I’m trying to figure out how to use Ansible to have windows clients automatically map a network drive. If I use the script module and either powershell or “net use”, I get an “Access Denied” error. Apparently, trying to map a drive falls under the second hop credentials area of problems. All the suggestions online are to use CredSSP to get around second hop issues, but I don’t think there’s any way to do that with ansible. Any ideas?
Can you avoid the problem by fetching whatever you need via the win_get_url module perhaps? Obviously you need some way of serving the files you need?
Jon
Unfortunately, I’m not actually trying to map the drive so I can get to files. I’m trying to auto-map the drive so it is available for users. It’s just a drive that we want permanently mapped, and I don’t have access to AD Group Policies to do so. I was hoping to use Ansible to map the drive, but it needs “second hop” credentials to confirm that the share can be accessed.
I'm not sure we'll have support for CredSSP for awhile (in fact, I haven't
found any winrm/wsman client that supports it aside from what's built into
Windows).
Do you have an example of how you'd do the drive mapping using PowerShell
from one Windows machine to another?
Something like this? (Not that I have tried via ansible)
$net = New-Object -ComObject WScript.Network $net.mapnetworkdrive("B:","\\someserver\someshare")
Jon
The main issue with that, is since windows 6.x (vista/7/8/2008/2012) you can’t access drives mounted by an administrative user.
After running that code through ansible and you check the client machine, you’re getting drive unavailable.
(btw, you get the same issue by using the ‘NET USE’ cmd)