Linux, Utility

How To: Manage Windows Server 2016 with Ansible

This is the “quick and dirty way” of configuring Windows Server 2016 and Ansible to work together. By no means you should apply this sort of configuration in production due to the security risks of having credentials being sent via plain text over the network. For a lab though it’s perfect! Let’s begin.

I also assume/recommend that the How To: Install Ansible on Red Hat Enterprise Linux 7 (RHEL 7) guide has been followed in preparation for the below instructions.

Step  0 – Confirm you have Ansible installed and working

0.0 To do so we execute “ansible –version

Step 1 – Prepare our directory structure

1.1 In my case I used my /home/asecor location:

1.2 And created a project directory in there and CD into it:

Step 2 – Create our config & inventory files

2.1 We’ll first create our inventory.yml file which will contain all of our Windows Servers

2.2 Contents of the inventory.yml should look like this:

2.3 We make our variables folder & child file which will contain configs/settings for our systems defined in the previously created inventory.yml

2.4 Contents of windows.yml should look like this:

2.5 The final project folder structure & contents within “nokians” should look something like this:

2.6 Now if we are to try and connect to our Windows Server 2016 environment it will not work – should we try and execute a ping

Let’s fix this in the next step.

Step 3 – Configuring Windows Server 2016 for Ansible

3.1 We need to set the WinRM authentication to Basic:

3.2 We also need to allow encrypted traffic via WinRM:

Then when we execute the ping module we should see the following results:

twitterredditpinterestlinkedinmail

3 Comments

  1. Travis

    THANK YOU.

    I was following a Pluralsight course on Ansible with Windows and doing a similar tutorial. That tutorial left out the necessary steps to configure the windows end to allow unencrypted authentication attempts. Very helpful!

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *