Hi there,

Great Script but in testing it incorrectly identifies Server 2012 R2 as Server 2012. The minor version in Server 2012 R2 is still 2 so it will download the file W2K12-KB3191565-x64.msu where it should get Win8.1AndW2K12R2-KB3191564-x64.msu

Cheers

Matt

The code $os_version = [System.Environment]::OSVersion.Version uses a deprecated function in windows 8.1. It returns a value, but thw wrong value (identifies as Windows server 2012).

Changing it to $os_version =(Get-CimInstance Win32_OperatingSystem).version gives the right version.

If the script is run without admin priv's, I get this:

VERBOSE: 2020-04-30T12:43:07 - INFO - process completed with exit code '3010'
VERBOSE: 2020-04-30T12:43:07 - INFO - adding script to run on next logon
Set-ItemProperty : Requested registry access is not allowed.
At C:\Users\Owner\Documents\Upgrade-PowerShell.ps1:123 char:21
+     Set-ItemProperty <<<<  -Path $reg_key -Name $reg_property_name -Value $command
    + CategoryInfo          : PermissionDenied: (HKEY_LOCAL_MACH...Version\RunOnce:String) [Set-ItemProperty], Securit
   yException
    + FullyQualifiedErrorId : System.Security.SecurityException,Microsoft.PowerShell.Commands.SetItemPropertyCommand

If the script has to run again after a reboot, you must specify the -username and -password args.
Typically, username would be the same user that is currently logged in when the script is first run.

Remove -username and automatically fill it in with the current user that's logged in.
Remove -password and have it prompt for the password in a dialog box or user input at the command line.

Replace:
$reg_key = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"

With:
$reg_key = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"

It seems like the URL for KB2842230 has changed. This is referenced in the script https://github.com/jborean93/ansible-windows/blob/master/scripts/Install-WMF3Hotfix.ps1 and needs to be updated.

Also look at changing the tmp path to use $env:TEMP instead so it doesn't rely on a folder that doesn't always exists on hosts.

Hi Jordan,

Please can you modify the code so it could be used in automation scripts: in particular remove user-interaction steps here:
142: Restart-Computer -Confirm

I'm running this script from Packer and I have to perform the following workaround otherwise Packer waits for user input forever:

# Automation script copied from
# https://github.com/jborean93/ansible-windows/tree/master/scripts
# Prepare temp directory
$tmp_dir = $env:temp
if (-not (Test-Path -Path $tmp_dir)) {
    New-Item -Path $tmp_dir -ItemType Directory > $null
}
# Download script from GitHub
$url    = "https://raw.githubusercontent.com/jborean93/ansible-windows/master/scripts/Install-WMF3Hotfix.ps1"
$file   = "$tmp_dir\Install-WMF3Hotfix.ps1"
$script = "$tmp_dir\Install-WMF3Hotfix-no-restart.ps1"
(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)
# Remove user-interaction line asking for computer restart confirmation
(Get-Content $file) -notmatch "^(.*)Restart-Computer -Confirm$" | Out-File $script
# Run WMF3Hotfix installation
powershell.exe -ExecutionPolicy ByPass -File $script -Verbose

Followed by Windows restart handled by Packer itself

BR
Pavel

First, Thanks for this repo, very useful for testing.

My use case is windows role testing. I only use two vm (DC + Ansible machine).
Could yo add a ansible_stable user with stable versions for ansible and python to the ansible machine?

This is what I'm doing now to use it for role testing:

cd my_role/tests/
git clone https://github.com/jborean93/ansible-windows.git

# Creating windows domain controler and client
cd ansible-windows/vagrant/
vim inventory.yml # Comment the following:
        # SERVER2008:
        #   ansible_host: 192.168.56.11
        #   vagrant_box: jborean93/WindowsServer2008-x64
        #   opt_domain_join_is_longhorn: yes
        # SERVER2008R2:
        #   ansible_host: 192.168.56.12
        #   vagrant_box: jborean93/WindowsServer2008R2
        # SERVER2012:
        #   ansible_host: 192.168.56.13
        #   vagrant_box: jborean93/WindowsServer2012
        # SERVER2012R2:
        #   ansible_host: 192.168.56.14
        #   vagrant_box: jborean93/WindowsServer2012R2
pip install --upgrade --user pywinrm
vagrant plugin install winrm winrm-fs winrm-elevated # Needed in Fedora28
vagrant up
vagrant halt
vagrant snapshot save "snapshot_$(date -Is)"
vagrant up dc # If only dc is needed (my case)

