hello all,
I am using the vmware_guest module to deploy vms to our vsphere environment and everything is working well. Now there is a requirement to handle post-processing of the vms once they are deployed which requires WinRM on Windows. The goal is to use vmware_guest module to use the “runonce:” param in order to configure WinRM using the ConfigureRemotingForAnsible.ps1 script and then to join the win system to the domain with using the “joindomain:” parameter.
The issue I am running into is that it appears the “runonce:” parameter is executed after the system is joined to the domain. Once the system is joined, it autologons to the domain but there is a Cyber banner pop-up and have to hit “OK” to continue the login process. This interferes with the running of pwsh script so I decided to try to break up the two items.
My thoughts were to create two vmware_guest Ansible tasks, the first one to create the vm and run the script to configure WinRM and the second vmware_guest task to join the system automatically to AD.
The first customization block works well and looks like …
customization:
autologon: yes
autologoncount: 8
password: “{{ local_pass }}”
existing_vm: false
hostname: “{{ vm_name }}”
dns_servers:
- “{{ dns_ns1 }}”
- “{{ dns_ns2 }}”
runonce: - powershell.exe -ExecutionPolicy Unrestricted -File C:\Windows\Temp\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert
wait_for_customization: yes
The second customization block in the second Ansible task looks like …
customization:
autologon: yes
autologoncount: 8
password: “{{ local_pass }}”
existing_vm: true
domainadmin: “{{ elevated }}”
domainadminpassword: “{{ elevated_pass }}”
joindomain: my-domain
wait_for_customization: yes
No errors are produced but the second customization block in the second Ansible task doesn’t seem to be executed. The first task is marked as “changed” while the second task is marked as “ok.”
Any ideas?
Thanks!