I wanted to unjoin a windows machine from a specific domain and join the machine to a WORKGROUP with the help of the domain credentials. I used Powershell credential objects to prevent the hassle of authentication prompts in the automation . The first command executed successfully ($Pass = {{ ansible_password }} | ConvertTo-SecureString -AsPlainText -Force ) . The 3 PS commands are as follows;
$Pass = {{ ansible_password }} | ConvertTo-SecureString -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential('{ ansible_user }', $Pass)
Remove-Computer -UnJoinDomainCredential $credential -WorkgroupName 'LOCAL' -PassThru -Verbose -Force -Restart
.
- name: join {{ vm_cloned_name }} to workgroup with manual reboot in later task
community.vmware.vmware_vm_shell:
datacenter: "{{ datacenter_name }}"
folder: "/{{ datacenter_name }}/vm/"
vm_id: "{{ vm_cloned_name }}"
vm_username: "{{ localusername }}"
vm_password: "{{ password }}"
vm_shell: 'C:\Windows\System32\WindowsPowershell\v1.0\powershell.exe'
vm_shell_args: "{{ $Pass = '{{ ansible_password }}' | ConvertTo-SecureString -AsPlainText -Force ; $credential = New-Object System.Management.Automation.PSCredential('{{ ansible_user }}', $Pass) ; Remove-Computer -UnJoinDomainCredential $credential -WorkgroupName 'LOCAL' -PassThru -Verbose -Force -Restart }}"
vm_shell_cwd: 'C:\Users\administrator\Desktop'
wait_for_process: true
timeout: 100
register: workgroup_res
tags: join-workgroup
the ansible error logs are as follows:
cmd_line": "\"C:\\Windows\\System32\\WindowsPowershell\\v1.0\\powershell.exe\" $credential = New-Object System.Management.Automation.PSCredential('[email protected]', $Pass)",
"changed": false,
"msg": "Failed to execute command",
You're using Jinja2 templating incorrectly:
A correct templating would look like this (note I use multiline YAML strings to improve readability):
Without multiline YAML it would be the same - you would need to remove the curly braces surrounding the whole command.