一、ansible server端配置
1、对于Linux主机配置免密登录ssh-copy-id -i ~/.ssh/id_rsa.pub root@remote_ip
2、在/etc/ansible/hosts文件中添加相应主机IP
3、对于Windows主机需要在/etc/ansible/hosts文件中进行以下配置
192.168.83.132 ansible_ssh_user=administrator ansible_ssh_pass=2008.Com ansibe_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=ntlm
二、Windows客户端配置
1、确保.NET 4.0+和powershell 3.0+
Microsoft .NET Framework 4.5下载地址:https://download.microsoft.com/download/B/A/4/BA4A7E71-2906-4B2D-A0E1-80CF16844F5F/dotNetFx45_Full_setup.exe
更新PowerShell 2.0到3.0的脚本:https://github.com/ansible/ansible/blob/devel/examples/scripts/upgrade_to_ps3.ps1
2、查看并设置powershell执行策略为remotesigned:
3、查看powershell版本号,如果低于3.0请执行upgrade_to_ps3.ps1
4、执行ConfigureRemotingForAnsible.ps1(下载地址:https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1)
5、防火墙开启5985、5986端口或者关闭防火墙
三、在ansible server执行修改管理密码的操作
1、修改Linux:
2、修改Windows:
四、脚本展示:
bash
#pwd-linux.yml
---
- hosts: linux
gather_facts: false
tasks:
- name: change password for root
user: name=root password={{ chpass | password_hash('sha512') }} update_password=always
bash
#change-win-pwd.sh
#!/bin/bash
read -p "please input old password: " password1
read -p "please input new password: " password2
read -p "Retype new password: " password3
if [ $password2 = $password3 ]; then
echo "net users administrator \"$password3\"" > pwd.bat
ansible-playbook pwd-win.yml
sed -i "s/$password1/$password3/g" /etc/ansible/hosts
ansible-playbook file-win.yml
else
echo "try again"
fi
bash
#pwd-win.yml
---
- hosts: win
tasks:
- name: copy file
win_copy: src=/root/pwd.bat dest=C:\\pwd.bat
- name: change password
win_shell: C:\pwd.bat
bash
#file-win.yml
---
- hosts: win
tasks:
- name: delete file
win_shell: "del C:\\pwd.bat"