Can Ansible Work on Windows?

Learn how Ansible can manage and automate Windows systems, including setup, modules, and best practices.

Can Ansible Work on Windows?

January 27, 2025
Posted by Luca Berton
ansible, windows, automation, devops, infrastructure as code, iac, ansible playbook, windows automation

Ansible is a versatile automation tool that works seamlessly across Linux, macOS, and Windows systems. This article explores how Ansible can automate tasks on Windows, its requirements, and common use cases.

Can Ansible Work on Windows?

Yes, Ansible can manage and automate Windows systems. While Ansible traditionally targets Linux systems, its support for Windows has grown significantly. Using WinRM (Windows Remote Management) or SSH, Ansible communicates with Windows machines to perform various administrative tasks.

Setting Up Ansible for Windows

To manage Windows with Ansible, follow these steps:

1. Configure the Windows Host

Enable WinRM on the Windows machine. This allows Ansible to communicate with the system.

Steps to Enable WinRM:

Open PowerShell as Administrator.
Run the following command to enable basic authentication:

winrm quickconfig
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'

Add the Ansible control node’s IP to the trusted hosts:

Set-Item wsman:\localhost\Client\TrustedHosts -Value "<Ansible_Control_Node_IP>"

2. Install Required Modules

Ensure the pywinrm Python library is installed on the Ansible control node:

pip install pywinrm

3. Update the Inventory

Define the Windows host in the Ansible inventory file:

[windows]
windows_host ansible_host=192.168.1.10 ansible_user=Administrator ansible_password=your_password ansible_connection=winrm

Ansible Modules for Windows

Ansible provides a rich set of modules specifically for Windows automation:

Common Windows Modules

win_service: Manage Windows services.

- name: Ensure IIS service is running
  win_service:
    name: W3SVC
    state: started

win_package: Install or uninstall Windows packages.

- name: Install Google Chrome
  win_package:
    path: "https://dl.google.com/chrome/install/GoogleChromeStandaloneEnterprise.msi"

win_user: Manage Windows user accounts.

- name: Create a new user
  win_user:
    name: ansible_user
    password: StrongPassword123!
    state: present

win_file: Manage file and directory properties.

- name: Ensure a directory exists
  win_file:
    path: C:\Temp
    state: directory

win_shell: Run shell commands on Windows.

- name: Run a PowerShell command
  win_shell: Get-Service

Use Cases for Ansible on Windows

Software Installation and Updates: Automate the deployment of applications, patches, and updates.
Service Management: Ensure critical services are running and properly configured.
User and Group Management: Create, update, or delete user accounts and groups.
File and Directory Management: Copy, delete, or manage file permissions.
Security and Compliance: Enforce policies, configure firewalls, and apply security baselines.

Best Practices for Windows Automation with Ansible

Secure Credentials: Use Ansible Vault to encrypt passwords and sensitive data.
Use Roles: Organize tasks into reusable roles for better maintainability.
Test on Non-Production Systems: Validate playbooks in a test environment before applying to production.

Conclusion

Ansible’s support for Windows makes it a powerful tool for cross-platform automation. By leveraging Ansible’s modules and playbooks, you can automate Windows systems just as easily as Linux, simplifying infrastructure management.

Learn More About Managing Windows with Ansible

Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.

Academy

Explore Windows automation examples in Ansible by Examples.

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Donate

Support this project by contributing today.

Patreon Buy me a Pizza