OS Tuning (Windows)¶

1. Prepare package¶

1.1 Enable powershell funciotn (WinRM)¶

# Open PowerShell with administrator
# Enable WinRM ---启用 WinRM
Enable-PSRemoting-Force

# Allow unencrypted communication (only for use within trusted networks) ---允许未加密的通信(仅在可信网络内使用)
Set-Item-PathWSMan:\localhost\Service\AllowUnencrypted -Value$true

# Set WinRM service to auto start ---设置 WinRM 服务为自动启动
Set-Service-NameWinRM-StartupTypeAutomatic

# Configure basic authentication---配置基本身份验证
Set-Item-PathWSMan:\localhost\Service\Auth\Basic -Value$true

# Configure firewall ---配置防火墙  **若未关闭防火墙，需开放对应端口
New-NetFirewallRule-Name"Ansible WinRM"-DisplayName"Ansible WinRM"-Protocol TCP -LocalPort5985-Action Allow

1.2 Config `WinRM` listener¶

Ensure that the WinRM service is listening on HTTP(5985) / HTTPS(5986) ports

winrm quickconfig

2. Ansible config¶

2.1 Config inventory¶

vim /home/ansible/host

add below config

[windows]
servername  ansible_host=10.xx.xx.xx

[windows:vars]
ansible_port=5985
ansible_connection=winrm
ansible_winrm_transport=basic

OS Tuning (Windows)¶

1. Prepare package¶

1.1 Enable powershell funciotn (WinRM)¶

1.2 Config WinRM listener¶

2. Ansible config¶

2.1 Config inventory¶

1.2 Config `WinRM` listener¶