Ansible-Checkpoint Playbook Error.

alex_Ilie · ‎2022-12-30

When I run "ansible-playbook -i Inventory/host_file createGroup.yml" I get the output:

PLAY [Create Groupt in SMS] ********************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************
ok: [192.168.19.5]

TASK [set-group] *******************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible.module_utils.connection.ConnectionError: Server returned response without token info during connection authentication: 400
fatal: [192.168.19.5]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/root/.ansible/tmp/ansible-local-38146d7ypqb5/ansible-tmp-1672395718.4953148-3880-262337703017219/AnsiballZ_cp_mgmt_group.py\", line 107, in <module>\n    _ansiballz_main()\n  File \"/root/.ansible/tmp/ansible-local-38146d7ypqb5/ansible-tmp-1672395718.4953148-3880-262337703017219/AnsiballZ_cp_mgmt_group.py\", line 99, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/root/.ansible/tmp/ansible-local-38146d7ypqb5/ansible-tmp-1672395718.4953148-3880-262337703017219/AnsiballZ_cp_mgmt_group.py\", line 47, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_group', init_globals=dict(_module_fqn='ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_group', _modlib_path=modlib_path),\n  File \"/usr/lib64/python3.9/runpy.py\", line 225, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib64/python3.9/runpy.py\", line 97, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib64/python3.9/runpy.py\", line 87, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_cp_mgmt_group_payload_h8pp29fy/ansible_cp_mgmt_group_payload.zip/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group.py\", line 139, in <module>\n  File \"/tmp/ansible_cp_mgmt_group_payload_h8pp29fy/ansible_cp_mgmt_group_payload.zip/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_group.py\", line 134, in main\n  File \"/tmp/ansible_cp_mgmt_group_payload_h8pp29fy/ansible_cp_mgmt_group_payload.zip/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py\", line 317, in api_call\n  File \"/tmp/ansible_cp_mgmt_group_payload_h8pp29fy/ansible_cp_mgmt_group_payload.zip/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py\", line 71, in send_request\n  File \"/tmp/ansible_cp_mgmt_group_payload_h8pp29fy/ansible_cp_mgmt_group_payload.zip/ansible/module_utils/connection.py\", line 200, in __rpc__\nansible.module_utils.connection.ConnectionError: Server returned response without token info during connection authentication: 400\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

PLAY RECAP *************************************************************************************************************************
192.168.19.5               : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

This is the playbook:

---
- name: Create Groupt in SMS
  hosts: gvSMS

  connection: httpapi
  gather_facts: yes
  vars:
    ansible_network_os: checkpoint
    mgmt_user: ansible
    mgmt_password: *****
    mgmt_server: 192.168.19.5
    mgmt_fingerprint: RITE OS NELL WEAR SOY FLAW LOY DENT DENY SOUR PIE PEN
    policy_name: standard
    ansible_httpapi_validate_certs: no
    ansible_httpapi_use_ssl: yes

  tasks:

    - name: set-group
      cp_mgmt_group:
        name: EXT-PermittedToCOM
        state: present
        auto_publish_session: yes
      notify: publishPolicy
  handlers:
    - name: publishPolicy
      cp_mgmt_publish:

This is my host file (Inventory/host_file):

[gvSMS]
192.168.19.5 ansible_user=ansible ansible_password=*****

These are the vars for my object(Inventory/group_vars/gvSMS.yml 😞

#group_vars/gvSMS.yml
ansible_httpapi_validate_certs: no
ansible_httpapi_use_ssl:  yes
ansible_network_os:  checkpoint
mgmt_server:  192.168.19.5
mgmt_user:  ansible
mgmt_password:  *****
mgmt_fingerprint:  RITE OS NELL WEAR SOY FLAW LOY DENT DENY SOUR PIE PEN
policy_name:  Standard

This is my ansible.cfg file :

# Since Ansible 2.12 (core):
# To generate an example config file (a "disabled" one with all default settings, commented out):
#               $ ansible-config init --disabled > ansible.cfg
#
# Also you can now have a more complete file by including existing plugins:
# ansible-config init --disabled -t all > ansible.cfg

# For previous versions of Ansible you can check for examples in the 'stable' branches of each version
# Note that this file was always incomplete  and lagging changes to configuration settings

# for example, for 2.9: https://github.com/ansible/ansible/blob/stable-2.9/examples/ansible.cfg
[defaults]
inventory = Inventory/host_file
host_key_checking = true
retry_files_enabled = false
interpreter_python = /usr/bin/python3
[galaxy]
server=https://galaxy.ansible.com

There is connectivity between the firewall and the Server, I also enabled API management on the firewall.

I tried different playbooks however i get the same result. The ansible ping works, so I think the problems is with the playbook.

PhoneBoy · ‎2023-01-03

When you run the playbook with -vvv as specified in the error, what does it show?

Are you a member of CheckMates?

Ansible-Checkpoint Playbook Error.