Scribd
Upload
79 views7 pages

Ansible Windows

The document provides a step-by-step guide for configuring Ansible to manage a Windows Server 2022 from an Ubuntu machine. It includes instructions for setting up WinRM, creating inventory files, and executing playbooks for tasks such as setting the hostname, disabling Remote Desktop, and installing IIS and DNS services. The document also shows examples of Ansible commands and their expected outputs.

Uploaded by

santosadidik543
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
79 views7 pages

Ansible Windows

The document provides a step-by-step guide for configuring Ansible to manage a Windows Server 2022 from an Ubuntu machine. It includes instructions for setting up WinRM, creating inventory files, and executing playbooks for tasks such as setting the hostname, disabling Remote Desktop, and installing IIS and DNS services. The document also shows examples of Ansible commands and their expected outputs.

Uploaded by

santosadidik543
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd

ANSIBLE UBUNTU KE WINDOWS SERVER 2022

Jalankan di windows
powershell administrator

# Set execution policy untuk memungkinkan skrip berjalan


Set-ExecutionPolicy RemoteSigned -Force

# Aktifkan WinRM listener


winrm quickconfig

# Izinkan koneksi dari Ansible host (sesuaikan IP dengan jaringan Anda)


winrm set winrm/config/service ‘@{AllowUnencrypted="true"}’
winrm set winrm/config/service/auth ‘@{Basic="true"}’

# Izinkan firewall untuk WinRM


New-NetFirewallRule -DisplayName "WinRM HTTP" -Direction Inbound -Action Allow -Protocol
TCP -LocalPort 5985

di Ubuntu
buat file host.ini

[windows]
windows_server ansible_host=192.168.8.144
ansible_user=Administrator ansible_password='@data261278@'
ansible_connection=winrm ansible_winrm_transport=basic
ansible_port=5985

test dari ubuntu


budi@tusirah:~/workflow/windows$ ansible all -i hosts.ini -m
win_ping

windows_server | SUCCESS => {


"changed": false,
"ping": "pong"
}

budi@tusirah:~/workflow/windows$ ansible windows -i hosts.ini -m


win_shell -a "systeminfo"
windows_server | CHANGED | rc=0 >>

Host Name: WIN-B0174BIMC70


OS Name: Microsoft Windows Server 2022 Standard
Evaluation
OS Version: 10.0.20348 N/A Build 20348
OS Manufacturer: Microsoft Corporation
OS Configuration: Primary Domain Controller
OS Build Type: Multiprocessor Free
Registered Owner: Windows User
Registered Organization:
Product ID: 00454-40000-00001-AA970
Original Install Date: 27/03/2025, 03.42.56
System Boot Time: 03/04/2025, 15.52.09
System Manufacturer: innotek GmbH
System Model: VirtualBox
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: Intel64 Family 6 Model 142
Stepping 9 GenuineIntel ~2904 Mhz
BIOS Version: innotek GmbH VirtualBox, 01/12/2006
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC-08:00) Pacific Time (US & Canada)
Total Physical Memory: 2.048 MB
Available Physical Memory: 295 MB
Virtual Memory: Max Size: 3.200 MB
Virtual Memory: Available: 1.192 MB
Virtual Memory: In Use: 2.008 MB

budi@tusirah:~/workflow/windows$ ansible windows -i hosts.ini -m


win_shell -a "ipconfig"
windows_server | CHANGED | rc=0 >>

Windows IP Configuration

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :


IPv6 Address. . . . . . . . . . . :
fd14:7740:664d:1c00:b0bf:3af5:75:ade1
Link-local IPv6 Address . . . . . : fe80::b0bf:3af5:75:ade1%4
IPv4 Address. . . . . . . . . . . : 192.168.8.144
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::1677:40ff:fe66:4d1c%4
192.168.8.1

Set Hostname windows

hosts.ini
[windows]
windows_server1 ansible_host=192.168.8.148
ansible_user=Administrator ansible_password='@data261278@'
ansible_connection=winrm ansible_winrm_transport=basic
ansible_port=5985
vim.tiny 1-hostname.yml

- name: Configure hostname on Windows Server


hosts: windows
gather_facts: no
tasks:
- name: Set Hostname
ansible.windows.win_hostname:
name: "{{ hostname }}"

mkdir group_vars
vim.tiny group_vars/windows.yml
hostname: WIN1

ansible-playbook -i hosts.ini 1-hostname.yml

Stop Remote Desktop Windows Server


vim.tiny 2-sec-log.yml

- name: Configure Security Settings - Disable Remote Desktop


Service
hosts: windows
gather_facts: no
tasks:
- name: Stop Remote Desktop Service (TermService)
ansible.windows.win_service:
name: TermService
state: stopped

