New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

psexec: new module to run commands on a remote Windows host without WinRM #36723

Merged

jborean93 merged 8 commits into ansible:devel from jborean93:psexec-module

Apr 24, 2018

Contributor

jborean93 commented Feb 26, 2018

SUMMARY

This is a new module that allows users to run a command on a remote Windows host without the requirement of WinRM. It can be used to run once off commands for a Windows host or even to bootstrap the WinRM listener so you can use the Ansible winrm connection plugin.

ISSUE TYPE

New Module Pull Request

COMPONENT NAME

psexec

ANSIBLE VERSION

2.6

ansibot added community_review module needs_triage new_module new_plugin support:community test labels Feb 26, 2018

jborean93 referenced this pull request Feb 26, 2018

Open

Ideas for bootstrapping Windows systems using Ansible #30972

jborean93 added the windows label Feb 26, 2018

Contributor

ansibot commented Feb 26, 2018

The test ansible-test sanity --test yamllint [explain] failed with 2 errors:

test/integration/targets/psexec/tasks/main.yml:46:1: empty-lines too many blank lines (1 > 0)
test/integration/targets/psexec/tasks/tests.yml:231:1: empty-lines too many blank lines (1 > 0)

click here for bot help

ansibot added needs_revision and removed community_review labels Feb 26, 2018

alikins removed the needs_triage label Feb 26, 2018

jborean93 changed the title from psexec: new module to run commands on a remote Windows host without WinRM to [WIP] psexec: new module to run commands on a remote Windows host without WinRM Feb 26, 2018

ansibot added the WIP label Feb 26, 2018

jborean93 changed the title from [WIP] psexec: new module to run commands on a remote Windows host without WinRM to psexec: new module to run commands on a remote Windows host without WinRM Mar 7, 2018

ansibot added community_review and removed WIP needs_revision labels Mar 7, 2018

dagwieers referenced this pull request Mar 16, 2018

Open

Windows Working Group agenda - 2018 #294

ansibot added the stale_ci label Mar 20, 2018

nitzmahone requested changes Apr 19, 2018

View changes

A few little docs suggestions, a couple things to consider on arg naming/UX, and you could probably cut way back on the exception handling code, but overall looks nice and simple (on top of the horribly complex library you've built elsewhere ;) )

lib/ansible/modules/commands/psexec.py Outdated

  
            description:

            - Will run the command as a detached process and the module returns

              immediately after starting the processs while the process continues to

              run the background.

nitzmahone Apr 19, 2018

Member

s/run the/run in the/

lib/ansible/modules/commands/psexec.py Outdated

  
            - This requires the SMB 3 protocol which is only supported from Windows

              Server 2012 or Windows 8, older versions like Windows 7 or Windows Server

              2008 (R2) must set this to C(no) and use no encryption.

            - When setting to C(no), the packets are in plaintext and can be seend by

nitzmahone Apr 19, 2018

Member

s/seend/seen/

lib/ansible/modules/commands/psexec.py Outdated

  
        - pypsexec

        - smbprotocol[kerberos] for Kerberos authentication

        notes:

        - This module requires the Windows host to have SMB setup and the port 445

nitzmahone Apr 19, 2018

Member

s/setup and the port/configured and enabled, and port/

lib/ansible/modules/commands/psexec.py Outdated

  
                connection_timeout=dict(type='int', default=60),

                executable=dict(type='str', required=True),

                arguments=dict(type='str'),

                working_directory=dict(type='str', default='C:\\Windows\\System32'),

nitzmahone Apr 19, 2018

Member

r'C:\Windows\System32'

lib/ansible/modules/commands/psexec.py Outdated

  
            - This can be set to run the process under an Interactive logon of the

              specified account which bypasses limitations of a Network logon used when

              this isn't specified.

            - If ommited then the process is run under the same account as

nitzmahone Apr 19, 2018

Member

s/ommited/omitted/

lib/ansible/modules/commands/psexec.py Outdated

  
                priority=dict(type='str', default='normal',

                              choices=['above_normal', 'below_normal', 'high',

                                       'idle', 'normal', 'realtime']),

                show_ui_on_win_logon=dict(type='bool', default=False),

nitzmahone Apr 19, 2018

Member

Feels like this could use a better name, but I'm not sure what... show_ui_on_secure_desktop? show_ui_on_logon_screen?

jborean93 Apr 23, 2018

Contributor

I think I like show_ui_on_logon_screen, people would understand it better.

lib/ansible/modules/commands/psexec.py Outdated

  
                priority=priority, show_ui_on_win_logon=show_ui_on_win_logon,

                timeout_seconds=process_timeout, stdin=b_stdin

            )

            if not module.check_mode:

nitzmahone Apr 19, 2018

Member

should be superfluous unless you want to add a different command for check_mode support (since supports_check_mode is false)

jborean93 Apr 20, 2018

Contributor

Thanks for the pickup, was leftovers from the original code I had.

lib/ansible/modules/commands/psexec.py Outdated

  
            if not module.check_mode:

                try:

                    win_client.create_service()

                except PDUException as exc:

nitzmahone Apr 19, 2018

Member

Since the error handling is effectively the same beyond slight tweaks to the messaging, you could collapse all this with

except (SCMRException,PDUException,PypsexecException,SMBException) as exc:
...

