XLAB Steampunk logo Try Spotter
 / home / ansible / ansible.builtin / v2.9.27 / module / win_group_membership

ansible.builtin.win_group_membership (v2.9.27) — module

Manage Windows local group membership

| "added in version" 2.4 of ansible.builtin"

Authors: Andrew Saraceni (@andrewsaraceni)

preview | supported by community

Install Ansible via pip | Description | Usage examples | Inputs | Outputs

Install Ansible via pip

Install with pip install ansible==2.9.27

Description

Allows the addition and removal of local, service and domain users, and domain groups from a local group.

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Add a local and domain user to a local group
  win_group_membership:
    name: Remote Desktop Users
    members:
      - NewLocalAdmin
      - DOMAIN\TestUser
    state: present
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Remove a domain group and service user from a local group
  win_group_membership:
    name: Backup Operators
    members:
      - DOMAIN\TestGroup
      - NT AUTHORITY\SYSTEM
    state: absent
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Ensure only a domain user exists in a local group
  win_group_membership:
    name: Remote Desktop Users
    members:
      - DOMAIN\TestUser
    state: pure

Inputs

    
name:
    description:
    - Name of the local group to manage membership on.
    required: true
    type: str

state:
    choices:
    - absent
    - present
    - pure
    default: present
    description:
    - Desired state of the members in the group.
    - C(pure) was added in Ansible 2.8.
    - When C(state) is C(pure), only the members specified will exist, and all other existing
      members not specified are removed.
    type: str

members:
    description:
    - A list of members to ensure are present/absent from the group.
    - Accepts local users as .\username, and SERVERNAME\username.
    - Accepts domain users and groups as DOMAIN\username and username@DOMAIN.
    - Accepts service users as NT AUTHORITY\username.
    - Accepts all local, domain and service user types as username, favoring domain lookups
      when in a domain.
    required: true
    type: list

Outputs

added:
  description: A list of members added when C(state) is C(present) or C(pure); this
    is empty if no members are added.
  returned: success and C(state) is C(present)
  sample:
  - SERVERNAME\NewLocalAdmin
  - DOMAIN\TestUser
  type: list
members:
  description: A list of all local group members at completion; this is empty if the
    group contains no members.
  returned: success
  sample:
  - DOMAIN\TestUser
  - SERVERNAME\NewLocalAdmin
  type: list
name:
  description: The name of the target local group.
  returned: always
  sample: Administrators
  type: str
removed:
  description: A list of members removed when C(state) is C(absent) or C(pure); this
    is empty if no members are removed.
  returned: success and C(state) is C(absent)
  sample:
  - DOMAIN\TestGroup
  - NT AUTHORITY\SYSTEM
  type: list

See also

Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy