|
|
|
---
|
|
|
|
- set_fact:
|
|
|
|
test_username: ansible-test
|
|
|
|
test_password: Password123{{ lookup('password', '/dev/null chars=ascii_letters,digits length=8') }}
|
|
|
|
|
|
|
|
- name: create test Admin user
|
|
|
|
win_user:
|
|
|
|
name: '{{ test_username }}'
|
|
|
|
password: '{{ test_password }}'
|
|
|
|
state: present
|
|
|
|
groups:
|
|
|
|
- Administrators
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: test Ansible.AccessToken.cs
|
|
|
|
ansible_access_token_tests:
|
|
|
|
test_username: '{{ test_username }}'
|
|
|
|
test_password: '{{ test_password }}'
|
|
|
|
register: ansible_access_token_test
|
|
|
|
|
|
|
|
- name: assert test Ansible.AccessToken.cs
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- ansible_access_token_test.data == "success"
|
|
|
|
always:
|
|
|
|
- name: remove test Admin user
|
|
|
|
win_user:
|
|
|
|
name: '{{ test_username }}'
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
- name: test Ansible.Basic.cs
|
|
|
|
ansible_basic_tests:
|
|
|
|
register: ansible_basic_test
|
|
|
|
|
|
|
|
- name: assert test Ansible.Basic.cs
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- ansible_basic_test.data == "success"
|
|
|
|
|
|
|
|
# Users by default don't have this right, temporarily enable it
|
|
|
|
- name: ensure the Users group have the SeBatchLogonRight
|
|
|
|
win_user_right:
|
|
|
|
name: SeBatchLogonRight
|
|
|
|
users:
|
|
|
|
- Users
|
|
|
|
action: add
|
|
|
|
register: batch_user_add
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: test Ansible.Become.cs
|
|
|
|
ansible_become_tests:
|
|
|
|
register: ansible_become_tests
|
|
|
|
|
|
|
|
always:
|
|
|
|
- name: remove SeBatchLogonRight from users if added in test
|
|
|
|
win_user_right:
|
|
|
|
name: SeBatchLogonRight
|
|
|
|
users:
|
|
|
|
- Users
|
|
|
|
action: remove
|
|
|
|
when: batch_user_add is changed
|
|
|
|
|
|
|
|
- name: assert test Ansible.Become.cs
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- ansible_become_tests.data == "success"
|
|
|
|
|
|
|
|
- name: test Ansible.Process.cs
|
|
|
|
ansible_process_tests:
|
|
|
|
register: ansible_process_tests
|
|
|
|
|
|
|
|
- name: assert test Ansible.Process.cs
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- ansible_process_tests.data == "success"
|
|
|
|
|
|
|
|
- name: test Ansible.Privilege.cs
|
|
|
|
ansible_privilege_tests:
|
|
|
|
register: ansible_privilege_test
|
|
|
|
|
|
|
|
- name: assert test Ansible.Privilege.cs
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- ansible_privilege_test.data == "success"
|