ansible/test/integration/targets/win_auto_logon/tasks/main.yml
Jordan Borean 4d3ebd65db
win_auto_logon - check, diff and store pass in LSA (#65528)
* win_auto_logon - check, diff and store pass in LSA

* Ensure baseline keys are set for test

* Skip remove item prop on check mode due to win bug

* Start at a cleared baseline to ensure old LSA secrets are cleared
2019-12-05 11:24:30 +10:00

42 lines
1.2 KiB
YAML

---
- name: get user domain split for ansible_user
win_shell: |
$account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList '{{ ansible_user }}'
$sid = $account.Translate([System.Security.Principal.SecurityIdentifier])
$sid.Translate([System.Security.Principal.NTAccount]).Value -split '{{ "\\" }}'
changed_when: False
register: test_user_split
- set_fact:
test_domain: '{{ test_user_split.stdout_lines[0] }}'
test_user: '{{ test_user_split.stdout_lines[1] }}'
- name: ensure auto logon is cleared before test
win_auto_logon:
state: absent
- name: ensure defaults are set
win_regedit:
path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
name: '{{ item.name }}'
data: '{{ item.value }}'
type: '{{ item.type }}'
state: present
loop:
# We set the DefaultPassword to ensure win_auto_logon clears this out
- name: DefaultPassword
value: abc
type: string
# Ensures the host we test on has a baseline key to check against
- name: AutoAdminLogon
value: 0
type: dword
- block:
- name: run tests
include_tasks: tests.yml
always:
- name: make sure the auto logon is cleared
win_auto_logon:
state: absent