Note
This plugin is part of the ansible.windows collection.
To install it use: ansible-galaxy collection install ansible.windows
.
To use it in a playbook, specify: ansible.windows.win_user_right
.
Parameter | Choices/Defaults | Comments |
---|---|---|
action string |
| add will add the users/groups to the existing right.remove will remove the users/groups from the existing right.set will replace the users/groups of the existing right. |
name string / required | The name of the User Right as shown by the Constant Name value from https://technet.microsoft.com/en-us/library/dd349804.aspx.The module will return an error if the right is invalid. | |
users list / elements=string / required | A list of users or groups to add/remove on the User Right. These can be in the form DOMAIN\user-group, [email protected] for domain users/groups. For local users/groups it can be in the form user-group, .\user-group, SERVERNAME\user-group where SERVERNAME is the name of the remote server. You can also add special local accounts like SYSTEM and others. Can be set to an empty list with action=set to remove all accounts from the right. |
Note
See also
The official documentation on the ansible.windows.win_group module.
The official documentation on the ansible.windows.win_group_membership module.
The official documentation on the ansible.windows.win_user module.
--- - name: Replace the entries of Deny log on locally ansible.windows.win_user_right: name: SeDenyInteractiveLogonRight users: - Guest - Users action: set - name: Add account to Log on as a service ansible.windows.win_user_right: name: SeServiceLogonRight users: - .\Administrator - '{{ansible_hostname}}\local-user' action: add - name: Remove accounts who can create Symbolic links ansible.windows.win_user_right: name: SeCreateSymbolicLinkPrivilege users: - SYSTEM - Administrators - DOMAIN\User - [email protected] action: remove - name: Remove all accounts who cannot log on remote interactively ansible.windows.win_user_right: name: SeDenyRemoteInteractiveLogonRight users: []
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
added list / elements=string | success | A list of accounts that were added to the right, this is empty if no accounts were added. Sample: ['NT AUTHORITY\\SYSTEM', 'DOMAIN\\User'] |
removed list / elements=string | success | A list of accounts that were removed from the right, this is empty if no accounts were removed. Sample: ['SERVERNAME\\Administrator', 'BUILTIN\\Administrators'] |
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/ansible/windows/win_user_right_module.html