Decrypting the secrets of Ansible Vault in PowerShell

Ansible Vault is a pretty nifty tool that allows people to easily encrypt secrets for use in Ansible. For example I can turn something like this host_password: supersecretpass123! into this $ANSIBLE_VAULT;1.1;AES256 33343835306666636239373663396363643766613363343837646633343933376633323964663030 3134616235646661306436643134383333633730376233650a663466323032343633383061336461 36393261363338616337613039363435313631343437323164386661326633313339396238396236 3462393338636632650a653036663266373533343232393838343161396564333963643632653932 30386135636131656130346537356637396139323134386162306431376564346537633566666532 6331323061373237336639356165393563613765663864366231 When calling Ansible, you must supply the password by either manually entering it or use a password file. … [Read more…]

Introducing PsExec for Python

Over the past few months I’ve been trying to find a way that gives people more options around running commands on a Windows host remotely. Currently you have a few options available to you that enable this; Configure WinRM Bake in commands to the startup process, like a Windows answer file or AWS user data … [Read more…]

Demystifying WinRM

One of the most common problems I come across today when it comes to remotely managing Windows is dealing with WinRM and its inconsistencies. I wanted to create a blog post that will help people understand what goes on with WinRM a bit more so that they can better use this resource on Windows. This … [Read more…]

Using Packer to create Windows images

As part of my role as a developer for Ansible on everything Windows, I have a need to test my code on a wide variety of Windows and PowerShell versions. I ended up having a setup of the following to cover my bases; Windows Server 2008 64-bit (PowerShell 3.0) Windows Server 2008 R2 (PowerShell 3.0) … [Read more…]

Managing Windows Servers with Ansible

Since version 1.7, Ansible has been able to manage Windows hosts like it can with normal unix OS’. Granted, the meaning of “support” at that time was fairly basic with a lot of the killer features like check mode, become privilege escalation, and others were not available for Windows hosts but it was a start. … [Read more…]