Windows preparation for remote control with Ansible

Enabling Admin account

net user administrator /active:yes
net user administrator MyPassword

Cleaning

winrm enumerate winrm/config/listener
winrm delete winrm/config/Listener?Address=*+Transport=HTTP
winrm delete winrm/config/Listener?Address=*+Transport=HTTPS

Setup

$myFQDN=(Get-WmiObject win32_computersystem).DNSHostName+"."+(Get-WmiObject win32_computersystem).Domain
New-SelfSignedCertificate -DnsName $myFQDN -CertStoreLocation Cert:\LocalMachine\My
$thumbprint=@(Get-ChildItem -Path Cert:\LocalMachine\My | Where {$_.DnsNameList -match "$myFQDN" }).Thumbprint
winrm create winrm/config/Listener?Address=*+Transport=HTTPS "@{Hostname=""$myFQDN""; CertificateThumbprint=""$thumbprint""}"
Set-Item -Path WSMan:\localhost\Service\Auth\Basic -Value $true 

Host file

In a file name hosts.cfg

[targets]
server1 ansible_host=123.123.123.123 ansible_user=Administrateur ansible_password=secure_password
server2 ansible_host=123.123.123.123 ansible_user=Administrator ansible_password=secure_password

[targets:vars]
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore

And in the playbook

---

---
# This playbook tests the script module on Windows hosts
- name: Run powershell script
  hosts:
    - server1
    - server2
  vars:
    nsimul: 8
    results_dir: C:\results{{ nsimul }}
  gather_facts: false
  tasks: ...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.