I'm trying to implement Ansible in our company.
I have 2 huge problems that may cause us to leave this product, but before we give up I thought maybe someone could help us.
Some overall information - We installed ansible 2.1 on RHEL 6.5. We tried to use Ansible Tower but we gave up because of the complexity (most of our use is for ad-hoc commands).
The first issue is managing Windows server 2003. When we want to manage windows servers, we need to run the pre-script, but it only works with PowerShell v.3 and above, while Windows server 2003 is not supporting PowerShell v.3 (it's almost impossible to install this version).
In our company (unfortunately) there still dozens of Windows server 2003 machines.
Is there a way to make Ansible being able to manage those servers?
The second issue is the timeout of the WinRM. When we running an ad-hoc command on windows servers, there are machines that Ansible succeed to make a WinRM connection, but its hang out waiting the command to run (for example, even simple "hostname" commands).
We reduced the ansible timeout, but it's still hang out, so we assuming that it succeed making the WinRM connection but hang after.
There ia a way to configure the time out of ALL the process of ansible per machine, or otherwise configure the WinRM to have timeout after the connection succeeded?
Thanks,
Afik
Basically, no- due to major shortcomings of Powershell 2 for things we need to do, and the incredibly low number of Server 2003 installs left out there, we made PS3 the minimum required version.
There's been a little bit of work done by community folks to make a PS2-friendly version of the WinRM connection plugin to at least get basic Ansible connectivity working there (so "raw" will work, and modules can be transferred/run), but pretty much all the existing modules rely on Powershell cmdlets that don't exist in PS2/S2003. So you'd be back to "raw" for everything, which isn't much more useful than Powershell remoting (other than being able to blast commands to multiple machines at a time). If you want to see that, it's at
https://github.com/elum/ansible and
https://github.com/elum/ansible-modules-core
but we're unlikely to accept this into the core product or support it in any way.
Related
I know that Ansible uses winRM to connect to window hosts, which means it does not fully load a windows profile when connecting to a host, but rather can execute bat/powershell commands remotely.
But is there a method where I can logon as a complete Windows profile using Ansible.
My requirement is that every Monday morning I want an automated job (Preferrabley Jenkins -> Ansible) that will logon to my Windows Server machines (around 10 machines). Currently we have a support team that does this every Monday morning (because the machines are rebooted every weekend), and sometimes 1 or 2 machines are missed out, and I would like to automate this because we have Scheduled Tasks that are supposed to run early in the morning, that sometimes misses to run because support forgets to login to a particular machine.
There are 2 connection plugins for Windows in Ansible PSRP and WinRM. Whatever tasks your support team is performing manually can be automated with Ansible Windows Modules or Powershell commands. Though they are executed remotely, actions are performed on the target servers only.
I have script which uses mircrosoft's UIAutomation to automate an application. The script is inside a VPS running Windows Server 2012. The script works perfectly while I am connected to the VPS via Remote Desktop (RDP).
When I am not connected, the script seems to be stuck on SetFocus for a object... which leads me to believe that the script needs a Display/Screen/Session in order to work... but I am not sure if it is possible to do it while I am not connected to the VPS.
I can see 2 possible solutions here, either modify the script in someway to work in this environment or make the VPS have a virtual desktop while I am not connected (this solution might be more related to Server Fault rather than StackOverflow).
I am very confused, thanks for the help in advance :)
I managed to workaround the issue by actually connecting to the server to itself (to 127.0.0.1) via RDP so that it will always have an active RDP session for the automation script to run.
I am not happy with the results but it works... I cannot give clear instructions on how you would need to modify the settings in Windows to allow RDP connections from self, it was a one big trial and error process, I have to modify some policies in the Group Policy Editor and then some stuff that I don't remember.
There is another downside to this, a Windows server will allow 2 simultaneous connections to it but by using this method we are reserving a slot so only 1 connection at a given time is possible, something to be aware of.
I am using Ansible for some infrastructure management problem for my project. I achieved this task using a Linux client like say to copy a bin file from Ansible server and install it on a client machine. This involves tasks in my playbooks using normal Linux commands like ssh, scp, ./bin etc.,
Now I want to achieve the same in a windows client. I couldn't find any good documentation to try it out. If anyone of you have tried using Ansible with Windows client then it would be great if you could share the procedures or prototype or any piece of information to start with and progress further on my problem.
There's no built-in Windows support for Ansible today. If you search the mailing list, you'll find some references to people having some minimal success with things like CygWin. You should probably check out the mailing list and stay tuned.
Starting in version 1.7, Ansible also contains support for managing Windows machines. This uses native powershell remoting, rather than SSH. See the Ansible documentation website for details on Windows support for Ansible.
Ansible Windows support (including Azure) has been extended a great deal in 2.2 which released in June. https://www.ansible.com/blog/ansible-2.1 For what it's worth, I've also released a course on Pluralsight for managing Windows targets with Ansible
You can use powershell remoting. But i'm using SSH with Cygwin installed in windows so that the same linux code will work smoothly in windows as well.
I face strange situation: I suspect some of Windows PCs in the network are suddenly become out-of-sync with our NTP servers. So I need something I can remotely check time difference between Windows machine and NTP server. What can be the best is to log that difference so I will be able to graph it and see the moment it happens to debug further.
And, of course, I'd prefer remote tool that I'll run on some extra PC so I won't install anything on each of client PCs around network.
I also find out that some of clients are happy to sync with unix-based NTP server and won't sync with Windows-based (DC), while some other 'like' Windows-based NTP server. Something strange, indeed, but the network is legacy and I can suspect pretty everything.
Cygwin runs nicely on Windows, and you can use "ntpdate -q" to find the date on the remote server and "date" to get the machine on the local server. A short shell script later and you should be done -- you can then automatically capture the time difference.
is it possible to execute a command (ex: launching a .bat file located on the remote machine) on a Windows Remote Machine, using a UNIX or Linux Machine ?
Is there something like a scp/ssh mechanism or at least a way to connect to a Windows Machine passing through the network ?
Thanks for your help.
By default, recent Windows versions only support the Remote Desktop protocol. As far as I know, client versions only allow a single user, while server versions with installed Terminal Services allow for multiple simultaneous users.
Windows Server versions also support the Telnet protocol, but the server is disabled by default - it may not even be installed. Therefore you will have to enable it manually. Do you really want to use Telnet of all things, though? Just the security concerns are enough to make it mostly useless.
There is also a version of OpenSSH for Windows, that uses the Cygwin DLL. I have not tried it, but using an SSH implementation from the Unix world does have its appeal (and probably a few disadvantages). See also this.
EDIT:
Recent Windows versions also support the Windows Remote Management system, which allows you to launch an interactive session throuh a bit of trickery.
You may want to try Vandyke VShell.