vmware_guest module allows you to run scripts in 'runonce' section, so you can run the configure for remoting script as part of this, and any other steps you need.
I use a playbook like the following to create vm from template. Before using you have to add a hostname to the 'domainmember' group and allocate it an ip address in your inventory, like this # ansible inventory [domainmember] testmachine01 ip=172.17.0.1 --- # spin up a vm from a template - hosts: localhost gather_facts: true - hosts: domainmember gather_facts: false vars: template: Winserver-TEMPLATE vars_prompt: - name: 'vmware_user' prompt: 'Enter VMWare username' private: no - name: 'vmware_cred' prompt: 'Enter VMWare password' private: yes pre_tasks: - name: show what we are planning on doing debug: msg: "ensure vm with hostname {{inventory_hostname}} and ip {{hostvars[inventory_hostname]['ip']}} exists." - name: clone vmware template and customise so it is ready for use as domain member vmware_guest: annotation: "Ansible cloned from template '{{template}}' on {{hostvars['localhost']['ansible_date_time']['date']}} by {{vmware_user}}" cluster: Dev Cluster datacenter: Dev datacenter folder: /Development/ hostname: vcenterhost name: "{{inventory_hostname}}" password: "{{ vmware_cred }}" resource_pool: Normal state: poweredon template: "{{template}}" username: '{{vmware_user}}' validate_certs: no hardware: memory_mb: 1024 num_cpus: 1 networks: - name: VM Network ip: "{{hostvars[inventory_hostname]['ip']}}" netmask: 255.255.128.0 gateway: 172.x.x.1 # deliberately not specifying a domain here domain: devdomain.local dns_servers: - 172.x.x.x - 172.x.x.x2 # I had trouble using vmxnet3, it allways seems to want to be dhcp-configured. # may be worth retrying in future but ensuring static ip configured in template # devicetype: vmxnet3 devicetype: e1000e type: static customization: autologon: yes autologoncount: 5 hostname: "{{inventory_hostname}}" ip: "{{hostvars[inventory_hostname]['ip']}}" netmask: 255.255.128.0 gateway: 172.x.x.x dns_servers: - 172.x.x.x - 172.x.x.x2 # deliberately not specifying a domain here domain: devdomain.local password: "{{guest_administrator_pass}}" joindomain: devdomain.local domainadmin: "{{ win_dom_user }}" domainadminpassword: "{{ win_dom_cred }}" runonce: - powershell.exe -ExecutionPolicy Unrestricted -File C:\Users\ Administrator\Downloads\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert - C:\finishsetup.bat timezone: 85 # set timezone correctly or domain trust relationship will be lost delegate_to: localhost - name: wait for connection to become reachable wait_for_connection: delay: 75 sleep: 11 timeout: 675 # by this point host should be on the domain so you can start running roles to provision your windows host On Thursday, March 29, 2018 at 12:05:32 AM UTC+1, anil kumar wrote: > > do you have any ideas on configuring winrm in the template(vmware)? > > On Wed, Mar 28, 2018 at 11:58 AM, Anil <visit...@gmail.com <javascript:>> > wrote: > >> Thanks for elaborate information on ansible with windows. >> >> Winrm is disabled by default. Not sure about the security constraints >> when we enable this service. >> >> I will do research on it. >> >> On Mar 27, 2018, at 9:32 PM, Jordan Borean <jbor...@gmail.com >> <javascript:>> wrote: >> >> You can currently only use the winrm connection plugin with Ansible to >> talk to Windows hosts. WinRM allows you to connect using both domain and >> local accounts and usually you need administrative rights on that host to >> both connect and manipulate group membership. WinRM allows you to >> authenticate using various protocol such as; >> >> * Basic >> * Certificate (not the same as SSH keys) >> * NTLM >> * Kerberos >> * CredSSP >> >> More details can be found here >> http://docs.ansible.com/ansible/latest/user_guide/windows.html. >> >> Thanks >> >> Jordan >> >> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "Ansible Project" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/ansible-project/QDoRl0_KU-Y/unsubscribe >> . >> To unsubscribe from this group and all its topics, send an email to >> ansible-proje...@googlegroups.com <javascript:>. >> To post to this group, send email to ansible...@googlegroups.com >> <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/444b5db2-68b0-4fbf-906d-07ec4303d11a%40googlegroups.com >> >> <https://groups.google.com/d/msgid/ansible-project/444b5db2-68b0-4fbf-906d-07ec4303d11a%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/00d1e2b2-c215-43a9-8632-64b58a256426%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.