Win 10 enterprise ansible 2.9
Using this playbook on a vm in order to change something in windows GPO :
— - hosts: localhost
connection: local
vars: vars_files: - vars.yml
become_method: runas
tasks:
- name: “GPO change”
vmware_vm_shell:
cluster: “{{ cluster }}”
datacenter: “{{ datacenter }}”
hostname: “{{ vcenter_server }}”
username: “{{ vcenter_user }}”
password: “{{ vcenter_pass }}”
folder: “{{ folder }}”
vm_id: “{{ name }}”
vm_username: “{{ vm_username }}”
vm_password: “{{ vm_password }}”
vm_shell: ‘C:\Windows\System32\WindowsPowershell\v1.0\powershell.exe’ vm_shell_args: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot /v DisableRootAutoUpdate /t REG_DWORD /d 1 /f;gpupdate /force
wait_for_process: yes
validate_certs: no
delegate_to: localhost
register: shell_command_output - debug: msg: “{{ shell_command_output }}”
This have to run as admin but apparently it doesn’t and GPO doesn’t change. what am i doing wrong?
log:
ok: [localhost] => { “msg”:
{ “changed”: true, “cmd_line”: “"C:\Windows\System32\WindowsPowershell\v1.0\powershell.exe"
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot /v DisableRootAutoUpdate /t REG_DWORD /d 1 /f;gpupdate /force”, “end_time”: “2022-04-27T13:24:14+00:00”,
“exit_code”: 0, “failed”: false, “name”: “powershell.exe”, “owner”: “XXX”, “start_time”: “2022-04-27T13:24:03+00:00”, “uuid”: “420b5786-5d90-785f-5b2e-98ba3a400e73” } } PLAY RECAP ************************************************************************************************************************* localhost : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0