https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/326148#M2303 <P>Any suggestions here is much appreciated. Brand new firewall built in AWS- I am able to interact with the firewall with ansible using the paloalto role - the only thing that is giving me fits is setting the primary panorama server IP.&nbsp;</P><P>&nbsp;</P><P>Here is my (abbreviated) playbook</P><P>&nbsp;</P><LI-CODE lang="markup">--- # Initial config - hosts: panos connection: local gather_facts: False roles: - role: paloaltonetworks.paloaltonetworks vars: pafw: username: '{{ username }}' password: '{{ password }}' ip_address: '{{ inventory_hostname }}' tasks: - name: Grab the credentials from ansible-vault include_vars: firewall-secrets.yml no_log: 'yes' - name: MgtConfig panos_mgtconfig: provider: '{{ pafw }}' dns_server_primary: "8.8.8.8" dns_server_secondary: "4.4.4.4" ntp_server_primary: "0.us.pool.ntp.org" ntp_server_secondary: "1.us.pool.ntp.org" timezone: "US/Eastern" panorama_primary: "128.0.0.1" commit: True</LI-CODE><P>&nbsp;</P><P>But when I run the playbook, I get an API error</P><P>&nbsp;</P><LI-CODE lang="markup"> "msg": "Failed to update panorama: Could not get schema node for xpath /config/devices/entry[@name='localhost.localdomain']/deviceconfig/system/panorama-server\n"</LI-CODE> Tue, 05 May 2020 14:09:24 GMT mdsmith82 2020-05-05T14:09:24Z https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/326148#M2303 <P>Any suggestions here is much appreciated. Brand new firewall built in AWS- I am able to interact with the firewall with ansible using the paloalto role - the only thing that is giving me fits is setting the primary panorama server IP.&nbsp;</P><P>&nbsp;</P><P>Here is my (abbreviated) playbook</P><P>&nbsp;</P><LI-CODE lang="markup">--- # Initial config - hosts: panos connection: local gather_facts: False roles: - role: paloaltonetworks.paloaltonetworks vars: pafw: username: '{{ username }}' password: '{{ password }}' ip_address: '{{ inventory_hostname }}' tasks: - name: Grab the credentials from ansible-vault include_vars: firewall-secrets.yml no_log: 'yes' - name: MgtConfig panos_mgtconfig: provider: '{{ pafw }}' dns_server_primary: "8.8.8.8" dns_server_secondary: "4.4.4.4" ntp_server_primary: "0.us.pool.ntp.org" ntp_server_secondary: "1.us.pool.ntp.org" timezone: "US/Eastern" panorama_primary: "128.0.0.1" commit: True</LI-CODE><P>&nbsp;</P><P>But when I run the playbook, I get an API error</P><P>&nbsp;</P><LI-CODE lang="markup"> "msg": "Failed to update panorama: Could not get schema node for xpath /config/devices/entry[@name='localhost.localdomain']/deviceconfig/system/panorama-server\n"</LI-CODE> Tue, 05 May 2020 14:09:24 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/326148#M2303 mdsmith82 2020-05-05T14:09:24Z https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/326196#M2304 <P>Update the pandevice python library.&nbsp; PAN-OS 9.1 has changed the locations for the primary and secondary panorama server IP addresses, and the more recent version of pandevice has the new xpath locations.</P> Tue, 05 May 2020 16:43:25 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/326196#M2304 gfreeman 2020-05-05T16:43:25Z https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/326208#M2308 <P>Thanks for the suggestion - I have updated with PIP, but this has still not resulted in success.&nbsp;</P> Tue, 05 May 2020 17:33:08 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/326208#M2308 mdsmith82 2020-05-05T17:33:08Z https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/415964#M2710 <P>I have the same exact issue. I have the latest pandevice python library installed. My Palo Alto firewall is on release 10.0.4 and ansible version 2.9.10</P> Tue, 29 Jun 2021 15:21:15 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/415964#M2710 GregAdolphson 2021-06-29T15:21:15Z https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/415967#M2711 <P>Actually, I found the issue. I did not have pan-os-python installed.</P><P>pip install pan-os-python</P> Tue, 29 Jun 2021 15:25:28 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/ansible-unable-to-add-new-firewall-to-panorama/m-p/415967#M2711 GregAdolphson 2021-06-29T15:25:28Z