Joining domain via Ansible returns error "Already joined to this domain" while via shell is OK

I'm getting a strange message with Ansible. On a RHEL 9 server, I can join our domain via the shell command line realm join example.xyz --user=svc-ansible --computer-ou="OU=Linux Servers, OU=Servers, OU=ACME, OU=Units, DC=example, DC=xyz" Once done that I can successfully change user via su - johndoe@example.xyz, where "johndoe" is an user defined in the AD and belonging to an AD group defined in simple_allow_groups in the file /etc/sssd/sssd.conf. So the config seems to be working. After that, I run an realm leave example.xyz --remove -U 'svc-ansible' and realm list beforehand to check that the server is not in the domain anymore. However, when I run via AWX an Ansible playbook defined as this (...) - name: Set staging_ou ansible.builtin.set_fact: staging_ou: "OU=Linux Servers, OU=Servers, OU=ACME, OU=Units, DC=example, DC=xyz" - name: Realm join into domain ansible.builtin.expect: command: /bin/bash -c 'realm join {{ domain }} --user={{ ad_join_user }} --computer-ou="{{ staging_ou }}"' responses: Password.*: "{{ ad_join_password }}" timeout: 120 (...) I get the following error: > TASK [playbook_ad_join : Realm join into domain] ********************************** fatal: [myrhel9server]: FAILED! => {"changed": true, "cmd": "/bin/bash -c 'realm join example.xyz --user=svc-ansible --computer-ou=\"OU=Linux Servers, OU=Servers, OU=ACME, OU=Units, DC=example, DC=xyz\"'", "delta": "0:00:00.152467", "end": "2024-11-13 11:45:09.577079", "msg": "non-zero return code", "rc": 1, "start": "2024-11-13 11:45:09.424612", "stdout": "realm: Already joined to this domain\r\nPlease check\r\n https://red.ht/support_rhel_ad \r\nto get help for common issues.", "stdout_lines": ["realm: Already joined to this domain", "Please check", " https://red.ht/support_rhel_ad ", "to get help for common issues."]} A realm list confirms that the server is indeed in the example.xyz domain and returns the same output as when I ran the realm join ... command via shell. However, I cannot su to AD users anymore: trying to do so returns an error > su: user johndoe@example.xyz does not exist or the user entry does not contain all the required fields The link cited in the error message doesn't help. What could be wrong? --- EDIT 1: Running via shell the same command run via ansible, i.e. /bin/bash -c 'realm join example.xyz (...) ' doesn't change anything with respect to running realm join example.xyz (...) (see top of post). The other tasks in the playbook only modify a few config files: /etc/krb5.conf /etc/sssd/sssd.conf /usr/local/bin/sss_ssh_authorizedkeys_ad /etc/ssh/sshd_config and install some packages. These do not matter as the configuration already converged. I have removed a line which restarted the realmd daemon, since it could be the one causing the issue, but nothing changed.