Updating Windows 10
Alan Woods
Hello, I am trying to install windows updates with Ansible and for some reason it is not working. This is what I have so far.
My playbook:
Then when I go to the windows 10 machine this is what I see when i look at the updates:
I am not sure if I maybe am not covering the correct category
or what. I have also tired to upgrade a 1803 windows 10 to 1909 with no avail. Can anyone help me with getting ansible to be able to update windows.
The account I am using is a admin on the windows 10 machine. I also have another play book that uses the win_chocolatey module to install Apps and it installs them fine. So, I don't think this can be a permission issue.
Kiran Patil
os end more likely the output is of last scan
So if you scan post ansible deployment you try scan on os end it will show no updates needed
Also depends on what all categories you selected from ansible end
Reboot is neeeded typically post deployment
So test those things
Alan Woods
Jordan Borean
Jordan Borean
Alan Woods
Hello Jordan,
I think the categories are messing with me a bit. I thought updating windows to 1909 or the 2004 update was on the upgrade’s category. But when I look at the Microsoft Update Catalog for Update Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4524570) Classification is Security Updates.
However, I use a playbook for finding all the updates. This is the play book that has all the categories I could find:
---
- hosts: win10-pro-1
gather_facts: no
tasks:
- name: Search-only, return list of found updates (if any), log to C:\AllUpdates.txt
win_updates:
category_names:
- Updates
- Upgrades
- Feature Updates
- Application
- Connectors
- Critical Updates
- Definition Updates
- Developer Kits
- Feature Packs
- Guidance
- Security Updates
- Service Packs
- Tools
- Update Rollups
- Feature Updates
state: searched
log_path: C:\All_Updates.txt
This pulled all the updates in the attached All_Updates.txt file. You can see from that text file the categories for the Feature update to Windows 10, version 1909 is Upgrades, but when I look that KB up on the Microsoft Update Catalog it says the Classification is Security Updates. But either way in my playbook I have both categories listed.
So, I did a win_ping to make sure Ansible is connecting to the windows 10 box fine then I ran the playbook with -vvv this is the output I get:
[vagrant@controller FeatureUpdatePlays]$ ansible win10-pro-4 -m win_ping
win10-pro-4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
[vagrant@controller FeatureUpdatePlays]$ ansible-playbook test4.yml -vvv
ansible-playbook 2.9.10
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/vagrant/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 3.6.8 (default, Apr 16 2020, 01:36:27) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
PLAYBOOK: test4.yml **********************************************************************************************************
1 plays in test4.yml
PLAY [Windows Update] ********************************************************************************************************
META: ran handlers
TASK [Install updates] *******************************************************************************************************
task path: /home/vagrant/ansible/win_10_Updates/FeatureUpdatePlays/test4.yml:8
win_updates: running win_updates module
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_updates.ps1
Pipelining is enabled.
