Topics
Release summary for v2.5.0. This is the first release that provides official support for using the ssh connection plugin.
- Set minimum supported Ansible version to 2.15 to align with the versions still supported by Ansible.
- owner - Migrated to
Ansible.Basicformat to add basic checks like invocation args checking - win_powershell - Changed sensitive_parameters to use New-Object, rather than ::new()
- setup - Better handle orphaned users when attempting to retrieve
ansible_machine_id- #606 - win_owner - Try to enable extra privileges if available to set the owner even when the caller may not have explicit rights to do so normally - #633
- win_powershell - Fix up depth handling on
$Ansible.Resultwhen using a customexecutable- #642 - win_powershell - increase open timeout for
executableparameter to prevent exceptions on first-run or slower targets. (#644). - win_updates - Base64 encode the update wrapper and payload to prevent locale-specific encoding issues.
- win_updates - Handle race condition when
Wait-Processdid not handle when the process had ended - #623
Release summary for v2.4.0
- win_powershell - Added the
sensitive_parametersoption that can be used to pass in a SecureString or PSCredential parameter value. - win_setup - Added the
ansible_win_rm_certificate_thumbprintfact to display the thumbprint of the certificate in use - win_user - Added the ability to set an account expiration date using the
account_expiresoption - #610
- setup - Provide WMI/CIM fallback for facts that rely on SMBIOS when that is unavailable
Release summary for v2.3.0
- win_uri - Max depth for json object conversion used to be 2. Can now send json objects with up to 20 levels of nesting
- win_get_url - Fix Tls1.3 getting removed from the list of security protocols
- win_powershell - Remove unecessary using in code causing stray error records in output - #571
Release summary for v2.2.0
- Set minimum supported Ansible version to 2.14 to align with the versions still supported by Ansible.
- win_share - Added a new param called
scope_namethat allows file shares to be scoped for Windows Server failover cluster roles.
- Process.cs - Fix up the
ProcessCreationFlags.CreateProtectedProcesstypo in the enum name - setup - Fix up typo
collection -> collectwhen a timeout occurred during a fact subset - win_acl - Fix broken path in case of volume junction
- win_service_info - Warn and not fail if ERROR_FILE_NOT_FOUND when trying to query a service - #556
- win_updates - Fix up typo for Download progress event messages - #554
Release summary for v2.1.0
- win_updates - Avoid using a scheduled task to spawn the updates background job when running as become. This provides an alternative method available to users in case the task scheduler does not work on their system - #543
- Remove some code which is no longer valid for dotnet 5+
- win_async - Set maximum data size allowed when deserializing async output - #520
- win_group_membership - Return accurate results when using check_mode - #532
- win_updates - Add special handling for KB2267602 in case it fails - #530
- win_updates - Fix up endless retries when an update failed to install more than once - #343
Version 2.0.0 is a major release of the ansible.windows collection that removes some deprecated features. Please review the changelog to see what deprecated features have been removed in this release.
- win_certificate_store - the private key check, when exporting to pkcs12, has been modified to handle the case where the
PrivateKeyproperty is null despite it being there - win_find - Added
depthoption to control how deep to go when scanning into the target path - #335
- Add warning when using Server 2012 or 2012 R2 with the
setupmodule. These OS' are nearing the End of Life and will not be tested in CI when that time is reached. - win_domain - Module is deprecated in favour of the
microsoft.ad.domainmodule, theansible.windows.win_domainmodule will be removed in the3.0.0release of this collection. - win_domain_controller - Module is deprecated in favour of the
microsoft.ad.domain_controllermodule, theansible.windows.win_domain_controllermodule will be removed in the3.0.0release of this collection. - win_domain_membership - Module is deprecated in favour of the
microsoft.ad.membershipmodule, theansible.windows.win_domain_membershipmodule will be removed in the3.0.0release of this collection.
