Ansible for the Windows Admin by Jeremy Murrah

14 Comments



Ansible is a very flexible, easy to use configuration management product. Written in Python, and traditionally for linux environments, it is being used by Windows admins more and more. Also, with PowerShell being cross platform, we can do some really interesting things that were probably never intended by the creators. Come find out all you need to know about managing Windows machines with Ansible, and find out how much you can do without learning Python. In this talk you will learn:

– how to setup VSCode and the Windows Subsystem for Linux (WSL) to be the ultimate Ansible console
– how to get started with basic ansible tasks and an overview of the architecture and terminology
– how to connect to, and manage, Windows machines with Ansible, and the various authentication options available
– how to leverage PowerShell DSC resources in Ansible to do almost anything
– how to write custom Ansible modules and dynamic inventory scripts in PowerShell on linux

PowerShell Summit videos are recorded on a “best effort” basis. We use a room mic to capture as much room audio as possible, with an emphasis on capturing the speaker. Our recordings are made in a way that minimizes overhead for our speakers and interruptions to our live audience. These recordings are meant to preserve the presentations’ information for posterity, and are not intended to be a substitute for attending the Summit in person. These recordings are not intended as professional video training products. We hope you find these videos useful – the equipment used to record these was purchased using generous donations from members of the PowerShell community.

source

14 Comments
    • blank
      Emmanuel Ogoma
      May 07, 2022 03:35 am Reply

      the vault password format error could be as a result of line ending , you are working on windows and vs is using CRLF instaed of LF. You may need to change that on VS

    • blank
      frannelk
      May 07, 2022 03:35 am Reply

      Trailing characters while copy/pasting the encrypted password was the issue.

    • blank
      Maor Yatskan
      May 07, 2022 03:35 am Reply

      Great talker, love it

    • blank
      Erick Sevmont
      May 07, 2022 03:35 am Reply

      Spent hours trying to figure this out, but couldn't get the example to work, looks like the convertto-json cmdlet is still a little bit buggy or something. Worked like this for me: get-childItem c: | convertto-json -compress

    • blank
      Ahmed Shaarawy
      May 07, 2022 03:35 am Reply

      Great Video , but i need urgently to know how to automate joining domain computers to specified domain groups !?

    • blank
      Mr. Snrub
      May 07, 2022 03:35 am Reply

      Man uses vim correctly.

      Everyone liked that.

    • blank
      Zoltan Nemeth
      May 07, 2022 03:35 am Reply

      “Jeremy spoke in class todayyyyy…”

    • blank
      Garegin Asatryan
      May 07, 2022 03:35 am Reply

      So basically it’s a free alternative to system center? Pretty cool. Since I’ve always wanted to do simple stuff like windows updates and driver/bios updates without AD and GPOs.

    • blank
      свой
      May 07, 2022 03:35 am Reply

      в чем отличие от виндоус систем центр? what is difference with windows system center ?

    • blank
      Othermike Louis
      May 07, 2022 03:35 am Reply

      Hello Jeremy.

      Thank you for this great workshop ..it was a very informative session in the meantime I have a question. What is the best practice secure way to manage standalone (Non-Domain) windows servers with ansible? (like this configuration below)

      ansible_user: username

      ansible_password: super secret

      ansible_connection: winrm

      ansible_port: 5985

      ansible_winrm_transport: ntlm

      ansible_winrm_message_encryption: always

      Do you think this configuration is secure enough to use on production?
      The password is in clear text here and do you think it's encrypted in transit? What do you think about credssp ? my only concerns with credssp it 's not scalable as you mentioned in the workshop .. a certificate for every machine it's a lot of work.

      Thank you for sharing your experience and give me a piece of advice about the best secure way to implement ansible with non-domain windows servers

      for Domain windows machine it s easier Kerberos did it right

    • blank
      Milkhais Haile
      May 07, 2022 03:35 am Reply

      Ever figure out why the encryption failed?

    • blank
      Faisal Parkar
      May 07, 2022 03:35 am Reply

      Fantastic video. Very useful and helpful. Any ideas where I can get the files created in here from?

    • blank
      queenannsrevenge100
      May 07, 2022 03:35 am Reply

      Thanks for the presentation! I had never looked into DSC nor writing your own Ansible windows module, and it was very insightful!

Leave us a comment