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
fatal: [win10-pro-4]: FAILED! => {
"changed": true,
"failed_update_count": 2,
"filtered_updates": {
"b885d48a-be89-4b3b-9e02-66896c88b568": {
"categories": [
"Feature Packs",
"Windows 10"
],
"filtered_reason": "category_names",
"id": "b885d48a-be89-4b3b-9e02-66896c88b568",
"installed": false,
"kb": [
"4486153"
],
"title": "Microsoft .NET Framework 4.8 for Windows 10 Version 1809 for x64 (KB4486153)"
}
},
"found_update_count": 8,
"installed_update_count": 6,
"msg": "Failed to install one or more updates",
"reboot_required": true,
"updates": {
"2221dd34-39bb-4f16-b320-be49fe4a6b95": {
"categories": [
"Update Rollups",
"Windows 10",
"Windows 10 LTSB"
],
"id": "2221dd34-39bb-4f16-b320-be49fe4a6b95",
"installed": true,
"kb": [
"890830"
],
"title": "Windows Malicious Software Removal Tool x64 - v5.82 (KB890830)"
},
"3b80c9f0-1416-4f38-bc39-e68ec91b71fa": {
"categories": [
"Updates",
"Windows 10"
],
"id": "3b80c9f0-1416-4f38-bc39-e68ec91b71fa",
"installed": true,
"kb": [
"4462930"
],
"title": "Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems (KB4462930)"
},
"75be4a80-6464-4d06-b0b7-fdc57c1762bf": {
"categories": [
"Critical Updates"
],
"failed": true,
"failure_hresult_code": -2145116147,
"id": "75be4a80-6464-4d06-b0b7-fdc57c1762bf",
"installed": false,
"kb": [
"4023057"
],
"title": "2019-12 Update for Windows 10 Version 1809 for x64-based Systems (KB4023057)"
},
"9add809d-6ff7-41cc-b891-2fe92d2aa759": {
"categories": [
"Updates",
"Windows 10",
"Windows 10 LTSB"
],
"id": "9add809d-6ff7-41cc-b891-2fe92d2aa759",
"installed": true,
"kb": [
"4567327"
],
"title": "2020-07 Cumulative Update Preview for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 for x64 (KB4567327)"
},
"ac2b20ab-6186-4267-8d55-4b3ca35197d1": {
"categories": [
"Upgrades"
],
"failed": true,
"failure_hresult_code": -2145116147,
"id": "ac2b20ab-6186-4267-8d55-4b3ca35197d1",
"installed": false,
"kb": [
"4560960"
],
"title": "Feature update to Windows 10, version 1909"
},
"b189e214-800b-46f6-8d32-fae39d1ec62a": {
"categories": [
"Definition Updates",
"Microsoft Defender Antivirus"
],
"id": "b189e214-800b-46f6-8d32-fae39d1ec62a",
"installed": true,
"kb": [
"2267602"
],
"title": "Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.319.2408.0)"
},
"d7788cdf-043f-4920-a066-d5aa76366ce5": {
"categories": [
"Updates",
"Windows 10"
],
"id": "d7788cdf-043f-4920-a066-d5aa76366ce5",
"installed": true,
"kb": [
"4494174"
],
"title": "2020-01 Update for Windows 10 Version 1809 for x64-based Systems (KB4494174)"
},
"f0373bed-690d-454b-898d-e5a20a4e4f90": {
"categories": [
"Security Updates",
"Windows 10",
"Windows 10 LTSB"
],
"id": "f0373bed-690d-454b-898d-e5a20a4e4f90",
"installed": true,
"kb": [
"4561600"
],
"title": "2020-06 Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems (KB4561600)"
}
}
}
...ignoring
TASK [Ensure that WinRM is started when the system has settled] **************************************************************
task path: /home/vagrant/ansible/win_10_Updates/FeatureUpdatePlays/test4.yml:27
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_service.ps1
Pipelining is enabled.
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
changed: [win10-pro-4] => {
"can_pause_and_continue": false,
"changed": true,
"depended_by": [],
"dependencies": [
"RPCSS",
"HTTP"
],
"description": "Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.",
"desktop_interact": false,
"display_name": "Windows Remote Management (WS-Management)",
"exists": true,
"name": "WinRM",
"path": "C:\\Windows\\System32\\svchost.exe -k NetworkService -p",
"start_mode": "delayed",
"state": "running",
"username": "NT AUTHORITY\\NetworkService"
}
META: ran handlers
META: ran handlers
PLAY RECAP *******************************************************************************************************************
win10-pro-4 : ok=2 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=1
[vagrant@controller FeatureUpdatePlays]$
Now I see a spot that says filtered_reason": "category_names. I am not sure what to do with this. I have all the categories that I can see.
After I ran the playbook to install all the updates, I re-ran the playbook for finding all the updates. That is an attached file named Needed_updates.txt. It seems to install all of them accept the one I really want which is the Feature update to Windows 10, version 1909. So I am not sure what to do here to get the Feature update to Windows 10, version 1909 installed?
Alan Woods
2020-07-27 09:20:56Z Creating Windows Update session...