# Creating linux domain client
cd ../vagrant-linux/
vim inventory.yml # Comment the following:
        # UBUNTU1604:
        #   ansible_host: 192.168.56.21
        #   ansible_python_interpreter: /usr/bin/python3
        #   vagrant_box: ubuntu/xenial64
        #   ansible_package_name: 'apt'
        # CENTOS7:
        #   ansible_host: 192.168.56.22
        #   vagrant_box: centos/7
        #   ansible_package_name: 'yum'
vim main.yml  # Comment python and ansible roles

vagrant up

vim Vagrantfile  # Add the following synced folder before the last "end"
# config.vm.synced_folder "../../..", "/home/ansible/my_role", owner: "ansible", group: "ansible-admin"

vagrant halt
vagrant snapshot save "snapshot_$(date -Is)"
vagrant reload

# Setup done. Launch tests
vagrant ssh
sudo -u ansible -i
pip install --upgrade ansible --user
sudo dnf -y install sshpass python2-pexpect
sudo systemctl disable networkmanager
sudo systemctl mask networkmanager
sudo sh -c 'echo "192.168.56.10   dc01.domain.local dc01" >> /etc/hosts'
sudo sh -c 'echo "
search domain.local
nameserver 192.168.56.10
nameserver 10.180.188.75
" > /etc/resolv.conf'

cd ~/my_role/tests/
ansible-playbook main.yml -i inventory.yml

The comment block <#PSScriptInfo is being treated as script content on Powershell 1.0, is there an easy fix for this?

Should be possible to update to fedora 28 in inventory?

failed: [10.64.14.11] (item=-"googlechrome") => {"changed": false, "item": "-"googlechrome"", "module_stderr": "An error occurred while creating the pipeline.\r\n + CategoryInfo : NotSpecified: (:) [], ParentContainsErrorRecordE \r\n xception\r\n + FullyQualifiedErrorId : RuntimeException\r\n \r\n\r\n", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 2}

Not sure if this is because of a change to github requiring TLS1.2 now?

Regardless, you need to specify:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

As first line in the script in order to actually download the file with WebClient.DownloadFile

It will be nice to create a collection with roles, playbooks and modules in this repo and host it on Galaxy.

I read your script and I would like to propose some improvements.

• Currently, credentials are provided as strings - the best practice is to use [System.Management.Automation.PSCredential] type - detailed explanation How to Add Credential Parameters to PowerShell Functions. Changing the list of parameters is a broking change so the newer version should be published as 2.0 with an error message that parameters username and password are not valid anymore.

• The parameter verbose is declared as a switch type you don't have to assign the $false value to it. It has $false value by default. Additionally, usage of verbose should be checked by $verbose.IsPresent

• References in the file header

.LICENSEURI https://github.com/jborean93/ansible-windows-scripts/blob/master/LICENSE
.PROJECTURI https://github.com/jborean93/ansible-windows-scripts

are not actual - you probably changed the GitHub project name. Yes, GitHub redirects to the current URL but ... ;-)

If you will pre-agree with my remarks I can prepare a pull request to address them.

Hello,

I have been receiving this error when I try to run the upgrade script.

Could you please point me to what could be the issue here?

failed to update Powershell to version 3: exit code 1618
At C:\Ansible\Upgrade-PowerShell.ps1:390 char:14

•     throw <<<<  $log_msg
  

  • CategoryInfo : OperationStopped: (failed to updat... exit code 1618:St
  • FullyQualifiedErrorId : failed to update Powershell to version 3: exit code 161

Thanks

详细信息: downloading url
'https://hotfixv4.trafficmanager.net/Windows%207/Windows%20Server2008%20R2%20SP1/sp2/Fix467402/7600/free/463984_intl_x6
4_zip.exe' to 'C:\Users\ADMINI~1\AppData\Local\Temp\1\463984_intl_x64_zip.exe.zip'
C:\Users\Administrator\AppData\Local\Temp\1\Install-WMF3Hotfix.ps1 : 使用“2”个参数调用“DownloadFile”时发生异常:“Un
able to connect to the remote server”
    + CategoryInfo          : NotSpecified: (:) [Install-WMF3Hotfix.ps1], MethodInvocationException
    + FullyQualifiedErrorId : WebException,Install-WMF3Hotfix.ps1

https://hotfixv4.trafficmanager.net and http://hotfixv4.microsoft.com both of down

I think it might be better advice to suggest updating to WMF 4.0 which is available from Windows 7 /Server 2008 R2 onwards.

ref ansible/ansible#10825 (comment)

Hello,

I will find useful to have AD DS tools installed on DC01 to manage Active Directory services.