629efb6eaa
* psexec: new module to run commands on a remote Windows host without WinRM * fix up sanity issue, create test firewall rule for SMB traffic * Fixed up yaml linting issues, trying to fix on the fly firewall rule * Added SMB exception to catch when cleaning up PAExec exe * Don't load profile for Azure hosts when becoming another user * Fixed up example to use correct option * Reworded notes section of module docs * Simplified module options around process integrity levels and the system account
49 lines
1.1 KiB
YAML
49 lines
1.1 KiB
YAML
---
|
|
- name: check whether the host supports encryption
|
|
win_shell: |
|
|
if ([System.Environment]::OSVersion.Version -lt [Version]"6.2") {
|
|
"false"
|
|
} else {
|
|
"true"
|
|
}
|
|
register: encryption_supported_raw
|
|
|
|
- name: install pypsexec Python library for tests
|
|
pip:
|
|
name: pypsexec
|
|
state: latest
|
|
delegate_to: localhost
|
|
|
|
- name: define psexec variables
|
|
set_fact:
|
|
psexec_hostname: '{{ansible_host}}'
|
|
psexec_username: '{{ansible_user}}'
|
|
psexec_password: '{{ansible_password}}'
|
|
psexec_encrypt: '{{encryption_supported_raw.stdout_lines[0]|bool}}'
|
|
|
|
- name: create test rule to allow SMB traffic inbound
|
|
win_firewall_rule:
|
|
name: File and Printer Sharing (SMB-In) Test
|
|
direction: in
|
|
action: allow
|
|
localport: 445
|
|
enabled: yes
|
|
protocol: tcp
|
|
program: System
|
|
profiles:
|
|
- domain
|
|
- private
|
|
- public
|
|
state: present
|
|
|
|
- name: run tests
|
|
block:
|
|
- include_tasks: tests.yml
|
|
|
|
always:
|
|
- name: remove test rule that allows SMB traffic inbound
|
|
win_firewall_rule:
|
|
name: File and Printer Sharing (SMB-In) Test
|
|
direction: in
|
|
action: allow
|
|
state: absent
|