2020-07-27 09:20:56Z Create Windows Update searcher...
2020-07-27 09:20:56Z Setting the Windows Update Agent source catalog...
2020-07-27 09:20:56Z Requested search source is 'default'
2020-07-27 09:20:56Z Search source set to 'default' (ServerSelection = 0)
2020-07-27 09:20:56Z Searching for updates to install
2020-07-27 09:21:11Z Found 11 updates
2020-07-27 09:21:11Z Creating update collection...
2020-07-27 09:21:11Z Adding update 3b80c9f0-1416-4f38-bc39-e68ec91b71fa - Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems (KB4462930)
2020-07-27 09:21:11Z Adding update b885d48a-be89-4b3b-9e02-66896c88b568 - Microsoft .NET Framework 4.8 for Windows 10 Version 1809 for x64 (KB4486153)
2020-07-27 09:21:11Z Adding update 62afbd9b-097b-4300-9e4d-275c9a35be2c - Update for Windows Defender Antivirus antimalware platform - KB4052623 (Version 4.18.2001.10)
2020-07-27 09:21:11Z Adding update 2221dd34-39bb-4f16-b320-be49fe4a6b95 - Windows Malicious Software Removal Tool x64 - v5.82 (KB890830)
2020-07-27 09:21:11Z Adding update d7788cdf-043f-4920-a066-d5aa76366ce5 - 2020-01 Update for Windows 10 Version 1809 for x64-based Systems (KB4494174)
2020-07-27 09:21:11Z Adding update f0373bed-690d-454b-898d-e5a20a4e4f90 - 2020-06 Security Update for Adobe Flash Player for Windows 10 Version 1809 for x64-based Systems (KB4561600)
2020-07-27 09:21:11Z Adding update 574c4e34-7a64-4d62-a90d-62818c403ae0 - Update for Microsoft Defender Antivirus antimalware platform - KB4052623 (Version 4.18.2006.10)
2020-07-27 09:21:11Z Adding update 9add809d-6ff7-41cc-b891-2fe92d2aa759 - 2020-07 Cumulative Update Preview for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 for x64 (KB4567327)
2020-07-27 09:21:11Z Adding update b189e214-800b-46f6-8d32-fae39d1ec62a - Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.319.2408.0)
2020-07-27 09:21:11Z Adding update 75be4a80-6464-4d06-b0b7-fdc57c1762bf - 2019-12 Update for Windows 10 Version 1809 for x64-based Systems (KB4023057)
2020-07-27 09:21:11Z Adding update ac2b20ab-6186-4267-8d55-4b3ca35197d1 - Feature update to Windows 10, version 1909
2020-07-27 09:21:11Z Calculating pre-install reboot requirement...
2020-07-27 09:21:11Z Check mode: exiting...
2020-07-27 09:21:11Z Return value:
{
"updates": {
"2221dd34-39bb-4f16-b320-be49fe4a6b95": {
"categories": [
"Update Rollups",
"Windows 10",
"Windows 10 LTSB"
],
"installed": false,
"kb": [
"890830"
]
},
"62afbd9b-097b-4300-9e4d-275c9a35be2c": {
"categories": [
"Microsoft Defender Antivirus",
"Updates"
],
"title": "Update for Windows Defender Antivirus antimalware platform - KB4052623 (Version 4.18.2001.10)",
"id": "62afbd9b-097b-4300-9e4d-275c9a35be2c",
"installed": false,
"kb": [
"4052623"
]
},
"9add809d-6ff7-41cc-b891-2fe92d2aa759": {
"categories": [
