Updates Windows Winrm, search function but no updates are installed

Hello i want use ansibel for patch my windows server, but its not working. No Updates are installed and no logfile was created. I used different examples, same not function

ansible-playbook -vvvv test.yaml -i /etc/ansible/hosts --check  --ask-pass
ansible-playbook [core 2.15.4]
  config file = /root/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.11/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-playbook
  python version = 3.11.5 (main, Sep  2 2023, 14:16:33) [GCC 13.2.1 20230801] (/usr/bin/python)
  jinja version = 3.1.2
  libyaml = True
Using /root/ansible.cfg as config file
SSH password:
setting up inventory plugins
Loading collection ansible.builtin from
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
redirecting (type: action) ansible.builtin.win_updates to ansible.windows.win_updates
Loading collection ansible.windows from /usr/lib/python3.11/site-packages/ansible_collections/ansible/windows
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python3.11/site-packages/ansible/plugins/callback/default.py
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: test.yaml *************************************************************************************************************************************************************************************************************************
Positional arguments: test.yaml
verbosity: 4
connection: smart
timeout: 10
ask_pass: True
become_method: sudo
tags: ('all',)
check: True
inventory: ('/etc/ansible/hosts',)
forks: 5
1 plays in test.yaml

PLAY [win] **********************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] **********************************************************************************************************************************************************************************************************************
task path: /root/test.yaml:2
redirecting (type: modules) ansible.builtin.setup to ansible.windows.setup
Using module file /usr/lib/python3.11/site-packages/ansible_collections/ansible/windows/plugins/modules/setup.ps1
Pipelining is enabled.
<server01> ESTABLISH WINRM CONNECTION FOR USER: administrator on PORT 5986 TO server01
EXEC (via pipeline wrapper)
ok: [server01]
redirecting (type: action) ansible.builtin.win_updates to ansible.windows.win_updates

TASK [windows_updates] **********************************************************************************************************************************************************************************************************************
task path: /root/test.yaml:4
redirecting (type: modules) ansible.builtin.win_updates to ansible.windows.win_updates
redirecting (type: action) ansible.builtin.win_updates to ansible.windows.win_updates
redirecting (type: action) ansible.builtin.win_updates to ansible.windows.win_updates
<server01> ESTABLISH WINRM CONNECTION FOR USER: administrator on PORT 5986 TO server01
EXEC (via pipeline wrapper)
<server01> PUT "/root/.ansible/tmp/ansible-local-103733jya6qnt/tmpzo2wq23t/poll.ps1" TO "C:\Users\Administrator\AppData\Local\Temp\ansible-tmp-1697013490.1185987-10379-192683414952814\poll.ps1"
<server01> PUT "/root/.ansible/tmp/ansible-local-103733jya6qnt/tmpp95n5lge/cancel.ps1" TO "C:\Users\Administrator\AppData\Local\Temp\ansible-tmp-1697013490.1185987-10379-192683414952814\cancel.ps1"
<server01> Running win_updates - round 1
<server01> Starting update task
Using module file /usr/lib/python3.11/site-packages/ansible_collections/ansible/windows/plugins/modules/win_updates.ps1
Pipelining is enabled.
EXEC (via pipeline wrapper)
<server01> Starting polling for update results
EXEC (via pipeline wrapper)
<server01> Received final progress result from update task
EXEC (via pipeline wrapper)
changed: [server01] => {
    "changed": true,
    "failed_update_count": 0,
    "filtered_updates": {
        "cf815f3b-7a40-4b27-8143-7a9cdaccf95d": {
            "categories": [
                "Updates",
                "Windows Server 2019"
            ],
            "downloaded": false,
            "filtered_reason": "category_names",
            "filtered_reasons": [
                "category_names"
            ],
            "id": "cf815f3b-7a40-4b27-8143-7a9cdaccf95d",
            "installed": false,
            "kb": [
                "5031222"
            ],
            "title": "2023-10 Kumulatives Update für .NET Framework 3.5, 4.7.2 und 4.8 für Windows Server 2019 für x64 (KB5031222)"
        }
    },
    "found_update_count": 2,
    "installed_update_count": 0,
    "invocation": {
        "module_args": {
            "accept_list": null,
            "category_names": [
                "CriticalUpdates",
                "SecurityUpdates",
                "UpdateRollups"
            ],
            "log_path": "C:\\Windows\\Logs\\ansibleupdate.txt",
            "reboot": false,
            "reboot_timeout": 1200,
            "reject_list": null,
            "server_selection": "default",
            "skip_optional": false,
            "state": "installed",
            "use_scheduled_task": false
        }
    },
    "reboot_required": false,
    "rebooted": false,
    "updates": {
        "7f25dcc8-ba73-4b72-84f7-a168b61affbb": {
            "categories": [
                "Security Updates"
            ],
            "downloaded": false,
            "id": "7f25dcc8-ba73-4b72-84f7-a168b61affbb",
            "installed": false,
            "kb": [
                "5031361"
            ],
            "title": "2023-10 Kumulatives Update für Windows Server 2019 (1809) für x64-basierte Systeme (KB5031361)"
        },
        "eee3b033-b892-4d68-ad02-39c983e272b9": {
            "categories": [
                "Update Rollups",
                "Windows Server 2016",
                "Windows Server 2019"
            ],
            "downloaded": false,
            "id": "eee3b033-b892-4d68-ad02-39c983e272b9",
            "installed": false,
            "kb": [
                "890830"
            ],
            "title": "Windows-Tool zum Entfernen bösartiger Software x64 - v5.118 (KB890830)"
        }
    }
}

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
server01 : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

---
- hosts: win
  tasks:
   - name: windows_updates
     win_updates:
         log_path: C:\Windows\Logs\ansibleupdate.txt

Hi Felix!

  1. Does the user have the permissions to write in the log file?
  2. Try to execute without the --echeck option
  3. Does your windows system have the categoires: CriticalUpdates…? Maybe you can try to get them before and debug them to make sure they exist
1 Like