win_psexec - Runs commands (remotely) as another (privileged) user
New in version 2.3.
Synopsis
- Run commands (remotely) through the PsExec service
- Run commands as another (domain) user (with elevated privileges)
Requirements
The below requirements are needed on the host that executes this module.
- Microsoft PsExec
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
chdir | Run the command from this (remote) directory. | |
command required | The command line to run through PsExec (limited to 260 characters). | |
elevated bool |
| Run the command with elevated privileges. |
executable | Default: "psexec.exe" | The location of the PsExec utility (in case it is not located in your PATH). |
hostnames | The hostnames to run the command. If not provided, the command is run locally. | |
interactive bool |
| Run the program so that it interacts with the desktop on the remote system. |
limited bool |
| Run the command as limited user (strips the Administrators group and allows only privileges assigned to the Users group). |
nobanner bool (added in 2.4) |
| Do not display the startup banner and copyright message. This only works for specific versions of the PsExec binary. |
noprofile bool |
| Run the command without loading the account's profile. |
password | The password for the (remote) user to run the command as. This is mandatory in order authenticate yourself. | |
priority |
| Used to run the command at a different priority. |
system bool |
| Run the remote command in the System account. |
timeout | The connection timeout in seconds | |
username | The (remote) user to run the command as. If not provided, the current user is used. | |
wait bool |
| Wait for the application to terminate. Only use for non-interactive applications. |
Notes
Note
- More information related to Microsoft PsExec is available from https://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
Examples
- name: Test the PsExec connection to the local system (target node) with your user win_psexec: command: whoami.exe - name: Run regedit.exe locally (on target node) as SYSTEM and interactively win_psexec: command: regedit.exe interactive: yes system: yes - name: Run the setup.exe installer on multiple servers using the Domain Administrator win_psexec: command: E:\setup.exe /i /IACCEPTEULA hostnames: - remote_server1 - remote_server2 username: DOMAIN\Administrator password: some_password priority: high - name: Run PsExec from custom location C:\Program Files\sysinternals\ win_psexec: command: netsh advfirewall set allprofiles state off executable: C:\Program Files\sysinternals\psexec.exe hostnames: [ remote_server ] password: some_password priority: low
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
cmd string | always | The complete command line used by the module, including PsExec call and additional options. Sample: psexec.exe -nobanner \\remote_server -u "DOMAIN\Administrator" -p "some_password" -accepteula E:\setup.exe |
pid int | when wait=False
| The PID of the async process created by PsExec. Sample: 1532 |
rc int | always | The return code for the command |
stderr string | always | The error output from the command Sample: Error 15 running E:\setup.exe |
stdout string | always | The standard output from the command Sample: Success. |
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Maintenance
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Author
- Dag Wieers (@dagwieers)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/win_psexec_module.html