Recently I was complaining to an acquaintance about our primary software vendor’s ridiculously time consuming and tedious patching process. (It involves manually unzipping files & hand editing config files, etc.) This acquaintance suggested using Ansible to handle the patching, as well as configuration and deployment.
As my post’s title mentions, the target machines would be Windows (though the control node would have to be Linux, or at least WSL.) In the past, the problem I’ve run into with using tools for Linux with Windows is various weird incompatibilities and syntax problems. For example, sometimes you’d have to double escape (back)slashes in file paths or sometimes not, or sometimes single quotes where you’d expect double, or vice versa. And these glitches were almost never documented properly.
TLDR; is using Ansible for managing Windows a good idea? Or is it better to use a ‘native’ tool?
If you want to run scripts on Windows, then you’d best look into Powershell. Ansible has native modules for doing certain actions (like win_copy), but for anything complex it’s easiest if you push Powershell scripts and run them locally on the Windows machine. Ansible can push and run these Powershell scripts for you using WinRM.
You can but I’ve never had a good experience with it. I am right now deploying TacticalRMM as it is self hosted and completely under the control of my company.
They did have a issue where they had a cyptominer in one of there clients but supposedly it was a mistake. Still very concerning but it can be mitigated by verifiying the source code.