I'm assuming for the security hardening you would be disabling multiple
ciphers and protocols etc. A suggestion would be to use IISCrypto to
configure the ciphers as required. Then export the relevant keys and use
the win_regedit to import the exported reg.
On Monday, July 11, 2016 at 10:11:59 PM UTC+2, Matt Betts wrote:
>
> Hi, I'm trying to create a playbook that I can use to bring a windows
> server up to the latest secure hardening standards and I'm stuck with
> configuring Ciphers. An example is as follows:
>
> ansible {HOST} -m win_regedit -a
> "key='HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2
>
> 128/128' value=Enabled data=00000000 datatype=dword state=present" -vvv
>
> As you can see the Key name is "RC2 128/128" and the issue I'm
> encountering is Powershell interprets the / as a new key, irrespective of
> the direction.
>
> Has anyone managed to create a playbook to do this? I've got some
> alternatives (merging a registry file etc) but they aren't as clean. From
> the research I've done it looks like i'm going to need to user the
> powershell CreateSubKey function.
>
> Thanks,
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/001fcb85-430f-4183-89b3-6865427ff4b5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