- win_get_url - Removed the deprecated option alias
passwordd, useurl_passwordinstead. - win_get_url - Removed the deprecated option alias
userandusername, useurl_usernameinstead. - win_package - Removed deprecated module option
ensure, usestateinstead. - win_package - Removed deprecated module option
productid, useproduct_idinstead. - win_package - Removed deprecated module option
username,user_name,password, anduser_password. Usebecomewithbecome_flags: logon_type=new_credentials logon_flags=netcredentials_onlyon the task instead to replicate the same functionality instead. - win_reboot - Removed backwards compatibility check where
ignore_errors: truewill be treated likeignore_unreachable: true. Going forwardignore_errors: truewill only ignore errors the plugin encountered and not an unreachable host. Useignore_unreachable: trueto ignore that error like any other module. - win_regedit - Removed support for using a
pathwith forward slashes as a key separator. Using a forward slash has been deprecated since Ansible 2.9. If using forward slashes in thewin_regeditpathvalue, make sure to change the forward slash/to a backslash\. If enclosed in double quotes the backslash will have to be doubled up. - win_updates - Removed deprecated alias
blacklist, usereject_listinstead. - win_updates - Removed deprecated alias
whitelist, useaccept_listinstead. - win_updates - Removed deprecated module option
use_scheduled_task. This option did not change any functionality in the module and can be safely removed from the task entry. - win_uri - Removed the deprecated option alias
password, useurl_passwordinstead. - win_uri - Removed the deprecated option alias
userandusername, useurl_usernameinstead.
- win_updates - Add retry mechanism when polling output in case file is locked by another process like an Anti Virus - #490
Release summary for v1.14.0
- Process - Add support for starting a process with a custom parent
- win_updates - Added the
rebootedreturn value to document if a host was rebooted - #485
- setup - Be more resilient when parsing the BIOS release date - #496
- win_package - Fix
product_idcheck and skip downloaded requested file if the package is already installed - #479 - win_updates - Add better handling for the polling output for connection plugins that might drop newlines on the output - #477
- win_updates - Ensure failure condition doesn't lock the polling file - #490
- win_updates - Improve batch task runner reliability and attempt to return more info on failures - #448
Release summary for v1.13.0
- Set the minimum Ansible version supported by this collection to Ansible 2.12
- win_reboot - Display connection messages under 4 v's
-vvvvinstead of 3
- setup - Fallback to using the WMI Win32_Processor provider if the SMBIOS version is too old to return processor core counts
- setup - Fix calculation for
ansible_processor_threads_per_coreto reflect the number of threads per core instead of threads per processor - setup - Ignore processors that are not enabled in the
ansible_processor_countreturn value - setup - Support core and thread counts greater than 256 in
ansible_processor_countandansible_processor_threads_per_core - win_dns_client - Fix failure to lookup registry DNS servers when it contains null characters
- win_powershell - Support PowerShell 7 script syntax when targeting
executable: pwsh.exe- #452 - win_wait_for - fix incorrect function name during
state=drained- #451
Release summary for v1.12.0
- win_acl - Added the
followparameter with will follow the symlinks and junctions before applying ACLs to change the target instead of the link - win_powershell - Add support for setting diff output with
$Ansible.Diffin the script - win_uri - Use SHA256 for file idempotency checks instead of SHA1
- win_acl_inheritance - Fix broken pathqualifier when using a UNC path - (#408).
- win_certificate_store - Allow to reimport a certificate + key if the private key was not present the first time you imported it
- win_setup - Fix custom facts that return false are missing - #430
- win_updates - Fix broken call when logging a warning about updates with errors - #411
- win_updates - Handle running with a temp profile path that is deleted between reboots - #417
Release summary for v1.11.1
- win_command - Fix bug that stopped win_command from finding executables that are located more than once in
PATH- #403 - win_copy - Fix error message when failing to find
srcon the controller filesystem
Release summary for v1.11.0
- Raise minimum Ansible version to
2.11or newer - setup - also read
*.jsonfiles infact_pathas raw JSON text in addition to.ps1scripts - win_acl_inheritance - support for setting inheritance for registry keys
- win_command - Added the
argvmodule option for specifying the command to run as a list to be escaped rather than the free form input - win_command - Added the
cmdmodule option for specifying the command to run as a module option rather than the free form input - win_command - Migrated to the newer Ansible.Basic style module to improve module invocation output
- win_stat - Added
get_sizeto control whetherwin_statwill calculate the size of files or directories - #384
- setup - Ignore PATH entries with invalid roots when trying to find
facter.exe- #397 - setup - Ignore invalid
PATHentries when trying to findfacter.exe- #364 - win_find - Fix up share checks when the share contains the
'character - win_package - Skip
msixprovider on older hosts that do not implement the required cmdlets - win_powershell - Do not attempt to serialize ETS properties of primitive types - #360
- win_powershell - Make sure
target_objecton an error record uses thedepthobject when serializing the value - #375 - win_stat - Fix up share checks when the share contains the
'character - win_updates - Try to display warnings on search suceeded with warnings - #366
Release summary for v1.10.0
- setup - Added ipv4, ipv6, mtu and speed data to ansible_interfaces
- win_environment - Trigger
WM_SETTINGCHANGEon a change to notify other host processes of an environment change - win_path - Migrate to newer style module parser that adds features like module invocation under
-vvv - win_path - Trigger
WM_SETTINGCHANGEon a change to notify other host processes of an environment change
- win_reboot - Always set a minimum of 2 seconds for
pre_reboot_delayto ensure the plugin can read the result
- win_dsc - deduplicated error writing code with a new function. No actual error text was changed.
