ansible / ansible.builtin / v2.9.18 / module / win_group_membership Manage Windows local group membership | "added in version" 2.4 of ansible.builtin" Authors: Andrew Saraceni (@andrewsaraceni) preview | supported by communityansible.builtin.win_group_membership (v2.9.18) — module
pip
Install with pip install ansible==2.9.18
Allows the addition and removal of local, service and domain users, and domain groups from a local group.
- name: Add a local and domain user to a local group win_group_membership: name: Remote Desktop Users members: - NewLocalAdmin - DOMAIN\TestUser state: present
- name: Remove a domain group and service user from a local group win_group_membership: name: Backup Operators members: - DOMAIN\TestGroup - NT AUTHORITY\SYSTEM state: absent
- name: Ensure only a domain user exists in a local group win_group_membership: name: Remote Desktop Users members: - DOMAIN\TestUser state: pure
name: description: - Name of the local group to manage membership on. required: true type: str state: choices: - absent - present - pure default: present description: - Desired state of the members in the group. - C(pure) was added in Ansible 2.8. - When C(state) is C(pure), only the members specified will exist, and all other existing members not specified are removed. type: str members: description: - A list of members to ensure are present/absent from the group. - Accepts local users as .\username, and SERVERNAME\username. - Accepts domain users and groups as DOMAIN\username and username@DOMAIN. - Accepts service users as NT AUTHORITY\username. - Accepts all local, domain and service user types as username, favoring domain lookups when in a domain. required: true type: list
added: description: A list of members added when C(state) is C(present) or C(pure); this is empty if no members are added. returned: success and C(state) is C(present) sample: - SERVERNAME\NewLocalAdmin - DOMAIN\TestUser type: list members: description: A list of all local group members at completion; this is empty if the group contains no members. returned: success sample: - DOMAIN\TestUser - SERVERNAME\NewLocalAdmin type: list name: description: The name of the target local group. returned: always sample: Administrators type: str removed: description: A list of members removed when C(state) is C(absent) or C(pure); this is empty if no members are removed. returned: success and C(state) is C(absent) sample: - DOMAIN\TestGroup - NT AUTHORITY\SYSTEM type: list