lib/ansible/modules/commands/psexec.py Outdated

  
                try:

                    proc_result = win_client.run_executable(**run_args)

                except PAExecException as exc:

                    module.fail_json(msg='Received error when running remote process: '

nitzmahone Apr 19, 2018

Member

same here with the collapse

lib/ansible/modules/commands/psexec.py Outdated

  
            # close the SMB connection

            try:

                win_client.disconnect()

            except SMBResponseException as exc:

nitzmahone Apr 19, 2018

Member

Same here with exception handling collapse. You could use something like type(exc).__name__ in the string if you don't want the whole stacktrace but still want to know what it was- I'm guessing that's not useful info to an end user, but might be for troubleshooting.

ansibot added needs_revision and removed community_review labels Apr 19, 2018

jborean93 added some commits Feb 26, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM

00eaa5e


      fix up sanity issue, create test firewall rule for SMB traffic

f372930


      Fixed up yaml linting issues, trying to fix on the fly firewall rule

2d65fd5


      Added SMB exception to catch when cleaning up PAExec exe

86a0f8e


      Don't load profile for Azure hosts when becoming another user

f117e24


      Fixed up example to use correct option

57dff2b


      Reworded notes section of module docs

f9174a7

jborean93 force-pushed the jborean93:psexec-module branch from `424ed6c` to `f9174a7` Apr 23, 2018

ansibot removed the stale_ci label Apr 23, 2018


      Simplified module options around process integrity levels and the sys…

…tem account

fe6efe2

jborean93 force-pushed the jborean93:psexec-module branch to `fe6efe2` Apr 23, 2018

nitzmahone approved these changes Apr 24, 2018

View changes

ansibot added community_review and removed needs_revision labels Apr 24, 2018

jborean93 merged commit `629efb6` into ansible:devel Apr 24, 2018
1 check passed

1 check passed

Shippable Run 62248 status is SUCCESS.

Details

jborean93 deleted the jborean93:psexec-module branch Apr 24, 2018

kbreit added a commit to kbreit/ansible that referenced this pull request May 5, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM (ansible#36723)

* psexec: new module to run commands on a remote Windows host without WinRM

* fix up sanity issue, create test firewall rule for SMB traffic

* Fixed up yaml linting issues, trying to fix on the fly firewall rule

* Added SMB exception to catch when cleaning up PAExec exe

* Don't load profile for Azure hosts when becoming another user

* Fixed up example to use correct option

* Reworded notes section of module docs

* Simplified module options around process integrity levels and the system account

403305f

oolongbrothers pushed a commit to oolongbrothers/ansible that referenced this pull request May 12, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM (ansible#36723)

* psexec: new module to run commands on a remote Windows host without WinRM

* fix up sanity issue, create test firewall rule for SMB traffic

* Fixed up yaml linting issues, trying to fix on the fly firewall rule

* Added SMB exception to catch when cleaning up PAExec exe

* Don't load profile for Azure hosts when becoming another user

* Fixed up example to use correct option

* Reworded notes section of module docs

* Simplified module options around process integrity levels and the system account

d9a68d7

oolongbrothers pushed a commit to oolongbrothers/ansible that referenced this pull request May 14, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM (ansible#36723)

* psexec: new module to run commands on a remote Windows host without WinRM

* fix up sanity issue, create test firewall rule for SMB traffic

* Fixed up yaml linting issues, trying to fix on the fly firewall rule

* Added SMB exception to catch when cleaning up PAExec exe

* Don't load profile for Azure hosts when becoming another user

* Fixed up example to use correct option

* Reworded notes section of module docs

* Simplified module options around process integrity levels and the system account

1ad7713

oolongbrothers pushed a commit to oolongbrothers/ansible that referenced this pull request May 14, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM (ansible#36723)

* psexec: new module to run commands on a remote Windows host without WinRM

* fix up sanity issue, create test firewall rule for SMB traffic

* Fixed up yaml linting issues, trying to fix on the fly firewall rule

* Added SMB exception to catch when cleaning up PAExec exe

* Don't load profile for Azure hosts when becoming another user

* Fixed up example to use correct option

* Reworded notes section of module docs

* Simplified module options around process integrity levels and the system account

2c0e084

oolongbrothers pushed a commit to oolongbrothers/ansible that referenced this pull request May 15, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM (ansible#36723)

* psexec: new module to run commands on a remote Windows host without WinRM

* fix up sanity issue, create test firewall rule for SMB traffic

* Fixed up yaml linting issues, trying to fix on the fly firewall rule

* Added SMB exception to catch when cleaning up PAExec exe

* Don't load profile for Azure hosts when becoming another user

* Fixed up example to use correct option

* Reworded notes section of module docs

* Simplified module options around process integrity levels and the system account

da2d908

oolongbrothers pushed a commit to oolongbrothers/ansible that referenced this pull request May 15, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM (ansible#36723)

* psexec: new module to run commands on a remote Windows host without WinRM

* fix up sanity issue, create test firewall rule for SMB traffic

* Fixed up yaml linting issues, trying to fix on the fly firewall rule

* Added SMB exception to catch when cleaning up PAExec exe

* Don't load profile for Azure hosts when becoming another user

* Fixed up example to use correct option

* Reworded notes section of module docs

* Simplified module options around process integrity levels and the system account

46805db

ilicmilan added a commit to ilicmilan/ansible that referenced this pull request Nov 7, 2018


      psexec: new module to run commands on a remote Windows host without W…

…inRM (ansible#36723)

* psexec: new module to run commands on a remote Windows host without WinRM

* fix up sanity issue, create test firewall rule for SMB traffic

* Fixed up yaml linting issues, trying to fix on the fly firewall rule

* Added SMB exception to catch when cleaning up PAExec exe

* Don't load profile for Azure hosts when becoming another user

* Fixed up example to use correct option

* Reworded notes section of module docs

* Simplified module options around process integrity levels and the system account

0802d32

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

You can’t perform that action at this time.