- win_powershell - Added
$Ansible.Verbosityfor scripts to adjust code based on the verbosity Ansible is running as
- win_command - Use the 24 hour format for the hours of
startandend- #303 - win_copy - improve dest folder size detection to handle broken and recursive symlinks as well as inaccesible folders - #298
- win_dsc - Provide better error message when trying to invoke a composite DSC resource
- win_shell - Use the 24 hour format for the hours of
startandend- #303 - win_updates - Fix return value for
updatesandfiltered_updatesto match original stucture - #307 - win_updates - Fixed issue when attempting to run
task.ps1with a host that has a restrictive execution policy set through GPO - win_updates - prevent the host from going to sleep if a low sleep timeout is set - #310
- win_updates - Added the
skip_optionalmodule option to skip optional updates
- win_copy - Fix remote dest size calculation logic
- win_dns_client - Fix method used to read IPv6 DNS settings given by DHCP - #283
- win_file - Fix conflicts with existing
LIBenvironment variable - win_find - Fix conflicts with existing
LIBenvironment variable - win_stat - Fix conflicts with existing
LIBenvironment variable - win_updates - Fix conflicts with existing
LIBenvironment variable - win_updates - Ignore named pipes with illegal filenames when checking for the task named pipe during bootstrapping - #291
- win_updates - Improve error handling when starting background update task
- win_user - Fix
msgreturn value when settingstate: query - win_whoami - Fix conflicts with existing
LIBenvironment variable
- win_reboot - Fix local variable referenced before assignment issue - #276
- win_updates - Bypass execution policy checks when polling or cancelling the update task - #272
- win_user - Set validate user logic to always check local database
- win_group - fixed
descriptionsetting for a group that doesn't exist when running in check_mode (#260).
- win_dsc - Fix import errors when running against host that wasn't installed with the
en-USlocale - #83 - win_state - Fixed the
creationtime,lastaccesstime, andlastwritetimeto report the time in UTC. This matches thestatmodule's behaviour and what many would expect for a epoch based timestamp - #240 - win_updates - Fixed
win_updatesoutput to not cast to an integer to preserve original behaviour and issues with non integer values - #247 - win_updates - fallback to run as SYSTEM if current user does not have batch logon rights - #253
- win_updates - Added
accept_listandreject_listto replacewhitelistandblacklist - win_updates - Added
failure_msgresult to the return value of each update that gives a human readable error message if the update failed to download or install - win_updates - Added
filtered_reasonsthat list all the reasons why the update has been filtered - #226 - win_updates - Added progress logs to display on higher verbosities the download and install progress for each host
- win_updates - Added the
downloadedresult to the return value of each update to indicate if an update was downloaded or not - win_updates - Added the category
*that matches all categories - win_updates - Improve Windows Update HRESULT error messages
- win_updates - Improve the details present in the
log_pathlog entries for better monitoring
- win_updates - Deprecated the
filtered_reasonreturn value for each filtered up in favour offiltered_reasons. This has been done to show all the reasons why an update was filtered and not just the first reason. - win_updates - Deprecated the
use_scheduled_taskoption as it is no longer used. - win_updates - Deprecated the
whitelistandblacklistoptions in favour ofaccept_listandreject_listrespectively to conform to the new standards used in Ansible for these types of options.
