This setup is very straightforward in Linux and a little bit complicated in Windows because of how packages are managed and installed in windows. Note: Ansible Tower is the enterprise offering from Ansible that provides a GUI self-service interface, REST API access, and other centralized management features including Active Directory support. The process to install and configure Ansible Tower in Ubuntu Server is pretty straightforward.
For the Windows installation of Kerberos; it was not officially listed in the link below how to install it. https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html#installing-the-kerberos-library
This is an absolutely vital part of Ansible configuration which ensures an effective communication between the Ansible control server and target serves (Kerberos authentication enables you to easily authenticate against these domain joined devices. Ansible uses the pywinrm package to communicate with Windows servers over WinRM. It is not installed by default with the Ansible package.
On the Ansible server, install “pywinrm” python module to support WinRM protocol.
– The package was already installed by me because I installed the entire Python packages (dependencies). If you have not done so use any of the commands below.
$ pip install "pywinrm>=0.3.0" or $ pip install pywinrm
Next, Install Kerberos package: Kerberos supports Cygwin and here are the various steps to install it. Below are some steps (3) on how to install Kerberos on windows.
Via the Cygwin GUI: Kerberos can be installed via the Cygwin GUI as shown below
– Run the setup as shown here https://techdirectarchive.com/2020/03/01/ansible-installation-on-windows/
– Select (“krb5-workstation”: Kerberos reference implementation clients) and Install.
Via the terminal: Once other dependencies have been installed, the python-Kerberos wrapper can be install using pip as shown below.
pip install pywinrm[Kerberos]
Via the “apt-cyg” command as shown below
See the following links for more info
When installed, in order to tell the right location of the packages, simply search for “krb5” as shown below “C:\cygwin64\etc\crypto-policies\back-ends”.
Navigating through this path ‘C:\cygwin64\etc\crypto-policies\back-ends” via the Cygwin Terminal to access the krb5.config file as shown below.
Next, we will be configuring Kerberos to work, see https://techdirectarchive.com/2020/03/14/configuring-kerberos-for-ansible-authentication/