AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,100 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example" published by Apress, and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Ansible for Windows: Complete Guide to Windows Automation with WinRM and Modules

By Luca Berton · Published 2024-01-01 · Category: installation

Automate Windows servers with Ansible. Configure WinRM, manage IIS, Active Directory, Windows features, registry, services, and Group Policy. Deploy MSI packages, manage updates, and automate Windows at scale.

Ansible + Windows: How It Works

Ansible manages Windows machines over WinRM (Windows Remote Management) instead of SSH. No agent is installed on Windows — Ansible sends PowerShell commands over WinRM and collects results.

Requirements: • Control node: Linux or macOS (Ansible doesn't run on Windows as control node) • Managed nodes: Windows Server 2016+ or Windows 10+ • Python package: pywinrm • WinRM enabled on Windows hosts

Enable WinRM on Windows

PowerShell Script (Recommended)

Manual Setup

Enable WinRM via Group Policy (Domain)

Inventory for Windows

Kerberos Authentication (Domain-Joined)

Windows Features and Roles

IIS Web Server Management

Software Installation

Active Directory

Windows Services

Registry Management

Windows Updates

PowerShell Execution

Security Hardening

FAQ

Can Ansible run on Windows as a control node?

No. The Ansible control node must be Linux or macOS. You can manage Windows from Linux using WinRM. If you only have Windows, use WSL2 (Windows Subsystem for Linux) to run Ansible.

WinRM or SSH for Windows?

WinRM is the standard and best-supported connection method. Windows 10+ includes OpenSSH Server, and Ansible can use ansible_connection: ssh with it. However, WinRM provides better integration with Windows authentication (NTLM, Kerberos, CredSSP). Use WinRM unless you have specific SSH requirements.

How do I handle reboots?

Use ansible.windows.win_reboot after tasks that require reboot (Windows Updates, feature installation). Set appropriate reboot_timeout for long updates. Check reboot_required in task results to conditionally reboot.

What about Windows containers?

Ansible manages Windows containers with community.docker collection over WinRM. Docker Desktop or Docker EE on Windows Server works with the same docker_container module.

Conclusion

Ansible automates Windows at scale — IIS, Active Directory, Windows features, software deployment, security hardening, and patch management. Configure WinRM once, and you manage Windows the same way you manage Linux: declarative YAML playbooks, idempotent operations, version-controlled infrastructure. Use Kerberos for domain environments, Chocolatey for package management, and serial for safe rolling updates.

Related ArticlesAnsible vs Puppet vs Chef ComparisonAnsible for Cisco Network AutomationAAP 2.6 Architecture and ComponentsInstall Ansible Complete GuideAnsible Dynamic Inventory Complete Guide

Category: installation

Browse all Ansible tutorials · AnsiblePilot Home