Create a Group Policy With Ansible for Windows

In this blog post, I will show you how to create a group policy object in an Active Directory environment using Ansible for Windows.

To learn more about Ansible and Windows Active Directory visit the blog series about the topic.

Ansible and DSC

By default, Ansible Windows modules don’t come with a module that allows us to create a Group Policy object and because of this reason, I’m going to use a Windows DSC module called GroupPolicyDSC with the Ansible win_dsc module which allows us to run DSC using Ansible.

The playbook has three tasks:

  1. Install the nugget PowerShell module.
  2. Install the GroupPolicyDSC module
  3. Create a Group Policy object

Please note that using the GroupPolicyDSC module we can also set group policy settings and configurations.

Playbook

Below is Playbook, simply copy and run.

---

-  name: "Create a GPO"
   hosts: windows
   tasks:
   - win_shell: install-packageprovider -name nuget -force
   - name: "Install GroupPolicyDSC"
     win_psmodule:
        name: GroupPolicyDSC
        state: present
   - name: "Create GPO"
     win_dsc:
        resource_name: GroupPolicy
        name: "ExampleGPO"
        status: allsettingsenabled
        ensure: present

 

By clicking submit, you agree to share your email address with the site owner and Mailchimp to receive marketing, updates, and other emails from the site owner. Use the unsubscribe link in those emails to opt out at any time.

Processing…
Success! You're on the list.

Posted

in

by

NTW – Content Network