Introduction

JumpSever leverages Ansible to develop various automation functionalities, including tasks as push accounts, change account secrets, gather accounts, and back up accounts.

All automation tasks are implemented by the Celery component.

Server trace files are stored in the /data/jumpserver/core/data/logs/ for reference during troubleshooting. 

Common Issues

1. Privilege Error in Linux Assets: User is not in the sudoers file

Cause:

Ansible requires privileged accounts to execute automation tasks.

Troubleshooting Tips:

1. Ensure that there is a privileged account in the sudoers group within the assets (it is recommended to add the root account).

2. Confirm that the privileged account is selected in the privileged user information within the account info.

2. Privilege Error in Windows Assets: NTLM the Specified Credentials were rejected by the server

Cause:

Ansible requires privileged accounts to execute automation task.

Troubleshooting Tips:

1. Ensure that the assets have a Windows privileged account configured, and make sure that the privilege account option is selected in the asset information.

2. Ensure that WinRM is properly enabled and configured on Windows.

3. If you're not familiar with specific creditientials you could switch automation type in plataform to pyfreerdp, not using ansible_win_user

3. Push Account/Change Secret Error: Unable to connect to Asset Bad Authentication type

Cause:

The main reason for this issue is that the authentication method used for pushing accounts is not permitted by the OpenSSH configuration on the assets.

Troubleshooting Tips:

1. Please verify that the authentication methods allowed in the SSH settings on the assets are consistent with the authentication method used for pushing or changing the account credentials. For example, if pushing passwords, ensure that PasswordAuthentication is set to yes.

2. Please ensure that SSH is restarted after modifying the parameters, or check for any pre-existing parameters settings such as cloud image init settings.

4. Unknown Key Percent_expand failed

Cause:

The main reason for this issue is that connecting to the assets through the gateway machine does not support passwords containing special characters currently.

Troubleshooting Tips:

Please check if the account password on the gateway machine contains special characters. If it does, consider managing an account without special characters in the password or modifying the password accordingly.

5.  Unsupported Python Version

Cause:

The issue primarily arises because Ansible cannot find a compatible version of Python on the assets. Ansible requires Python 2 version 2.7 or higher, and Python 3 version 3.5 or higher to be installed on the assets.

Troubleshooting tips:

1. Check the Python version on the assets. If it is below the required version or if there is no Python environment installed, upgrade or install the appropriate version of Python on the assets.

2. Verify if the Python environment variables are configured correctly and check for any conflicts arising from multiple Python versions installed on the system.

6. The Connection Plugin 'rdp' was not found

Cause:

The main issue here is that the SSH or WinRM protocols have not been added to the configuration of the assets.

Troubleshooting Tips:

Please check and ensure that the SSH or WinRM protocols are added to the configuration of the assets. You can update and add protocols in the asset list. 

7.  Automations Using WinRM Failed.

Cause:

The issue may be caused by the WinRM feature not being enabled on the Windows Assets or by a lack of network connectivity from the JumpServer to the Windows Assets.

Troubleshooting steps:

1. Ensure that JumpServer can access ports 5985/5986 on the Windows Assets for network connectivity.

2. To enable the WinRM feature on the Windows Assets, you can use the command winrm quickconfig.

8.  Windows Assets Automations Using SSH Failed.

Cause:

The issue may be caused by the SSH feature not being enabled on the Windows Assets or by a lack of network connectivity from the JumpServer to the Windows Assets.

Troubleshooting steps:

1. Ensure that JumpServer can access ports 22 on the Windows Assets for network connectivity.

2. Ensure that openssh is installed on Windows Assets.