Our environment is under some pretty strict security requirements and it's causing lots of issues. First, we don't have an active directory set up (all local accounts, I know it's stupid but I'm just the idiot trying to clean it up). Then, we have this LocalAccountTokenFilterPolicy registry setting set to 1 so every time I try to run something I get permission errors as it lowers permissions.
I am allowed to temporarily disable the LocalAccountTokenFilterPolicy to do what I need to do, but need a mechanism to do that. I'm able to use win_command to do switch it from 1 to 0 but can't switch it from 0 - 1. Is there any way to get in with WinRM through ansible then run a command as an elevated user? Thanks! -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/3c6d0867-6bab-41fa-9981-0aa3cd54a7d9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
