I need to update a windows system using ansible in a disconnected environment.
I’m completely new to this so i need a procedure to do this, can anybody help
Transfer the Patch Files to the Windows Host
You can do this with Ansible’s win_copy (or via a network share).
Example:
- name: Copy local patches
ansible.windows.win_copy:
src: /path/to/local/KB123456.msu
dest: C:\temp\KB123456.msu
Install the Patch
Use win_package, win_command, or win_shell to install the .msu or .cab file.
For .msu files, a typical command is:
powershell
Copy code
wusa.exe C:\temp\KB123456.msu /quiet /norestart
A sample play:
---
- name: Install MSU updates offline
hosts: windows
gather_facts: no
tasks:
- name: Copy patch to target
ansible.windows.win_copy:
src: /path/to/KB123456.msu
dest: C:\temp\KB123456.msu
- name: Install patch with wusa
ansible.windows.win_command:
command: wusa.exe C:\temp\KB123456.msu /quiet /norestart
- name: Reboot if required
ansible.windows.win_reboot:
reboot_timeout: 1800
when: ansible_windows_update_pending is defined
If you have multiple updates, repeat for each, or structure them in a loop.
Check Installation
Optionally verify that the patch is installed using win_updates (though it may require an actual WSUS or Windows Update source to confirm). Alternatively, check the registry or WMI for presence of the update.