- win_reboot - Handle connection failures when getting the first boot time command
- win_updates - Always return the
failed_updates_counton a standard failure - #13 - win_updates - Always use a scheduled task which should be less prone to random token errors when trying to connect to Windows Update - #193
- win_updates - Attempt a reboot once when
reboot=Trueis set and a failure occurred - #22 - win_updates - Improve the reboot detection behaviour when
reboot=Trueis set - #25 - win_updates - Improve the reboot mechanism - #143
- win_updates - Reboot the host when
reboot=Trueif the first search result indicates a reboot is required - #49
- win_reboot - Change the default
test_commandrun after a reboot to wait for more services to start up before the plugin finished. This should better handle waiting until the logon screen appears rather than just when WinRM is first online.
- win_reboot - Unreachable hosts can be ignored with
ignore_errors: True, this ability will be removed in a future version. Useignore_unreachable: Trueto ignore unreachable hosts instead. - #62
- win_reboot - Removed
shutdown_timeoutandshutdown_timeout_secwhich has not done anything since Ansible 2.5.
- win_certificate_store - Make sure store_name: CertificateAuthority refers to the CA store for backwards compatibility - #216
- win_reboot - Ensure documented return values are always returned even on a failure
- win_reboot - Handle more connection failures during the reboot phases
- win_reboot - User defined commands are run wrapped as a PowerShell command so they work on all shells - #36
- win_certificate_store - Added functionality to open the store for a service account using
store_type=service store_location=<service name> - win_user - Support specifying groups using the SecurityIdentifier - #153
- setup - Return correct epoch integer value for the
ansible_date_time.epoch_intfact - win_template - Fix changed internal API that win_template uses to work with devel again
- win_user - Compare existing vs desired groups in a case insenstive way - #168
- win_powershell - Run PowerShell scripts
- setup - Added more virtualization types to the virtual facts based on the Linux setup module
- win_package - fix msi detection when the msi product is already installed under a different version - #166
- win_package - treat a missing
creates_pathwhencreates_versionas though the package was not installed instead of a failure - #169
- setup - add
epoch_intoption to date_time facts (ansible/ansible#72479). - win_environment - add
variablesdictionary option for setting many env vars at once (#113). - win_find - Change
hidden: yesto return hidden files and normal files to match the behaviour withfind- #130 - win_service - Allow opening driver services using this module. Not all functionality is available for these types of services - #115
- setup - handle PATH environment vars that contain blank entries like
C:\Windows;;C:\Program Files- #78 (comment) - win_package - Do not fail when trying to set SYSTEM ACE on read only path - #142
- win_service - Fix edge case bug when running against PowerShell 5.0 - #125
- win_service - Fix opening services with limited rights - #118
- win_service - Fix up account name lookup when dealing with netlogon formatted accounts (
DOMAIN\account) - #156 - win_service_info - Provide failure details in warning when failing to open service
- win_copy - fix bug when copying a single file during a folder copy operation
- win_hostname - Added diff mode support
- win_hostname - Use new
Ansible.Basic.AnsibleModulewrapper - win_user - Added check mode support
- win_user - Added diff mode support
- win_user - Added the
home_directoryoption - win_user - Added the
login_scriptoption - win_user - Added the
profileoption - win_user - Use new
Ansible.Basic.AnsibleModulewrapper for better invocation reporting - win_user_right - Improved error messages to show what right and account an operation failed on
- win_user_right - Refactored to use
Ansible.Basic.AnsibleModulefor better module invocation reporting
- win_find - module has been refactored to better match the behaviour of the
findmodule. Here is what has changed: - When the directory specified by
pathsdoes not exist or is a file, it will no longer fail and will just warn the user - Junction points are no longer reported as
islnk, useisjunctionto properly report these files. This behaviour matches the win_stat module - Directories no longer return a
size, this matches thestatandfindbehaviour and has been removed due to the difficulties in correctly reporting the size of a directory
- When the directory specified by
- win_find - module has been refactored to better match the behaviour of the
- win_user - Change idempotency checks for
descriptionto be case sensitive - win_user - Change idempotency checks for
fullnameto be case sensitive
- win_domain_controller - the
log_pathoption has been deprecated and will be removed in a later release. This was undocumented and only related to debugging information for module development. - win_package - the
ensurealias for thestateoption has been deprecated and will be removed in a later release. Please usestateinstead ofensure. - win_package - the
productidalias for theproduct_idoption has been deprecated and will be removed in a later release. Please useproduct_idinstead ofproductid. - win_package - the
usernameandpasswordoptions has been deprecated and will be removed in a later release. The same functionality can be done by usingbecome: yesandbecome_flags: logon_type=new_credentials logon_flags=netcredentials_onlyon the task.
