root@ip-10-0-2-209:/etc/ansible/windows-playbook# ansible-playbook
upgrades.yml -vvv
ansible-playbook 2.9.2
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.12 (default, Oct 8 2019, 14:14:10) [GCC 5.4.0
20160609]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /etc/ansible/hosts as it did not pass its
verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its
verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its
verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
PLAYBOOK: upgrades.yml
*****************************************************************************************************************************************************
1 plays in upgrades.yml
PLAY [windows]
*************************************************************************************************************************************************************
TASK [Gathering Facts]
*****************************************************************************************************************************************************
task path: /etc/ansible/windows-playbook/upgrades.yml:2
Using module file
/usr/lib/python2.7/dist-packages/ansible/modules/windows/setup.ps1
Pipelining is enabled.
<MQN-CKMH5E31UM7.corp.medqia.com> ESTABLISH WINRM CONNECTION FOR USER: None
on PORT 5986 TO MQN-CKMH5E31UM7.corp.medqia.com
EXEC (via pipeline wrapper)
ok: [MQN-CKMH5E31UM7.corp.medqia.com]
META: ran handlers
TASK [Install all security, critical, and rollup updates without a
scheduled task]
*****************************************************************************************
task path: /etc/ansible/windows-playbook/upgrades.yml:12
win_updates: running win_updates module
Using module file
/usr/lib/python2.7/dist-packages/ansible/modules/windows/win_updates.ps1
Pipelining is enabled.
<MQN-CKMH5E31UM7.corp.medqia.com> ESTABLISH WINRM CONNECTION FOR USER: None
on PORT 5986 TO MQN-CKMH5E31UM7.corp.medqia.com
EXEC (via pipeline wrapper)
fatal: [MQN-CKMH5E31UM7.corp.medqia.com]: FAILED! => {
"changed": false,
"filtered_updates": {
"48715a8c-3c38-4dfb-86e7-077be8b8663e": {
"categories": [
"Definition Updates",
"Windows Defender"
],
"filtered_reason": "category_names",
"id": "48715a8c-3c38-4dfb-86e7-077be8b8663e",
"installed": false,
"kb": [
"2267602"
],
"title": "Security Intelligence Update for Windows Defender
Antivirus - KB2267602 (Version 1.307.2839.0)"
},
"5bb32ece-7c8c-4f07-ace1-7ba1d36736a1": {
"categories": [
"Updates",
"Windows 10"
],
"filtered_reason": "category_names",
"id": "5bb32ece-7c8c-4f07-ace1-7ba1d36736a1",
"installed": false,
"kb": [
"4494452"
],
"title": "2019-05 Update for Windows 10 Version 1709 for
x64-based Systems (KB4494452)"
},
"65ecc208-c6b1-4fce-b892-fc2c93917d76": {
"categories": [
"Drivers"
],
"filtered_reason": "category_names",
"id": "65ecc208-c6b1-4fce-b892-fc2c93917d76",
"installed": false,
"kb": [],
"title": "Logitech - Image - 10/24/2018 12:00:00 AM - 1.3.89.0"
}
},
"found_update_count": 1,
"installed_update_count": 0,
"msg": "Failed to install update from Update Collection: Exception from
HRESULT: 0x80240016",
"reboot_required": false,
"updates": {
"79bfbb87-ae9d-480d-9f6f-5c82361e015d": {
"categories": [
"Upgrades"
],
"id": "79bfbb87-ae9d-480d-9f6f-5c82361e015d",
"installed": false,
"kb": [
"4530684"
],
"title": "Feature update to Windows 10, version 1909"
}
}
}
PLAY RECAP
*****************************************************************************************************************************************************************
MQN-CKMH5E31UM7.corp.medqia.com : ok=1 changed=0 unreachable=0
failed=1 skipped=0 rescued=0 ignored=0
On Wed, Jan 22, 2020 at 2:03 PM Jimmy Malhan <[email protected]>
wrote:
> *I ran through an error *
> *here is the playbook : - *
> ---
> - hosts: windows
> vars:
> ansible_connection: winrm
> ansible_ssh_port: 5986
> anisble_winrm_transport: kerberos
> ansible_winrm_server_cert_validation: ignore
> validate_certs: false
> ansible_winrm_scheme: https
> ansibe_winrm_read_timeout_sec: 120
> tasks:
> - name: Install all security, critical, and rollup updates without a
> scheduled task
> win_updates:
> category_names:
> - Upgrades
> reboot: yes
> ~
> ~
> root@ip-10-0-2-209:/etc/ansible/windows-playbook# ansible-playbook
> upgrades.yml
>
> PLAY [windows]
> *************************************************************************************************************************************************************
>
> TASK [Gathering Facts]
> *****************************************************************************************************************************************************
> ok: [MQN-CKMH5E31UM7.corp.medqia.com]
>
> TASK [Install all security, critical, and rollup updates without a
> scheduled task]
> *****************************************************************************************