"Updates",
"Windows 10",
"Windows 10 LTSB"
],
"installed": false,
"kb": [
"4567327"
]
},
"d7788cdf-043f-4920-a066-d5aa76366ce5": {
"categories": [
"Updates",
"Windows 10"
],
"installed": false,
"kb": [
"4494174"
]
},
"b189e214-800b-46f6-8d32-fae39d1ec62a": {
"categories": [
"Definition Updates",
"Microsoft Defender Antivirus"
],
"installed": false,
"kb": [
"2267602"
]
},
"75be4a80-6464-4d06-b0b7-fdc57c1762bf": {
"categories": [
"Critical Updates"
],
"id": "75be4a80-6464-4d06-b0b7-fdc57c1762bf",
"installed": false,
"kb": [
"4023057"
]
},
"categories": [
"Definition Updates",
"Microsoft Defender Antivirus"
],
"id": "574c4e34-7a64-4d62-a90d-62818c403ae0",
"installed": false,
"kb": [
"4052623"
]
},
"f0373bed-690d-454b-898d-e5a20a4e4f90": {
"categories": [
"Security Updates",
"Windows 10",
"Windows 10 LTSB"
],
"id": "f0373bed-690d-454b-898d-e5a20a4e4f90",
"installed": false,
"kb": [
"4561600"
]
},
"b885d48a-be89-4b3b-9e02-66896c88b568": {
"categories": [
"Feature Packs",
"Windows 10"
],
"id": "b885d48a-be89-4b3b-9e02-66896c88b568",
"installed": false,
"kb": [
"4486153"
]
},
"categories": [
"Updates",
"Windows 10"
],
"installed": false,
"kb": [
"4462930"
]
},
"ac2b20ab-6186-4267-8d55-4b3ca35197d1": {
"categories": [
"Upgrades"
],
"id": "ac2b20ab-6186-4267-8d55-4b3ca35197d1",
"installed": false,
"kb": [
"4560960"
]
}
},
"changed": false,
"reboot_required": false,
"installed_update_count": 0,
"filtered_updates": {
}
}
2020-07-27 09:21:11Z Native job completed with output:
Name Value
---- -----
updates {2221dd34-39bb-4f16-b320-be49fe4a6b95, 62afbd9b-097b-4300-9e4d-275c9a35be2c, 9add809d-6ff7-41cc-b891-2fe92d2aa759, d7788cdf-043f-4920-a066-d5aa76366ce5...}
found_update_count 11
changed False
reboot_required False
installed_update_count 0
filtered_updates {}
Second file:
2020-07-27 11:09:37Z Creating Windows Update session...
2020-07-27 11:09:37Z Create Windows Update searcher...
2020-07-27 11:09:37Z Setting the Windows Update Agent source catalog...
2020-07-27 11:09:37Z Requested search source is 'default'
2020-07-27 11:09:37Z Search source set to 'default' (ServerSelection = 0)
2020-07-27 11:09:37Z Searching for updates to install
2020-07-27 11:09:41Z Found 3 updates
2020-07-27 11:09:41Z Creating update collection...
2020-07-27 11:09:41Z Adding update b885d48a-be89-4b3b-9e02-66896c88b568 - Microsoft .NET Framework 4.8 for Windows 10 Version 1809 for x64 (KB4486153)
2020-07-27 11:09:41Z Adding update 733586b1-2335-40ff-8ff4-86da119d371f - Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.319.2413.0)
2020-07-27 11:09:41Z Adding update ac2b20ab-6186-4267-8d55-4b3ca35197d1 - Feature update to Windows 10, version 1909
2020-07-27 11:09:41Z Calculating pre-install reboot requirement...
2020-07-27 11:09:41Z Check mode: exiting...
