How to use Ansible on Windows machines

How to use Ansible on Windows machines
Photo by Dell / Unsplash

Hey everyone!

Hope you are safe and doing great!

If you wondering how to manage your whole Windows machines fleet, easily and quickly install updates/software, and do even more, then I guess you think about Ansible, as one of the solutions.

In this guide we will go through the quick setup from the scratch, using Windows OS machines, for a controller and hosts.

1. Setup your controller machine, from which you will push all changes to your machine's fleet by installing Ubuntu WSL

1.1. Open Microsoft Store and install Ubuntu. It will be your WSL machine inside your Windows OS

1.2. Launch Ubuntu WSL and install ansible

sudo apt update
sudo apt install software-properties-common
sudo add-apt-repository --yes --update ppa:ansible/ansible
sudo apt install ansible

2. Setup hosts machines, which you want to manage

2.1. Launch PowerShell as Administrator and setup winrm listener service

winrm quickconfig

2.2. Answer yes to all questions, it will help you with few things
2.2.1. Adding to autostart the service on a machine boot

Start the WinRM service.
Set the WinRM service type to delayed auto start.

Make these changes [y/n]? y

2.2.2. Adding rules to a firewall

Enable the WinRM firewall exception.
Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

Make these changes [y/n]? y

2.3. Create local Administrator user - ansible. Set a good password for it

3. Setup configuration files on your controller machine within your Ubuntu WSL

3.1. Create the directory

sudo mkdir /etc/ansible

3.2. Create the configuration file

sudo nano /etc/ansible/hosts

3.3. Put a configuration here

[windows]
MachineName1 ansible_port=5985 ansible_host=MachineIPAddress1
MachineName2 ansible_port=5985 ansible_host=MachineIPAddress2

[windows:vars]
ansible_user=ansible
ansible_password=PasswordWhichYouSet
ansible_connection=winrm
ansible_winrm_transport=ntlm
ansible_winrm_server_cert_validation=ignore

Do not forget to replace:
1 - MachineNames - with your machines aliases
2 - MachineIPAddresses - with your machines IP addresses
3 - PasswordWhichYouSet - with your ansible Administrator user password

3.4. Try to reach from your controller machine your hosts machines

ansible windows -m win_ping

You are awesome!

That is it. Hope this short guide helped you and saved your time for the best.

Thank you for reading and see you soon.

Read more