lowlydba
[Bug] SPN creation is successful but the ansible task is reported as FAILED.
Describe the bug spn is created but ansible task fails and reports changed: "false".
To Reproduce Create an availability groups where the engine is ran under a GMSA. Use
lowlydba.sqlserver.spn:
computer: db1.domain.com
service_account: "DOMAIN\\g9540dbs$"
The ansible task will fail, but it will create the SPN. The error message is changed: "false", msg: "Configuring SPN failed: Exception calling "CommitChanges" with "0" argument(s): "Access is denied.\r\n""
Expected behavior The ansible task to be successful.
Versions(please complete the following information):
- OS: server 2022
- SQL Server: 2022
- PowerShell: 5.1.20348.2031
Additional context Add any other context about the problem here. I'm using a GMSA to run the sql server engine.
Is it possible that SPN creation was successful on some AD object(s), but failed on other(s), like the listener computer object?
@briantist unfortunately not, I ran this before a listener was even created.
Can you try running with verbose output, and also include your dbatools version? If you can also try doing the creation directly with the DBATools command, that would be helpful to isolate the issue.
I will get to it when I'm back in the office on Wednesday, I haven't been able to replicate the problem locally on my cluster of VMs.
@DorBreger Were you able to reliably reproduce? If not, this issue can be closed I think
I haven't tried, switched to using microsoft.ad.service_account. can be closed for now as far as I am concerned.