Windows Playbook how to not have a remote connection for every task

[Daniel]

Working on a playbook, using the following windows modules:  win_mapped_drive and win_robocopy.

I have been using net use commands since the late 80's with 3Com Lan Manager, so I know what I am doing and I can do what I want at the command line.

win_mapped_drive x:

block of stuff

win_mapped_drive z:

block of stuff

win_robocopy

block of stuff

I am running this in AWX, and I see that when it does the first module it makes the connection and does it

Then it makes a connection and does the second mapped drive

Then it makes a connection and errors out at the robocopy, saying that x: does not exist.

I tried making it persistent with become, runas, SYSTEM.  Then I get a permission issue with win_robocopy module and I had to go into the registry and kill the mapped drives.

I think it is "logging off" after every task, is there a way to make a single connection and keep the same connection for the entire playbook?

Thank you

[jbor...@gmail.com]

Each task is run in it's own shell, you cannot map a drive and expect to be able to use it in an Ansible task. It even says it in the documentation for win_mapped_drive https://docs.ansible.com/ansible/latest/collections/community/windows/win_mapped_drive_module.html

> You cannot use this module to access a mapped drive in another Ansible task, drives mapped with this module are only accessible when logging in interactively with the user through the console or RDP.

What you are meant to do is just use the UNC path and use become on the task that needs to access that UNC path so the credentials are delegated. If you need to use 2 separate credentials you might be able to make it work with win_credential like

- name: run tasks with become to access the cred store

  become: yes  # Required so you can access the cred store

  become_method: runas

  vars:

    ansible_become_user: '{{ ansible_user }}'

    ansible_become_pass: '{{ ansible_password }}'

  block:

  - win_credential:

      name: server1

      type: domain_password

      username: user1

      secret: password

      state: present

  - win_credential:

      name: server2

      type: domain_password

      username: user2

      secret: password

      state: present

  - win_command: robocopy \\server1\share\folder \\server2\share\folder

[Daniel]

Thank you.  I guess I missed that while reading, honestly I mostly skip down to the usage.

I did not think about using the UNC path and yes, I will be able to utilize the same account for both servers thank goodness.

[jbor...@gmail.com]

Awesome if it's the same account then it's a simple

- win_command: my command

  become: yes

  become_method: runas

  vars:

    ansible_become_user: username

    ansible_become_pass: password

You may also want to add 'ansible_become_flags: logon_type=new_credentials logon_flags=netcredentials_only' to the vars if this is purely for outbound authentication. This will keep all local actions running as your connection user but outbound auth to the file servers will be with the become user.