ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added win_dsc demo (#7)

Browse Source 
Add DSC for setting account policy
This commit is contained in:
MKletz
2022-03-22 17:55:42 -05:00
committed by GitHub
parent 51273afedd
commit ea58394360
2 changed files with 59 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
windows/powershell_dsc.yml Normal file
View File

@@ -0,0 +1,41 @@
---
- name: PowerShell DSC
hosts: "{{ HOSTS | default('windows') }}"
gather_facts: false
tasks:
- name: Setup the SecurityPolicyDSC module
community.windows.win_psmodule:
name: SecurityPolicyDSC
module_version: 2.10.0.0
state: present
- name: Set password history
ansible.windows.win_dsc:
resource_name: AccountPolicy
Name: Enforce_password_history
Enforce_password_history: 24
- name: Set maximum password age
ansible.windows.win_dsc:
resource_name: AccountPolicy
Name: Maximum_Password_Age
Maximum_Password_Age: 60
- name: Set minimum password age
ansible.windows.win_dsc:
resource_name: AccountPolicy
Name: Minimum_Password_Age
Maximum_Password_Age: 20
- name: Set minimum password length
ansible.windows.win_dsc:
resource_name: AccountPolicy
Name: Minimum_Password_Length
Maximum_Password_Age: 8
- name: Set password complexity requirements
ansible.windows.win_dsc:
resource_name: AccountPolicy
Name: Password_must_meet_complexity_requirements
Password_must_meet_complexity_requirements: Enabled

18
windows/setup.yml
View File

@@ -205,6 +205,24 @@ controller_templates:
- 'Running' - 'Running'
- 'Stopped' - 'Stopped'
- name: "WINDOWS / PowerShell DSC configuring password requirements"
job_type: run
inventory: "Workshop Inventory"
project: "Ansible official demo project"
playbook: "windows/powershell_dsc.yml"
execution_environment: Default execution environment
credentials:
- "Workshop Credential"
survey_enabled: true
survey:
name: ''
description: ''
spec:
- question_name: Server Name or Pattern
type: text
variable: HOSTS
required: false
- name: "ACTIVE DIRECTORY / Create Active Directory domain" - name: "ACTIVE DIRECTORY / Create Active Directory domain"
job_type: run job_type: run
inventory: "Workshop Inventory" inventory: "Workshop Inventory"