How to set up Ansible to manage a domain controller?

D

Digsecman2021-07-22 11:17:13

Active Directory

Digsecman, 2021-07-22 11:17:13

Please tell me how to set up Ansible on centos to manage domain computers?
What specifically needs to be registered to a configuration?

As I understand it, you need to configure the control machine connections to the DC via kerberos, then enable winRM support on all PCs of the domain on the DC through group policy, create an admin user on the DC through which ansible will act and then launch playbooks. But this is the general scheme.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

aagzip, 2021-07-22
@aagzip

Ansible, of course, works through winrm, but over ssh it works much better.
If you have workstations and servers running OS Windows 10 version > 1803 and Windows Server 2016+, then it is better to connect to them via ssh.
winrm without encryption is unsafe to use, and winrm with encryption is configured, IMHO, more difficult than ssh.
ssh to windows:
https://docs.microsoft.com/en-us/windows-server/ad... Ansible
has very good documentation, use it:
https://docs.ansible.com/ansible/latest/user_guide ...