如果要ansible管理windwos主机，一定要源码包或者pip安装ansible。否则ansible不会调用winrm

yum install gcc make cmake zlib-devel bzip2 bzip2-devel readline-devel sqlite sqlite-devel openssl-devel xz xz-devel libffi-devel -y
wget https://www.python.org/ftp/python/3.8.8/Python-3.8.8.tgz
tar zxvf Python-3.8.8.tgz
mkdir /usr/local/python3
cd Python-3.8.8
./configure --prefix=/usr/local/python3/
make && make install
ln -s /usr/local/python3/bin/python3 /usr/bin/python3
ln -s /usr/local/python3/bin/pip3 /usr/bin/pip3

/usr/local/python3/bin/python3.8 -m pip install --upgrade pip 
pip3 install pywinrm -i https://pypi.tuna.tsinghua.edu.cn/simple
pip3 install ansible -i https://pypi.tuna.tsinghua.edu.cn/simple
ln -s /usr/local/python3/bin/ansible /usr/bin/ansible 

windows主机配置

以管理员运行powershell，get-host查看版本，要求在4.0以上

# 1.查看powershell执行策略
get-executionpolicy
# 2.更改powershell执行策略为remotesigned【输入y确认】
set-executionpolicy remotesigned
# 3.配置winrm service并启动服务
winrm quickconfig
# 4.修改winrm配置，启用远程连接认证【这里是PowerShell的命令，如果用cmd的话，@前面的' 和 末尾的' 要去掉的】
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
# 5.查看winrm service启动监听状态【如果有应答，说明服务配置并启动成功了】
winrm enumerate winrm/config/listener
# 6 设置防火墙放行5985端口
# 7 添加用户，权限设置为完全控制
winrm configSDDL default

修改ansible主机清单

vi /etc/ansible/hosts
[windows]
192.168.1.100 ansible_ssh_user="admin" ansible_ssh_pass="123456" ansible_ssh_port=5985 ansible_connection="winrm" ansible_winrm_server_cert_validation=ignore

用域用户管理

[win_server]
192.168.100.[101:200]
[win_server:vars]
ansible_ssh_user=admin@TEST.COM
ansible_ssh_pass=123456
ansible_ssh_port=5985
ansible_connection=winrm
ansible_winrm_transport=ntlm  # 必须加
ansible_winrm_server_cert_validation=ignore

测试

ansible windows -m win_ping

windows下常用模块

scripts,raw,slurp,setup模块在Windows 下可正常使用
win_acl (E) —设置文件/目录属主属组权限
win_copy—拷贝文件到远程Windows主机
win_file —创建，删除文件或目录
win_lineinfile—匹配替换文件内容
win_package (E) —安装/卸载本地或网络软件包
win_ping —Windows系统下的ping模块，常用来测试主机是否存活
win_service—管理Windows Services服务
win_user —管理Windows本地用户

传输文件到指定目录

ansible windows -m win_copy -a 'src=/home/win_install dest=d:\\'

删除指定文件

ansible windows -m win_file -a 'path=d:\\win_install state=absent'