> fatal: [MQN-CKMH5E31UM7.corp.medqia.com]: FAILED! => {"changed": false,
> "filtered_updates": {"48715a8c-3c38-4dfb-86e7-077be8b8663e": {"categories":
> ["Definition Updates", "Windows Defender"], "filtered_reason":
> "category_names", "id": "48715a8c-3c38-4dfb-86e7-077be8b8663e",
> "installed": false, "kb": ["2267602"], "title": "Security Intelligence
> Update for Windows Defender Antivirus - KB2267602 (Version 1.307.2839.0)"},
> "5bb32ece-7c8c-4f07-ace1-7ba1d36736a1": {"categories": ["Updates", "Windows
> 10"], "filtered_reason": "category_names", "id":
> "5bb32ece-7c8c-4f07-ace1-7ba1d36736a1", "installed": false, "kb":
> ["4494452"], "title": "2019-05 Update for Windows 10 Version 1709 for
> x64-based Systems (KB4494452)"}, "65ecc208-c6b1-4fce-b892-fc2c93917d76":
> {"categories": ["Drivers"], "filtered_reason": "category_names", "id":
> "65ecc208-c6b1-4fce-b892-fc2c93917d76", "installed": false, "kb": [],
> "title": "Logitech - Image - 10/24/2018 12:00:00 AM - 1.3.89.0"}},
> "found_update_count": 1, "installed_update_count": 0, "msg": "Failed to
> install update from Update Collection: Exception from HRESULT: 0x80240016",
> "reboot_required": false, "updates":
> {"79bfbb87-ae9d-480d-9f6f-5c82361e015d": {"categories": ["Upgrades"], "id":
> "79bfbb87-ae9d-480d-9f6f-5c82361e015d", "installed": false, "kb":
> ["4530684"], "title": "Feature update to Windows 10, version 1909"}}}
>
>
> PLAY RECAP
> *****************************************************************************************************************************************************************
> MQN-CKMH5E31UM7.corp.medqia.com : ok=1 changed=0 unreachable=0
> failed=1 skipped=0 rescued=0 ignored=0
>
>
>
> On Wed, Jan 22, 2020 at 1:52 PM Jordan Borean <[email protected]> wrote:
>
>> So read your filtered updates list, you can see both updates are in there
>>
>> ok: [MQN-CKMH5E31UM7.corp.medqia.com] => {
>> "changed": false,
>> "filtered_updates": {
>> "20668013-76d9-43ec-a6f2-f76fb4271642": {
>> "categories": [
>> "Definition Updates",
>> "Windows Defender"
>> ],
>> "filtered_reason": "category_names",
>> "id": "20668013-76d9-43ec-a6f2-f76fb4271642",
>> "installed": false,
>> "kb": [
>> "2267602"
>> ],
>> "title": "Security Intelligence Update for Windows Defender
>> Antivirus - KB2267602 (Version 1.307.2832.0)"
>> },
>> "5bb32ece-7c8c-4f07-ace1-7ba1d36736a1": {
>> "categories": [
>> "Updates",
>> "Windows 10"
>> ],
>> "filtered_reason": "category_names",
>> "id": "5bb32ece-7c8c-4f07-ace1-7ba1d36736a1",
>> "installed": false,
>> "kb": [
>> "4494452"
>> ],
>> "title": "2019-05 Update for Windows 10 Version 1709 for
>> x64-based Systems (KB4494452)"
>> },
>> "65ecc208-c6b1-4fce-b892-fc2c93917d76": {
>> "categories": [
>> "Drivers"
>> ],
>> "filtered_reason": "category_names",
>> "id": "65ecc208-c6b1-4fce-b892-fc2c93917d76",
>> "installed": false,
>> "kb": [],
>> "title": "Logitech - Image - 10/24/2018 12:00:00 AM - 1.3.89.0"
>> },
>> "79bfbb87-ae9d-480d-9f6f-5c82361e015d": {
>> "categories": [
>> "Upgrades"
>> ],
>> "filtered_reason": "category_names",
>> "id": "79bfbb87-ae9d-480d-9f6f-5c82361e015d",
>> "installed": false,
>> "kb": [
>> "4530684"
>> ],
>> "title": "Feature update to Windows 10, version 1909"
>> }
>> },
>> "found_update_count": 0,
>> "installed_update_count": 0,
>> "reboot_required": false,
>> "updates": {}
>> }
>>
>> The win_updates modules has 2 filters that are applied to available
>> updates
>>
>> 1. It first filters the updates based on the categories that are set.
>> By default Critical Updates, Security Updates, and Update Rollups are
>> applied and any other filtered
>> 2. From there if you have a whitelist or blacklist these filters are
>> applied to the list
>>
>> We can see that both the defender update and the feature update have been
>> filtered due to the category name not matching from the input. If you want
>> them to be applied you will have to add the 'Upgrades' category for the
>> feature upgrade and the 'Windows Defender' or 'Definition Updates' for the
>> defender update. Say you wanted to make sure that only the feature update
>> to Windows 10, version 1909 is installed you can do
>>
>> - name: ensure Windows 10 has 1909 feature upgrade installed
>> win_updates:
>> category_names:
>> - Upgrades
>> whitelist:
>> - KB4530684
>> reboot: yes
>>
>> If you didn't care about the actual KB and want all Upgrades installed
>> then just remove the whitelist.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/8e43d291-1018-4533-affe-6cb378f7f48a%40googlegroups.com
>> <https://groups.google.com/d/msgid/ansible-project/8e43d291-1018-4533-affe-6cb378f7f48a%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAGYWNsM1rH-a%2BO5X_M4B-Mybm9Kmsuz5uVyqjA3GSPkRDJvwkQ%40mail.gmail.com.
