Sorry, it's on the *2.4* roadmap to explore. On Thursday, April 6, 2017 at 11:42:59 AM UTC-7, Matt Davis wrote: > > Yeah, this is along the lines of "constrained sudo" on the Linux side. We > haven't spent any time working on this yet, but it's on the 2.3 roadmap to > explore. I won't say it's impossible to make it work with a constrained > configuration, but as you've alluded, it's very difficult, and at least in > the Linux case, you have to give so many privileges (eg, launching > arbitrary processes) that the "jail" is very escapable anyway. The way we > do things on Windows, I suspect the same will be true. Switching out the > underlying WinRM protocol to PSRP is actually the easy part. > > I've thought through a couple of ways that we *might* be able to make this > work, but they'd require a lot of infrastructure that's currently missing, > so I wouldn't count on it for at least the next couple of releases... > > -Matt > > > On Thursday, April 6, 2017 at 8:27:40 AM UTC-7, Vincent Desjardins wrote: >> >> Hi Jordan, >> >> This is a custom configuration created by one of our Windows admin to >> control what Ansible could do on the server. Personally I have some doubts >> about the maintainability and the usefulness of managing these >> configurations since the purpose of Ansible is to configure the server... >> Ansible needs to have Admin right to do anything meaningful in my opinion. >> >> Do you know if an upgrade to the protocol implementation in Ansible is on >> the roadmap? >> >> Thanks, >> Vincent >> >> On Wednesday, April 5, 2017 at 10:03:12 PM UTC-4, Jordan Borean wrote: >>> >>> Hi Vincent >>> >>> I don't believe this is possible right now as Ansible uses an older >>> protocol than Enter-PSSession. What is the configuration that you need to >>> use, potentially it can be covered with different arugments. >>> >>> Thanks >>> >>> Jordan >>> >>> On Thursday, April 6, 2017 at 10:08:48 AM UTC+10, Vincent Desjardins >>> wrote: >>>> >>>> Hi, >>>> >>>> I wrote a small powershell module for Ansible. My Windows Admin wants >>>> me to use a specific configuration when connecting to the server for >>>> security. So I would like to know if Ansible can be configured to have a >>>> session initialized like this: >>>> >>>> Enter-PSSession -ComputerName myhostname -ConfigurationName Ansible >>>> >>>> I did some digging and found nothing. >>>> >>>> Thanks! >>>> Vincent >>>> >>>
-- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f36c5b7e-58d7-4bf4-8e37-0caceffb8cdc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
