How to update modified Group Policy on windows by using Ansible playbook

To update modified Group Policy on windows by using Ansible playbook

Introduction:

Ansible is an automatic configuration tool that works on a wide range of windows and UNIX-like systems. The win_shell module is used to run commands on windows systems. The win_unzip module is used to manage achieved files

Master Server Requirements:

ansible

python3-pip

pywinrm (python package)

Windows Requirements:

powershell 3+

Dot net 4

Installation Procedure:

Step 1 : Update the group policy in windows client system

Step 2: Check the OS version by using the following command


root@linuxhelp:~# lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 21.04
Release:	21.04
Codename:	hirsute

Step 3: Check the availability of Ansible package

root@linuxhelp:~# apt list -a ansible
Listing... Done
ansible/hirsute,hirsute,now 4.8.0-1ppa~hirsute all [installed]
ansible/hirsute,hirsute 2.10.7-1 all

Step 4: Check the availability of python3-pip package

root@linuxhelp:~# apt list -a python3
Listing... Done
python3/hirsute,now 3.9.4-1 amd64 [installed,automatic]

python3/hirsute 3.9.4-1 i386

Step 5: Check the availability of python package pywinrm

root@linuxhelp:~# pip list | grep pywinrm
pywinrm                0.4.2

Step 6: Create inventory for Windows node system

root@linuxhelp:~# vi /etc/ansible/hosts 


[windows]
192.168.6.104

[windows:vars]
ansible_user=Admin
ansible_password=Admin@123
ansible_port=5986
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore

Step 7: Create playbook in the name of policy.yml

root@linuxhelp:~# vi policy.yml

- hosts: windows
  gather_facts: true
  tasks:
  - name: Extract the zip file
    win_unzip:
         src: E:\Policy\Modified.zip
         dest: C:\Windows\System32\GroupPolicy
  - name: Updating the Group Policy
    win_shell: gpupdate /force

Step 8: Check the syntax of the policy.yml ansible playbook by using the following command

root@linuxhelp:~# ansible-playbook policy.yml --syntax-check

playbook: policy.yml

Step 9: Run the policy.yml playbook by using the following command

root@linuxhelp:~# ansible-playbook policy.yml

PLAY [windows] ****************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************
ok: [192.168.6.104]

TASK [Extract the zip file] ***************************************************************************************
changed: [192.168.6.104]

TASK [Updating the Group Policy] **********************************************************************************
changed: [192.168.6.104]

PLAY RECAP ********************************************************************************************************
192.168.6.104              : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Step 10: Group policy updated in windows client system by Ansible playbook

By this To update modified Group Policy on windows by using Ansible playbook had comes to end

Tag : Windows Ansible Ubuntu
FAQ
Q
How to check the syntax of the ansible-playbook?
A
Use ansible-playbook --syntax-check commond to check the syntax
Q
What port number for ansible does windows allow?
A
5986 is port number windows allows for ansible.
Q
What is the protocol for windows to be ansible?
A
winrm is a protocol used by windows for ansible.
Q
What is the use of the win_unzip module?
A
It is used to Unzips compressed files and archives on the Windows node
Q
What is the module for running commands on windows?
A
win_shell is the module for run command on windows