Use Ansible to Install SharePoint Server Updates

Hello!
My name is Raikhan.

Maybe someone used Ansible to install Microsoft updates?

We configured Ansible to install Microsoft updates, and this works successfully for all updates, except for SharePoint Server 2013 updates. When we run playbook to install SharePoint Server updates - nothing happens and there are no understandable errors. The server uses UAC, but we tried to work with elevated privileges and also added parameters to the playbook to temporarily disable and enable UAC in the registry. Nothing helps.

Maybe you have fresh thoughts and ideas?

Thanks!

Ansible - SharePointUpdates.png1410×874 27.7 KB

If the task is trying to install updates then you are typically restricted by Windows over a network logon like WinRM. The way around this that Ansible provides is the become [1]. This turns the logon type to an interactive logon which is allowed to install Windows updates just like you can when running it manually.

[1] - https://docs.ansible.com/ansible/latest/user_guide/become.html#become-and-windows

Hello, Jordan!
Thanks for the answer.

We use this playbook and it does not work:

• name: Run ps1 script in privileged mode
  hosts: all
  gather_facts: no
  become_method: runas

vars:
ansible_become_password: elon*musk#1

tasks:

• win_shell: C:\Script\Install-Update.ps1
  become: yes
  become_user: SpaceX@test.kz

But, if we run the powershell script “Install-Update.ps1” manually, as an administrator - The installation of updates is successful !

What can you recommend for installing updates through Ansible?

Thanks!

What’s the output when you run the win_whoami module with the same become setup you have for win_shell. Please use -vvv so we can see the output. I would also try ansible_become_pass as I believe ansible_become_password is only valid in later Ansible versions.

Thanks for the answer.
We tried your recommendations, but the result is the same. Updates are not installed