- win_stat - removed the deprecated
get_md55option andmd5return value.
This is the first proper release of the ansible.windows collection on 2020-07-18.
The changelog describes all changes made to the modules and plugins included in this collection since Ansible 2.9.0.
- Checks for and resolves a condition where effective nameservers are obfucated, usually by malware. See https://www.welivesecurity.com/2016/06/02/crouching-tiger-hidden-dns/
- Windows - add deprecation notice in the Windows setup module when running on Server 2008, 2008 R2, and Windows 7
- setup - Added ansible_architecture2` to match the same format that setup on POSIX hosts return. Unlike
ansible_architecturethis value is not localized to the host's language settings. - setup - Implemented the
gather_timeoutoption to restrict how long each subset can run for - setup - Refactor to speed up the time taken to run the module
- setup.ps1 - parity with linux regarding missing local facts path (ansible/ansible#57974)
- win_command, win_shell - Add the ability to override the console output encoding with
output_encoding_override- ansible/ansible#54896 - win_dns_client - Added support for setting IPv6 DNS servers - ansible/ansible#55962
- win_domain_computer - Use new Ansible.Basic wrapper for better invocation reporting
- win_domain_controller - Added the
domain_log_pathto control the directory for the new AD log files location - ansible/ansible#59348 - win_find - Improve performance when scanning heavily nested directories and align behaviour to the
findmodule. - win_package - Added proxy support for retrieving packages from a URL - ansible/ansible#43818
- win_package - Added support for
.appx,.msix,.appxbundle, and.msixbundlepackage - ansible/ansible#50765 - win_package - Added support for
.msppackages - ansible/ansible#22789 - win_package - Added support for specifying the HTTP method when getting files from a URL - ansible/ansible#35377
- win_package - Move across to
Ansible.Basicfor better invocation logging - win_package - Read uninstall strings from the
QuietUninstallStringif present to better support argumentless uninstalls of registry based packages. - win_package - Scan packages in the current user's registry hive - ansible/ansible#45950
- win_regedit - Use new Ansible.Basic wrapper for better invocation reporting
- win_share - Implement append parameter for access rules (ansible/ansible#59237)
- windows setup - Added
ansible_os_installation_typeto denote the type of Windows installation the remote host is.
- setup - Make sure
ansible_date_time.epochis seconds since EPOCH in UTC to mirror the POSIX facts. Theansible_date_time.epoch_localcontains seconds since EPOCH in the local timezone for backwards compatibility - setup - Will now add the IPv6 scope on link local addresses for
ansible_ip_addresses - setup -
ansible_processorwill now return the index before the other values to match the POSIX fact behaviour - win_find - No longer filters by size on directories, this feature had a lot of bugs, slowed down the module, and not a supported scenario with the
findmodule.
- win_domain_computer - Deprecated the undocumented
log_pathoption. This option will be removed in a major release after2022-07-01. - win_regedit - Deprecated using forward slashes as a path separator, use backslashes to avoid ambiguity between a forward slash in the key name or a forward slash as a path separator. This feature will be removed in a major release after
2021-07-01.
- Fix detection of DHCP setting so that resetting to DHCP doesn't cause
CHANGEDstatus on every run. See ansible/ansible#66450 - setup - Remove usage of WMI to speed up execution time and work with standard user accounts
- win_acl - Fixed error when setting rights on directory for which inheritance from parent directory has been disabled.
- win_dns_client - Only configure network adapters that are IP Enabled - ansible/ansible#58958
- win_dsc - Always import module that contains DSC resource to ensure the required assemblies are loaded before parsing it - #66
- win_find - Fix deduped files mistaken for directories (ansible/ansible#58511)
- win_find - Get-FileStat used [int] instead of [int64] for file size calculations
- win_package - Handle quoted and unquoted strings in the registry
UninstallStringvalue - ansible/ansible#40973 - win_reboot - add
boot_time_commandparameter to override the default command used to determine whether or not a system was rebooted (ansible/ansible#58868) - win_share - Allow for root letters paths
- win_uri win_get_url - Fix the behaviour of
follow_redirects: safeto actual redirect onGETandHEADrequests - ansible/ansible#65556