win_dns_record. Occasionally, the CNAME will simply not be present when examining the DNS configuration in the DNS Manager dialog of the Server Manager tool. No error indication of any kind.

Ansible [core 2.16.7]
python version 3.10.12
jinja version 3.1.4
libyaml = true

community.windows 2.2.0

@qgmathieu
Copy link

qgmathieu commented Aug 12, 2024

Same here, we tried adding type A records. The module is showing state changed with no errors, and if we replay it, it's green with OK state. However no DNS entry was created in our DNS server.

Here is how we use the module :

- name: Create a DNS record
  community.windows.win_dns_record:
    name: "mytest.mydomain.com"
    computer_name: "{{ my_dns_server_private_ip }}"
    type: "A"
    value: "{{ mytest_private_ip }} "
    zone: "mydomain.com"
  delegate_to: "{{ my_windows_server }}
  vars:
    ansible_user: {{ my_user }}
    ansible_password: "{{ my_password }}"
    ansible_connection: winrm
    ansible_port: 5986
    ansible_winrm_transport: credssp
    ansible_winrm_server_cert_validation: ignore

ansible [core 2.15.8]
python version = 3.9.19
jinja version = 3.1.4
libyaml = True
community.windows 2.2.0

@qgmathieu
Copy link

qgmathieu commented Aug 12, 2024

We found what our issue was. It turns out that when creating a type A record, you MUST remove the domain from the "name" field (similarly to CNAME records), contrary to what the example in the official documentation says :

The official doc example :

- name: Create database server record
  community.windows.win_dns_record:
    name: "cgyl1404p.amer.example.com"    --->  Does not work
    type: "A"
    value: "10.1.1.1"
    zone: "amer.example.com"

What you should do instead :

 - name: Create database server record
   community.windows.win_dns_record:
    name: "cgyl1404p"        ---> Works
    type: "A"
    value: "10.1.1.1"
    zone: "amer.example.com"

Leaving this here in case it helps someone.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants