Hello all!
Brand new to Ansible. I just successfully got the ad-hoc Windows ping/pong to work! I wanted to ask a question related to Windows secpol (Security Policy).
Is there a module to allow Ansible to set SecPol values for hosts specified in the inventory? For instance:
[System Access]
MinimumPasswordAge = 2
MaximumPasswordAge = 30
MinimumPasswordLength = 8
PasswordComplexity = 1
EnableGuestAccount = 0
[System Log]
MaximumLogSize = 81920
AuditLogRetentionPeriod = 0
RestrictGuestAccess = 1
Appreciate any feedback or direction you may be able to send to me!
-dave
Hi,
Not quite. There’s a not-yet-merged pull request for a secpol module.
https://github.com/ansible/ansible/pull/22775
However, there is a plan to break it up into more than one module,
If you are in a hurry you could
try out the above module (you can add custom modules to your ansible installation by setting the ‘library’ setting to point at somewhere (default is /etc/ansible/library) in your ansible.cfg and copying the module files into the library location.
use win_template module to create the sec pol input file and use win_shell or win_command module to run secedit on the command line
Hope this helps,
Jon