Hi Peter,
Looks like the whole environment is cleaned up when using the `command` module, including Kerberos tickets.
For example, this does not work.
```
---
- name: Test KRB5
hosts: ipaserver
become: yes
gather_facts: no
tasks:
- name: Login to IPA Master
command: echo "SomeADMINpassword" | kinit admin
- name: Run an IPA command
command: ipa dnsrecord-find ipatest.local
register: result
- debug:
msg: "{{ result.stdout_lines }}"
```
If instead you use the `shell` module for `kinit`, things work as if executed manually. Not the best solution, but I'm couldn't find anything else.
This does work.
```
---
- name: Test KRB5
hosts: ipaserver
become: yes
gather_facts: no
tasks:
- name: Login to IPA Master
shell: echo "SomeADMINpassword" | kinit admin
- name: Run an IPA command
command: ipa dnsrecord-find ipatest.local
register: result
- debug:
msg: "{{ result.stdout_lines }}"
```
Remember that until you run `kdestroy`, credentials will remain valid (as configured to).
Regards,
Rafael