๐Ÿ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
ansible-playbooks/roles/workstation/tasks/prepare.yml

56 lines
1.3 KiB

- block:
- wait_for_connection:
timeout: 10
rescue:
- name: set bootstrap password if connection fails
set_fact:
winrm_old_password: "{{ ansible_password }}"
ansible_password: "{{ winrm_bootstrap_password }}"
- name: gather facts
setup:
gather_facts:
- min
- name: fail if Windows version is not 10
fail:
msg: "only Windows 10 is supported"
when: (ansible_os_family != 'Windows') or (ansible_distribution_major_version|int < 10)
- name: setup service account for remote control
win_user:
name: "{{ winrm_remote_user }}"
account_disabled: no
account_locked: no
password: "{{ winrm_old_password | d(ansible_password) }}"
password_expired: no
password_never_expires: yes
groups:
- S-1-5-32-544
- S-1-5-32-580
groups_action: add
- name: set correct password if it was changed earlier
set_fact:
ansible_password: "{{ winrm_old_password }}"
when: winrm_old_password is defined
- name: ensure LocalAccountTokenFilterPolicy is set to 1
win_regedit:
path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
name: LocalAccountTokenFilterPolicy
data: 1
type: dword
- name: setup winrm service
win_service:
name: WinRM
start_mode: auto
state: started