- name: Disable Remote Desktop Service (TermService)


ansible.windows.win_service:
name: TermService
start_mode: disabled

budi@tusirah:~/workflow/windows$ ansible all -i hosts.ini -m


win_ping
windows_server1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
budi@tusirah:~/workflow/windows$ ansible-playbook -i hosts.ini 2-
sec-log.yml

PLAY [Configure Security Settings - Disable Remote Desktop


Service]
******************************************************************
******************************************************
TASK [Stop Remote Desktop Service (TermService)]
******************************************************************
******************************************************************
*******
ok: [windows_server1]

TASK [Disable Remote Desktop Service (TermService)]


******************************************************************
******************************************************************
****
changed: [windows_server1]

PLAY RECAP
******************************************************************
******************************************************************
*********************************************
windows_server1 : ok=2 changed=1 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0

IIS Webserver

vim.tiny 4-web-server.yml
- name: Install and Configure IIS Web Server
hosts: windows
gather_facts: yes
tasks:
- name: Install IIS Web Server
ansible.windows.win_feature:
name: Web-Server
state: present

- name: Ensure IIS Service is running


ansible.windows.win_service:
name: W3SVC
start_mode: auto
state: started

- name: Create Web Content File


ansible.builtin.win_copy:
content: "Hello from {{ ansible_hostname }} !"
dest: "C:\\inetpub\\wwwroot\\index.html"

- name: Ensure Default Website is configured for HTTP only


community.windows.win_iis_website:
name: "Default Web Site"
state: started
port: 80
ip: "*"

ansible-playbook -i hosts.ini 4-web-server.yml

PLAY [Install and Configure IIS Web Server]


******************************************************************
******************************************************************
************

TASK [Gathering Facts]


******************************************************************
******************************************************************
*********************************
ok: [windows_server1]

TASK [Install IIS Web Server]


******************************************************************
******************************************************************
**************************
ok: [windows_server1]

TASK [Ensure IIS Service is running]


******************************************************************
******************************************************************
*******************
ok: [windows_server1]

TASK [Create Web Content File]


******************************************************************
******************************************************************
*************************
changed: [windows_server1]

TASK [Ensure Default Website is configured for HTTP only]


******************************************************************
****************************************************************
ok: [windows_server1]

PLAY RECAP
******************************************************************
******************************************************************
*********************************************
windows_server1 : ok=5 changed=1 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0

DNS Server

vim.tiny 3-dns-server.yml
- name: Configure DNS Server
hosts: windows
gather_facts: yes
tasks:
- name: Install DNS Server Feature
ansible.windows.win_feature:
name: DNS
state: present

- name: Start DNS Server Service


ansible.windows.win_service:
name: DNS
state: started

- name: Create DNS Zone windows.com


community.windows.win_dns_zone:
name: windows.com
type: primary
state: present
replication: none # Bisa juga Forest, Legacy, atau Custom

- name: Create A record for windows.com


community.windows.win_dns_record:
zone: windows.com
name: windows.com
type: A
value: 10.0.10.20
state: present

- name: Create A record for <hostname>.windows.com


community.windows.win_dns_record:
zone: windows.com
name: "{{ ansible_hostname }}.windows.com"
type: A
value: 10.0.10.20
state: present

- name: Create A record for www.windows.com


community.windows.win_dns_record:
zone: windows.com
name: www
type: A
value: 10.0.10.20
state: present

ansible-playbook -i hosts.ini 3-dns-server.yml

PLAY [Configure DNS Server]


******************************************************************
******************************************************************
****************************
TASK [Gathering Facts]
******************************************************************
******************************************************************
*********************************
ok: [windows_server1]

TASK [Install DNS Server Feature]


******************************************************************
******************************************************************
**********************
ok: [windows_server1]

TASK [Start DNS Server Service]


******************************************************************
******************************************************************
************************
ok: [windows_server1]

TASK [Create DNS Zone windows.com]


******************************************************************
******************************************************************
*********************
ok: [windows_server1]

TASK [Create A record for windows.com]


******************************************************************
******************************************************************
*****************
ok: [windows_server1]

TASK [Create A record for <hostname>.windows.com]


******************************************************************
******************************************************************
******
changed: [windows_server1]

TASK [Create A record for www.windows.com]


******************************************************************
******************************************************************
*************
changed: [windows_server1]

PLAY RECAP
******************************************************************
******************************************************************
*********************************************
windows_server1 : ok=7 changed=2 unreachable=0
failed=0 skipped=0 rescued=0 ignored=0

You might also like