Ansible + Windows

Manage Windows with Ansible – Part 1: Setup Ansible Server on Ubuntu

In this article I will show you how to setup Ansible on Ubuntu. The goal is to manage Windows with ansible in my environment later. I use it to restore my Citrix Lab in case something goes wrong.

Since this is my first blog entry in English, I ask you to watch out for spelling mistakes. Writing is something else than talking 🙂

Automate everything! A saying I love. I’ve been a friend of it since I’ve been working in large customer environments. It starts with the fact that I prefer to use scripts instead of clicking my way through constantly changing GUIs. I am totally excited about DevOps and Datacenter Automation. So I decided to write a blog series about this topic and share my playbooks with you.

First steps in Automation

Anyone who deals with automation and configuration management will sooner or later also meet Ansible. Ansible is an open source automation tool. A big advantage in my opinion is that no agent must be used here. I’ve picked out some comparisons to other tools for you. For the moment I think this comparison is enough, maybe I will write an article later in which I compare the solutions from my point of view.

Can that be love?

After I did some things with Ansible in the last view weeks I can tell you that this thing is really awesome!

What is supported?

Actually every common system is supported. All kinds of Linux distributions, Windows, Azure, AWS (there was a lot going on in the last project), but also a whole range of appliances and other cloud services.

Let the show begin!

First you download Ubuntu Server. I used Ubuntu Server 18.04.2 LTS. The download link can be found here:

You can go through the installation as shown in the pictures. I also installed the OpenSSH server, because I need it later anyway.

Important note: If you use vmware esxi 6.5 in conjunction with Ubuntu 18.04.x, the VM may crash again and again. I had this error in my lab. According to vmware KB the problem is fixed with esxi 6.5 U1. If you can’t update, you can find the KB article here:

When the installation of Ubuntu is complete, restart the server and continue with the installation of Ansible.

Download Ubuntu Server
Download Ubuntu Server

Setup Ansible Server

After we have gone through the basic installation of Ubuntu Server, we perform the setup of Ansible on the server. First we specify the repository.

usion_syntax_highlighter theme

Then we update the package index.

Then we update the package index.

Once the package index has been updated, we can install Ansible. All you have to do is confirm with “yes / y” that the space on the disk can be used and the changes are made to the system.

sudo apt-get install ansible

During the installation of Ansible, you will be prompted to restart installed services on the system. You have to confirm this with “yes”. After that the setup process will continue.

Ansible Package Configuration
Ansible Package Configuration

Once we setup Ansible, we will install python. Here you have to confirm the query for the disk space with “yes” or “y” again.

sudo apt install python-pip

Additionally we install the WinRM module for python. This allows us to manage our Windows machines via WinRM and to run the Playbooks on the remote systems.

sudo pip install pywinrm

The required services are now installed on our Ubuntu server.

Configure Ansible Environment

So that Ansible knows where to find the configuration files, we have to adjust the “ansible.cfg”.

In the config file you have to change the inventory path to the desired path. Since I want to upload the Playbooks etc. via Visual Studio Code (article to follow) later, I’ll set the userhome of my user here.

In my case this is: /home/tom/lab/inventory

The path is made up as follows:

/home/Username/Environment (could be more than one)/inventory

You can open and edit them with nano as follows:

sudo nano /etc/ansible/ansible.cfg
Install Ansible - Ansible Config
Install Ansible – Ansible Config

Once the Config is adjusted, we restart the server once.

Normally I would create the folder structure on the Ansibleserver. This looks normal:

/home/tom/"ansible environment" you can use more than one


How the individual files look like I explain below still exactly.

Setup Windows Server we want to management

Actually you can now directly manage a Windows server with it. All you have to do is run this Powershell script on the server you want to manage:

The script configures WinRM for you. You can customize it for your needs.

I have extended mine a little bit. I also configure the Windows Firewall.

File structure of the Ansible Environment

In order to manage our environment and run the playbooks on the correct maschine, it needs some files to get the necessary information.

inventory file (no file extension)




You can group your servers here. It is important that the group name is used later case sensitive in the playbooks.
A system can also be stored in several groups. You can use the FQDN (your Ansible Server must be able to resolve the DNS name for this) or the IP address.

