I am new to Ansible. I have a requirement wherein I need to rename the 'Administrator' user account in a Windows host to something else, say 'NewUser' using Ansible.
Any suggestions on how I can rename a Windows user account using Ansible?
Thanks.
PS:-
I have tried searching for various Ansible modules to help me on this. However I could only find modules for adding a new user account, or changing the user password.
I found out the way to achieve this. Its pretty simple. Here is the playbook code:-
---
- name: Change Admin Username
hosts: all
tasks:
- name: Change Admin Username
win_shell: Rename-LocalUser -Name "Administrator" -NewName "NewUser"
Thanks.
Related
I am newish to Ansible and their playbooks so please forgive me if this is something simple that I am just overlooking. My goal here is to create a Windows Server 2016/19, when that is created I need the hostname to be added to a specific AD group. So in my role this is what I have...
- name: Run PowerShell script to add AD PowerShell
ansible.windows.win_powershell:
script: |
Import-Module ServerManager
Add-WindowsFeature -Name "RSAT-AD-PowerShell" -IncludeAllSubFeature
- name: Add a domain user/group to a domain group
community.windows.win_domain_group_membership:
domain_server: "{{ domain_server_name }}"
domain_username: "{{ domain_admin_user }}"
domain_password: "{{ domain_admin_password }}"
name: hps-winRM
members:
- "{{ inventory_hostname }}"
state: present
I need to ensure that the server has the AD PowerShell module which is what the first task is doing.
The second task is where I add it to the AD group.
When I run this the second task doesn't work and I get this error...
"msg": "Could not find domain user, group, service account or computer named HOSTNAME"
This host does exist. I am actually logged into it right now. So I am not sure where the disconnect is. Any help would be greatly appreciated. Thank you.
I am new to ansible. I have written an ansible playbook to install vnc. I want to ensure when someone runs the playbook they are prompted for a password. I was able to run the playbook via some code i put together and it prompts for the password but accepts any password.
---
- hosts : test-server
vars_prompt:
- name: password
prompt: "What is your password?"
private: yes
tasks :
- name : install tightvncserver
package : pkg=tightvncserver state=installed
notify:
- start tightvncserver
handlers :
- name : start tightvncserver
service : name=tightvncserver state=started
Please excuse the indentation. Any help will be appreciated
Now, this is where ansible vault comes into picture. Any password or other confidential information has to be stored in ansible vault. If you are not worried about security then you can simply add a when module to check if password matches a specific string or else the best way to solve this would be to prompt for ansible vault password and fetch confidential informations from there.
Alternatively, you can also store your password as key value in a yml variable file and include that in your playbook and add a when condition to check if password provided equals the password mentioned in that variable file.
My goal is to use ansible to turn off this "windows feature" that can be found on a windows machine by searching "Turn Windows features on or off" and going down to SMB 1.0/CIFS File Sharing Support.
Something is wrong with my code and I cannot get the setting disabled, please help.
CODE:
- name: Turn off SMB
hosts: myhosts
become_method: runas
vars:
ansible_become_password: mysecurepasswordthatsnot123
tasks:
- win_shell: Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
become: yes
become_user: user
What is wrong with my play?? Error has to do with non interactive mode??
not sure about win_shell.. but ansible doc suggests to use win_optional_feature. Have you tried this way?
also, there is a sample play available at this link for windows features using win_command.. check it out.
i am sure you would have seen this blog
not sure about win_shell.. but ansible doc suggests to use win_optional_feature. Have you tried this way?
also, there is a sample play available at this link for windows features using win_command.. check it out.
i am sure you would have seen this blog
How do I handle Ubuntu's request to change the root user's password when initializing a new server?
Currently, I'm just logging in to change the password, and then running the Ansible script, but obviously that defeats the purpose of automation.
- name: Set root user's password
user: name=root password={{ encrypted_root_password }} update_password=always
See also How do I generate crypted passwords for the user module.
I am new to Ansible. Trying to copy some files to remote machine.
I am able to copy to remote server's tmp folder, but not able to copy to a particular users folder.
I think it is possible if we can switch to that particular user. But I am not able to do so using playbook.
Please help me on this.
Regards,
KP
This is a permission issue. The user which you use to connect to the host does not have permissions to write to that other users folder.
If you have access to that users account (e.g. your ssh key is accepted) you can simply define the user per task through remote_user:
- copy: src=...
dest=...
remote_user: <SET_OWNER_HERE>
If you do not have access, you can use the sudo flag to execute a task with root permissions. But make sure you set the permissions correctly or the user might not be able to read/write those files:
- copy: src=...
dest=...
owner=<SET_OWNER_HERE>
group=<SET_GROUP_HERE>
mode=0644
sudo: yes
Also, you can define the username as which the sudo command is executed with sudo_user:
- copy: src=...
dest=...
sudo: yes
sudo_user: <SET_OWNER_HERE>
If sudo requires a password from you, you have to provide it or the task will hang forever without any error message.
You can define this globally in the ansible.cfg:
ask_sudo_pass=True
Or pass the option when you call your playbook:
ansible-playbook ... --ask-sudo-pass