2020-07-27 11:09:41Z Return value:
{
"updates": {
"733586b1-2335-40ff-8ff4-86da119d371f": {
"categories": [
"Definition Updates",
"Microsoft Defender Antivirus"
],
"id": "733586b1-2335-40ff-8ff4-86da119d371f",
"installed": false,
"kb": [
"2267602"
]
},
"b885d48a-be89-4b3b-9e02-66896c88b568": {
"categories": [
"Feature Packs",
"Windows 10"
],
"id": "b885d48a-be89-4b3b-9e02-66896c88b568",
"installed": false,
"kb": [
"4486153"
]
},
"categories": [
"Upgrades"
],
"title": "Feature update to Windows 10, version 1909",
"id": "ac2b20ab-6186-4267-8d55-4b3ca35197d1",
"installed": false,
"kb": [
"4560960"
]
}
},
"changed": false,
"reboot_required": true,
"installed_update_count": 0,
"filtered_updates": {
}
}
2020-07-27 11:09:42Z Native job completed with output:
Name Value
---- -----
updates {733586b1-2335-40ff-8ff4-86da119d371f, b885d48a-be89-4b3b-9e02-66896c88b568, ac2b20ab-6186-4267-8d55-4b3ca35197d1}
found_update_count 3
changed False
reboot_required True
installed_update_count 0
filtered_updates {}
jbor...@gmail.com
Alan Woods
---
- name: Windows Update
hosts: win10-pro-4
gather_facts: false
tasks:
- name: Install updates
win_updates:
category_names:
[
"Security Updates",
"Critical Updates",
"Update Rollups",
"Updates",
"Definition Updates",
"Quality Updates",
"Feature Updates",
"Upgrades",
]
state: installed
reboot: yes
#reboot_timeout: 2700
register: updates_were_installed
ignore_errors: true
- name: Ensure that WinRM is started when the system has settled
win_service:
name: WinRM
start_mode: delayed
Alan Woods
...
jbor...@gmail.com
Alan Woods
---
- hosts: win10-pro-4
gather_facts: no
tasks:
- name: Install Windows Updates
win_updates:
category_names:
- Application
- Connectors
- CriticalUpdates
- DefinitionUpdates
- DeveloperKits
- FeaturePacks
- Guidance
- SecurityUpdates
- ServicePacks
- Tools
- UpdateRollups
- Updates
state: installed
reboot: yes
- name: Ensure that WinRM is started when the system has settled
win_service:
name: WinRM
start_mode: delayed
It is weird I have a playbook that tells me what updates there are to install. I ran this playbook I got these updates:
It is weird I have a playbook that tells me what updates there are to install. I ran this playbook I got these updates:
2020-07-29 13:48:43Z WUA is available in current logon process, running natively
2020-07-29 13:48:43Z Creating Windows Update session...
2020-07-29 13:48:43Z Create Windows Update searcher...
2020-07-29 13:48:43Z Setting the Windows Update Agent source catalog...
2020-07-29 13:48:43Z Requested search source is 'default'
2020-07-29 13:48:43Z Search source set to 'default' (ServerSelection = 0)
2020-07-29 13:48:43Z Searching for updates to install
2020-07-29 13:48:48Z Found 4 updates
2020-07-29 13:48:48Z Creating update collection...
2020-07-29 13:48:48Z Adding update b3fb7000-1397-452f-81d3-4e9515450bfc - 2020-01 Update for Windows 10 Version 1909 for x64-based Systems (KB4497165)
2020-07-29 13:48:48Z Adding update d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef - 2020-06 Security Update for Adobe Flash Player for Windows 10 Version 1909 for x64-based Systems (KB4561600)
2020-07-29 13:48:48Z Adding update d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9 - 2020-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64 (KB4562900)
2020-07-29 13:48:48Z Adding update e596074e-3f2a-4ac5-b254-e37440d50c47 - 2020-07 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4565483)
2020-07-29 13:48:48Z Calculating pre-install reboot requirement...
2020-07-29 13:48:48Z Check mode: exiting...