The files in the folder group_vars

The group-specific parameters and information are stored in the group_vars. For example, the user and password that Ansible is supposed to use. I will show you as an example the file “windows” out of the folder group_vars. In my case such a file looks like this:

ansible_user: adminuser
ansible_password: password123!
ansible_port: 5986
ansible_connection: winrm
ansible_winrm_server_cert_validation: ignore

What we still need is a Playbook. I have chosen a simple one for the beginning. The playbook simply creates a folder structure on the target systems. Here you can also see that the group “windows” was always written in small letters like in the inventory and also in the group_vars file.The Ansible module win_file ( is used here.

  hosts: windows
      name: create folders
        path: "C:\\Temp\\folder\\subfolder"
        state: directory

Let it run!

Once you have setup Ansible and created the files, you can try out the Playbook directly. You can simply start this Playbook with the following command:

ansible-playbook createfolder.yml (-i hostname or ip if you want not run the playbook on the hole "windows" group)

I very much hope you enjoyed the article. In the next article I’ll explain how you can create the playbooks in Microsoft Visual Studio code and run them from there on the Ansible server.

So have a nice day and leave a comment or like if you enjoyed. 🙂

4 thoughts on “Manage Windows with Ansible – Part 1: Setup Ansible Server on Ubuntu”

  1. hosts: localhost
    #getting data from Sites.yml and adding to hosts
    name: “Storing Sites data and adding to hosts”

    – name: getting the site details
    name: “{{item.value.site_IP}}”
    groups: sitename
    loop: “{{lookup(‘dict’,Sites)}}”
    when: item.key == Site

    #Sites data stored below var file (Sitename,IP and domain name)
    – /etc/ansible/Americas/group_vars/Sites.yml

    # get the input from user which site he wants the account
    name: Site
    prompt: “Enter site name”
    private: no

    # sitename is the value from Sites file about servers acccording Sites
    name: adding the users according to site servers
    hosts: sitename
    gather_facts: true

    # creating domain account if the site belongs to Active Directory
    – name: create domain account
    name: “{{user}}”
    # domain_server: “{{item.value.site_domain}}”
    firstname: “{{user}}”
    password: “{{password}}”
    state: present
    when: “ansible_os_product_type == \”domain_controller\””

    #Adding user to specific groups as per user’s job
    – name: adding to domain groups
    name: “{{gps.1}}”
    – “{{ user }}”
    state: present
    loop: “{{wingroups | subelements(‘grps1′,’skip_missing=True’)}}”
    loop_var: gps
    when: == grouptype and ansible_os_product_type == “domain_controller”

    #Groups data stored in below file
    – /etc/ansible/Americas/group_vars/windowsgroups.yml

    #creating workgroup account if site belongs to workgroup
    – name: Create work group account
    name: “{{user}}”
    password: “{{password}}”
    state: present
    when: ansible_os_product_type == “server”

    #Adding user to specific groups as per user’s job
    – name: adding groups
    name: “{{item.1}}”
    – “{{ user }}”
    state: present
    loop: “{{wingroups | subelements(‘grps’,’skip_missing=True’)}}”
    when: == grouptype

    #Groups data stored in below file
    – /etc/ansible/Americas/group_vars/windowsgroups.yml

    #get the data from user about Username,password and sitename

    name: user
    private: false
    prompt: ” Enter user name”

    name: password
    private: true
    prompt: ” Enter password”

    name: grouptype
    prompt: “Enter the group type”
    private: no

    – /etc/ansible/Americas/group_vars/Sites.yml
    site_name: ABCD
    site_domain: atoz
    site_name: XXXX
    site_domain: null

    this code is working fine which i have writtern but,

    i need a help on this , if one site has multiple servers , am not sure how to proceed
    – name: Master
    IP: “”
    – name: Remote
    IP: “”
    site_domain: ~
    site_name: XXXX

  2. Hey,
    I just stumbled over this post when I tried to learn a bit more about ansible.
    Nice tutorials, just a short bug report: At the “Setup Ansible Server” at update repository and package index the commands are not displayed but some theme informations instead. I hope it helps

    Grüße aus Sachsen

Leave a Comment

Your email address will not be published. Required fields are marked *