ansible.windows.win_group_membership – Manage Windows local group membership
Note
This plugin is part of the ansible.windows collection (version 1.3.0).
To install it use: ansible-galaxy collection install ansible.windows.
To use it in a playbook, specify: ansible.windows.win_group_membership.
Synopsis
- Allows the addition and removal of local, service and domain users, and domain groups from a local group.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| members list / elements=string / required | A list of members to ensure are present/absent from the group. Accepts local users as .\username, and SERVERNAME\username. Accepts domain users and groups as DOMAIN\username and username@DOMAIN. Accepts service users as NT AUTHORITY\username. Accepts all local, domain and service user types as username, favoring domain lookups when in a domain. | |
| name string / required | Name of the local group to manage membership on. | |
| state string |
| Desired state of the members in the group. When state is pure, only the members specified will exist, and all other existing members not specified are removed. |
See Also
See also
- community.windows.win_domain_group
-
The official documentation on the community.windows.win_domain_group module.
- ansible.windows.win_domain_membership
-
The official documentation on the ansible.windows.win_domain_membership module.
- ansible.windows.win_group
-
The official documentation on the ansible.windows.win_group module.
Examples
- name: Add a local and domain user to a local group
ansible.windows.win_group_membership:
name: Remote Desktop Users
members:
- NewLocalAdmin
- DOMAIN\TestUser
state: present
- name: Remove a domain group and service user from a local group
ansible.windows.win_group_membership:
name: Backup Operators
members:
- DOMAIN\TestGroup
- NT AUTHORITY\SYSTEM
state: absent
- name: Ensure only a domain user exists in a local group
ansible.windows.win_group_membership:
name: Remote Desktop Users
members:
- DOMAIN\TestUser
state: pure
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| added list / elements=string | success and state is present
| A list of members added when state is present or pure; this is empty if no members are added.Sample: ['SERVERNAME\\NewLocalAdmin', 'DOMAIN\\TestUser'] |
| members list / elements=string | success | A list of all local group members at completion; this is empty if the group contains no members. Sample: ['DOMAIN\\TestUser', 'SERVERNAME\\NewLocalAdmin'] |
| name string | always | The name of the target local group. Sample: Administrators |
| removed list / elements=string | success and state is absent
| A list of members removed when state is absent or pure; this is empty if no members are removed.Sample: ['DOMAIN\\TestGroup', 'NT AUTHORITY\\SYSTEM'] |
Authors
- Andrew Saraceni (@andrewsaraceni)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/ansible/windows/win_group_membership_module.html