2020-07-29 13:48:48Z Return value:
{
"updates": {
"d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9": {
"categories": [
"Updates",
"Windows 10, version 1903 and later"
],
"title": "2020-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64 (KB4562900)",
"id": "d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9",
"installed": false,
"kb": [
"4562900"
]
},
"d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef": {
"categories": [
"Security Updates",
"Windows 10, version 1903 and later"
],
"title": "2020-06 Security Update for Adobe Flash Player for Windows 10 Version 1909 for x64-based Systems (KB4561600)",
"id": "d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef",
"installed": false,
"kb": [
"4561600"
]
},
"e596074e-3f2a-4ac5-b254-e37440d50c47": {
"categories": [
"Security Updates"
],
"title": "2020-07 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4565483)",
"id": "e596074e-3f2a-4ac5-b254-e37440d50c47",
"installed": false,
"kb": [
"4565483"
]
},
"b3fb7000-1397-452f-81d3-4e9515450bfc": {
"categories": [
"Updates",
"Windows 10, version 1903 and later"
],
"title": "2020-01 Update for Windows 10 Version 1909 for x64-based Systems (KB4497165)",
"id": "b3fb7000-1397-452f-81d3-4e9515450bfc",
"installed": false,
"kb": [
"4497165"
]
}
},
"found_update_count": 4,
"changed": false,
"reboot_required": false,
"installed_update_count": 0,
"filtered_updates": {
}
}
2020-07-29 13:48:48Z Native job completed with output:
Name Value
---- -----
updates {d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9, d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef, e596074e-3f2a-4ac5-b254-e37440d50c47, b3fb7000-1397-452f-81d3-4e9515450bfc}
found_update_count 4
changed False
reboot_required False
installed_update_count 0
filtered_updates {}
Then I ran the playbook to install the updates. This is the output of the play:
[vagrant@controller FeatureUpdatePlays]$ ansible-playbook update1.yml -vvv
ansible-playbook 2.9.10
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/vagrant/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 3.6.8 (default, Apr 16 2020, 01:36:27) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
PLAYBOOK: update1.yml ********************************************************************************************************
1 plays in update1.yml
PLAY [win10-pro-4] ***********************************************************************************************************
META: ran handlers
TASK [Install Windows Updates] ***********************************************************************************************
task path: /home/vagrant/ansible/win_10_Updates/FeatureUpdatePlays/update1.yml:5
win_updates: running win_updates module
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_updates.ps1
Pipelining is enabled.
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
win_updates: check win_updates results for automatic reboot: {"updates": {"d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9": {"id": "d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9", "title": "2020-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64 (KB4562900)", "categories": ["Updates", "Windows 10, version 1903 and later"], "kb": ["4562900"], "installed": true}, "d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef": {"id": "d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef", "title": "2020-06 Security Update for Adobe Flash Player for Windows 10 Version 1909 for x64-based Systems (KB4561600)", "categories": ["Security Updates", "Windows 10, version 1903 and later"], "kb": ["4561600"], "installed": true}, "e596074e-3f2a-4ac5-b254-e37440d50c47": {"id": "e596074e-3f2a-4ac5-b254-e37440d50c47", "title": "2020-07 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4565483)", "categories": ["Security Updates"], "kb": ["4565483"], "installed": true}, "b3fb7000-1397-452f-81d3-4e9515450bfc": {"id": "b3fb7000-1397-452f-81d3-4e9515450bfc", "title": "2020-01 Update for Windows 10 Version 1909 for x64-based Systems (KB4497165)", "categories": ["Updates", "Windows 10, version 1903 and later"], "kb": ["4497165"], "installed": true}}, "failed_update_count": 0, "found_update_count": 4, "changed": true, "reboot_required": true, "installed_update_count": 4, "filtered_updates": {}, "_ansible_parsed": true}
win_updates: rebooting remote host after update install
EXEC (via pipeline wrapper)
win_updates: rebooting server...
EXEC (via pipeline wrapper)
win_updates: validating reboot
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
win_updates: attempting to get system boot time
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
win_updates: attempting post-reboot test command
EXEC (via pipeline wrapper)
win_updates: system successfully rebooted
win_updates: checking WUA is not busy with win_shell command
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_shell.ps1
Pipelining is enabled.
EXEC (via pipeline wrapper)
win_updates: shell wait results: {"start": "2020-07-29 09:06:41.805623", "stdout": "False\r\n", "cmd": "(New-Object -ComObject Microsoft.Update.Session).CreateUpdateInstaller().IsBusy", "stderr": "", "changed": true, "rc": 0, "delta": "0:00:04.001559", "end": "2020-07-29 09:06:45.807182", "_ansible_parsed": true, "stdout_lines": ["False"], "stderr_lines": []}
win_updates: ensure the connection is up and running
wait_for_connection: attempting ping module test
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_ping.ps1
Pipelining is enabled.
