Skip to content

Latest commit

 

History

History
232 lines (197 loc) · 9.04 KB

ansible.windows.win_group_membership_module.rst

File metadata and controls

232 lines (197 loc) · 9.04 KB
Raw

ansible.windows.win_group_membership

Manage Windows local group membership

Synopsis

  • Allows the addition and removal of local, service and domain users, and domain groups from a local group.

Parameters

Parameter Choices/Defaults Comments
members
list / elements=string / required
A list of members to ensure are present/absent from the group.
Accepts local users as .\username, and SERVERNAME\username.
Accepts domain users and groups as DOMAIN\username and username@DOMAIN.
Accepts service users as NT AUTHORITY\username.
Accepts all local, domain and service user types as username, favoring domain lookups when in a domain.
name
string / required
Name of the local group to manage membership on.
state
string
    Choices:
  • absent
  • present ←
  • pure
Desired state of the members in the group.
When state is pure, only the members specified will exist, and all other existing members not specified are removed.

See Also

.. seealso::

   :ref:`community.windows.win_domain_group_module`
      The official documentation on the **community.windows.win_domain_group** module.
   :ref:`ansible.windows.win_domain_membership_module`
      The official documentation on the **ansible.windows.win_domain_membership** module.
   :ref:`ansible.windows.win_group_module`
      The official documentation on the **ansible.windows.win_group** module.

Examples

- name: Add a local and domain user to a local group
  ansible.windows.win_group_membership:
    name: Remote Desktop Users
    members:
      - NewLocalAdmin
      - DOMAIN\TestUser
    state: present

- name: Remove a domain group and service user from a local group
  ansible.windows.win_group_membership:
    name: Backup Operators
    members:
      - DOMAIN\TestGroup
      - NT AUTHORITY\SYSTEM
    state: absent

- name: Ensure only a domain user exists in a local group
  ansible.windows.win_group_membership:
    name: Remote Desktop Users
    members:
      - DOMAIN\TestUser
    state: pure

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
added
list
success and state is present
A list of members added when state is present or pure; this is empty if no members are added.

Sample:
['SERVERNAME\\NewLocalAdmin', 'DOMAIN\\TestUser']
members
list
success
A list of all local group members at completion; this is empty if the group contains no members.

Sample:
['DOMAIN\\TestUser', 'SERVERNAME\\NewLocalAdmin']
name
string
always
The name of the target local group.

Sample:
Administrators
removed
list
success and state is absent
A list of members removed when state is absent or pure; this is empty if no members are removed.

Sample:
['DOMAIN\\TestGroup', 'NT AUTHORITY\\SYSTEM']


Status

Authors

  • Andrew Saraceni (@andrewsaraceni)