Run multiple tasks with different Ansible users for Windows hosts

Hi all,

I have role that contains several tasks that should be run by different Ansible users. The playbook that uses this role should run on Windows hosts and I do this using a command similar to the following:

 

ansible-playbook --limit windows -i hosts --extra-vars "ansible_user=my_username ansible_password=my_password" site.yaml

Most of the tasks in the role should be done through the user specified in the command above while others should use another Windows user. For these other tasks, I try to override the user credential variables as shown below:

 - include: task_for_other_windows_user.yml vars: ansible_user: "{{other_windows_user_name}}" ansible_password: "{{other_windows_user_pw}}"

This unfortunately doesn’t work as the playbook appears to use the same user initially defined, on all the plays. How do I implement what I’m trying to achieve here?

I also raised an issue for this in Ansible’s GitHub.

David

ansible-playbook --limit windows -i hosts --extra-vars
"ansible_user=my_username ansible_password=my_password" site.yaml

- include: task_for_other_windows_user.yml vars: ansible_user:
"{{other_windows_user_name}}" ansible_password:
"{{other_windows_user_pw}}"

Look here:

https://docs.ansible.com/ansible/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable

This says the last one wins:
role defaults [1]
[...]
play vars
[...]
role and include vars
block vars (only for tasks in block)
task vars (only for the task)
extra vars (always win precedence)

So your command line options override the task variables and those
from includes.

Solution: Put your command line vars in the playbook or the role
defaults, these get overwritten

I also raised an issue for this in Ansible's GitHub.

Care to tell us which one?

Johannes