Ansible Windows Filament

From tannerjc wiki
Revision as of 05:38, 27 August 2018 by Jtanner (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Introduction

This document is geared towards Ansible developers and users who are debugging or testing Windows.

Requirements

  1. vagrant
  2. virtualbox
  3. ansible

Initial Setup

  1. install ansible
  2. pip install git+https://github.com/diyan/pywinrm
  3. git clone https://github.com/jborean93/ansible-windows
  4. cd ansible-windows/vagrant
  5. edit the inventory.yml file and comment out all "domain_children" hosts except for the "SERVER2016" host.
  6. export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
  7. vagrant up

Once the boxes are downloaded and provisioned, a connection test should fire off in one of the tasks. If you notice it hanging, login to each of the VMs and run this command in an administrator powershell: `Reset-WinRMConfig`

  1. ansible SERVER2016 -vvvvv -i inventory.yml -m win_ping

Switching to kerberos [mac]

  1. pip install pywinrm[kerberos]
  2. pip install pexpect
  3. echo "nameserver 192.168.56.10" > /etc/resolver/domain.local
  4. set "ansible_winrm_transport" to "kerberos" in inventory.yml
  5. set "ansible_user" to "vagrant-domain@DOMAIN.LOCAL" in inventory.yml
  6. set "ansible_password" to "VagrantPass1" in inventory.yml
  7. export KRB5_TRACE=/dev/stdout
  8. ansible SERVER2016 -vvvvv -i inventory.yml -m win_ping


Appendix

https://github.com/redhat-cop/automate-windows/tree/master/windows-certificates