Skip to main content

Ansible for Microsoft's Windows


Hello

 Thanks for visiting RvKmR's blogs


Today we are discussing managing Microsoft Windows machines with Ansible. We know that managing Linux machines with Ansible is quite common nowadays. but managing windows machines with Ansible is quite new. SSH service is used to manage Linux machine and for windows WinRM. Please check more details about WinRM here.

 Lets checkout steps to configure WINRM for ansible. Below are requirements for WINRM configuration on target windows machine.
  • Admin Credentials of target windows machine.
  • Stop firewall on target windows machine.
  • Powershell version 3.0 and .net framework 4.0

Let's start configuring Windows machine:
  • I am considering you have administrator account credentials with you.
  • Open Firewall in windows machines and turn of it or allow port 5985 and 5986.
  • Update Powershell and .Net Framework with below commands on PowerShell.
$url ="https://raw.githubusercontent.com/jborean93/ansible-windows/master/scripts/Upgrade-PowerShell.ps1"
$file = "$env:temp\Upgrade-PowerShell.ps1"
$username = "Administrator"
$password = "Password"

(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Force

# Version can be 3.0, 4.0 or 5.1
&$file -Version 5.1 -Username $username -Password $password -Verbose

# This isn't needed but is a good security practice to complete
Set-ExecutionPolicy -ExecutionPolicy Restricted -Force

$reg_winlogon_path = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
Set-ItemProperty -Path $reg_winlogon_path -Name AutoAdminLogon -Value 0
Remove-ItemProperty -Path $reg_winlogon_path -Name DefaultUserName -ErrorAction SilentlyContinue
Remove-ItemProperty -Path $reg_winlogon_path -Name DefaultPassword -ErrorAction SilentlyContinue

  • To do WinRM hotfix run below commands on PowerShell.

$url = "https://raw.githubusercontent.com/jborean93/ansible-windows/master/scripts/Install-WMF3Hotfix.ps1"























$file = "$env:temp\Install-WMF3Hotfix.ps1"
































(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)















powershell.exe -ExecutionPolicy ByPass -File $file -Verbose
  • To Configure WinRM run below commands on PowerShell.

$url = "https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1"























$file = "$env:temp\ConfigureRemotingForAnsible.ps1"
































(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)































powershell.exe -ExecutionPolicy ByPass -File $file
  • To check WinRM Configuration run below command on PowerShell.
winrm enumerate winrm/config/Listener
If you got below output of above command, then you have configured WinRM successfully.

Now let's configure the ansible machine:
  • First, you need to install supported python library for ansible to connect WinRM.
sudo pip install pywinrm
  • Now you need to add below variables in ansible inventory for Windows machine.
[all]


192.168.0.101

[all:vars]
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
ansible_user='XXXXXXXXXX'
ansible_password='xxxxxxxxx'
ansibl_port=5986
ansible_winrm_transport=ntlm

  • Now test connectivity to Windows machine with below ansible command.
ravikumar@ravikumar-RV409-RV509-RV709:~/workspace$ ansible 192.168.0.101 -m win_ping -i inv 

192.168.0.101 | SUCCESS => {

    "changed": false, 
    "ping": "pong"
}


Now you are done with configuration. You can now use windows specific modules for more task on windows machines.

Labels:
Location: Pune, Maharashtra, India

Comments

Post a Comment

Popular posts from this blog

Wheel Users in Linux

Hello, Thanks for visiting RvKmR.blogspot.in In this blog post, I am explaining about Wheel users in Linux. Red Hat release that I am working on is as below.  [ravi@localhost vagrant]$ cat /etc/redhat-release CentOS release 6.9 (Final) An Linux system can have many users like System users, normal users, and admin (root) user. Its common sens that we have is not to share root user credentials with other user, but here is case that we wish to run administrative command by normal user. In that case we need to aware about wheel users group. Let's first understand what is wheel user in Linux and why we needed it. Wheel is one of Linux user group that allow members of that group to run administrative commands those need root access of system, Wheel user facilitate to do that with sudo (superuser do ) privileges. Lets do it on terminal : Add an user and set password [root@localhost vagrant]# useradd ravi [root@localhost vagrant]# passwd rav
Post a Comment
Read more

IT Infrastructure Monitoring

Hello, Thanks for visiting RvKmR.blogspot.in IT Infrastructure monitoring its not just words, it means a lot in the information technology world. I expect an IT professional knows what it means. In a simple word, I can say Compute, Application, and network, etc. OK, let's start why we need IT infrastructure monitoring. Monitoring IT infrastructure allows us to take preemptive action to be undertaken towards a potential problem before they affect your business. OR at least reduce time to restore your infrastructure as soon as an incident occurs. Further monitoring of IT infrastructure is divided into two categories Agent-based and agentless. An agent is a software or script installed on machines that to be monitored so that it will send information to monitoring systems. Having an agent inside the machine uses system resources, which in turn raises maintenance cost. Whereas the agentless tool is little or no impact on monitored machines as an agent is not installed on
1 comment
Read more

Understanding Linux Cluster

Hello Thanks for visiting RvKmR's blogs. So, What means of clusters and why we need them. Cluster is set of servers or say computers working together to achieve single goal or a task. Now you may have idea why we need cluster.  Types of Cluster: High Availability Cluster / HA Cluster  HA Cluster again grouped in two types. Active-Active Cluster Active-Passive Cluster In Active-Active Cluster Service is running on all nodes in cluster. That means all nodes serving independently. In Active-Passive Cluster Service is running on one of node from cluster and other nodes in passive state. If primary node fails then only other node in cluster will start service.   Storage Cluster In this cluster type, all members provides a single cluster file system that can be accessed by different servers. These file system can be used to read-write data simultaneously. EX: GFS2  OK, Then what is High Availability. This type of cluster provides high availability of serv
Post a Comment
Read more