Hello,
few questions on this module -
Context - we have Cloudform, that spins up windows machine and joins it to domain, now I need to add user to the local “Remote Desktop user” group on target windows machine. I hoping to achieve that using win_group_membership module, now my questions are -
appreciate you help.
You can currently only use the winrm connection plugin with Ansible to talk to Windows hosts. WinRM allows you to connect using both domain and local accounts and usually you need administrative rights on that host to both connect and manipulate group membership. WinRM allows you to authenticate using various protocol such as;
More details can be found here http://docs.ansible.com/ansible/latest/user_guide/windows.html.
Thanks
Jordan
Thanks for elaborate information on ansible with windows.
Winrm is disabled by default. Not sure about the security constraints when we enable this service.
I will do research on it.
do you have any ideas on configuring winrm in the template(vmware)?
vmware_guest module allows you to run scripts in ‘runonce’ section, so you can run the configure for remoting script as part of this, and any other steps you need.
I use a playbook like the following to create vm from template. Before using you have to add a hostname to the ‘domainmember’ group and allocate it an ip address in your inventory, like this
`
[domainmember]
testmachine01 ip=172.17.0.1
`
`
thanks much for the example.
Quick question on ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert -DisableBasicAuth, does this mean we can use any auth protocol as below expect Basic(not secure), correct? I am more inclined toward kerberos auth.
With -DisableBasicAuth set then you can only use the defaults which NTLM and Kerberos. You can always check by running winrm get winrm/config/service and look at the values under the Auth section.
Thanks
Jordan