Ansible批量添加远程登录用户
一、环境
Ansible管理主机:
系统: CentOS7.8
Windows客户端主机:
系统: Server2016
二、windows-server环境准备
1. 查看powershell执行策略
get-executionpolicy
2. 更改powershell执行策略为remotesigned
set-executionpolicy remotesigned
3. 配置winrm service并启动服务
winrm quickconfig
4. 查看winrm service启动监听状态
winrm enumerate winrm/config/listener
5. 修改winrm配置,启用远程连接认证
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
6.wins-server防火墙设置
添加防火墙信任规则,允许5985端口通过
打开防火墙高级配置,选择入站规则,在点击新建规则
三、Ansible服务端配置
1. 添加windows客户端连接信息
[windows]
172.16.10.23 ansible_ssh_user="Administrator" ansible_ssh_pass="123456" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore
2.测试ping探测windows客户主机是否存活
ansible 172.16.10.23 -m win_ping
3.批量添加用户并允许远程登录
ansible -i winsserver -m win_user -a "name=test001 password=123456 groups='Administrators,Remote Desktop Users' user_cannot_change_password=yes password_never_expires=yes"
参考链接:
https://www.cnblogs.com/bigdevilking/p/10670170.html