EXEC (via pipeline wrapper)
win_updates: running win_updates module
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_updates.ps1
Pipelining is enabled.
EXEC (via pipeline wrapper)
changed: [win10-pro-4] => {
"changed": true,
"filtered_updates": {},
"found_update_count": 4,
"installed_update_count": 4,
"reboot_required": false,
"updates": {
"b3fb7000-1397-452f-81d3-4e9515450bfc": {
"categories": [
"Updates",
"Windows 10, version 1903 and later"
],
"id": "b3fb7000-1397-452f-81d3-4e9515450bfc",
"installed": true,
"kb": [
"4497165"
],
"title": "2020-01 Update for Windows 10 Version 1909 for x64-based Systems (KB4497165)"
},
"d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef": {
"categories": [
"Security Updates",
"Windows 10, version 1903 and later"
],
"id": "d4ea5ecd-03e8-44d2-ada7-bd4fb61446ef",
"installed": true,
"kb": [
"4561600"
],
"title": "2020-06 Security Update for Adobe Flash Player for Windows 10 Version 1909 for x64-based Systems (KB4561600)"
},
"d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9": {
"categories": [
"Updates",
"Windows 10, version 1903 and later"
],
"id": "d8cbe3a9-bcf6-4b76-8e21-e6b063bdc2a9",
"installed": true,
"kb": [
"4562900"
],
"title": "2020-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 for x64 (KB4562900)"
},
"e596074e-3f2a-4ac5-b254-e37440d50c47": {
"categories": [
"Security Updates"
],
"id": "e596074e-3f2a-4ac5-b254-e37440d50c47",
"installed": true,
"kb": [
"4565483"
],
"title": "2020-07 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4565483)"
}
}
}
TASK [Ensure that WinRM is started when the system has settled] **************************************************************
task path: /home/vagrant/ansible/win_10_Updates/FeatureUpdatePlays/update1.yml:23
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_service.ps1
Pipelining is enabled.
<win10-pro-4> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-4
EXEC (via pipeline wrapper)
ok: [win10-pro-4] => {
"can_pause_and_continue": false,
"changed": false,
"depended_by": [],
"dependencies": [
"RPCSS",
"HTTP"
],
"description": "Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.",
"desktop_interact": false,
"display_name": "Windows Remote Management (WS-Management)",
"exists": true,
"name": "WinRM",
"path": "C:\\WINDOWS\\System32\\svchost.exe -k NetworkService -p",
"start_mode": "delayed",
"state": "running",
"username": "NT AUTHORITY\\NetworkService"
}
META: ran handlers
META: ran handlers
PLAY RECAP *******************************************************************************************************************
win10-pro-4
: ok=2 changed=1 unreachable=0 failed=0
skipped=0 rescued=0 ignored=0
Now when I run the playbook to find what updates are available it shows none which is good. However, when I go to the windows 10 box it shows the downloads still pending. You can see in the screen shot. So I am not sure how to get the windows 10 box to actually install them.
Alan Woods
...
jbor...@gmail.com
Alan Woods
So here is an issue I am having I am trying to get the Feature update to windows 10 version 1909 installed using Ansible. When I go to Update & Security this is what I see:
Then I run this playbook to install that update, and this is the outcome.
Playbook:
---
- hosts: win10-pro-2
gather_facts: no
tasks:
- name: Install Windows Updates
win_updates:
category_names:
- Application
- Connectors
- Critical Updates
- Definition Updates
- Developer Kits
- Feature Packs
- Guidance
- Security Updates
- Service Packs
- Tools
- Update Rollups
- Updates
state: installed
reboot: yes
- name: Ensure that WinRM is started when the system has settled
win_service:
name: WinRM
start_mode: delayed
This is the outcome:
[vagrant@controller FeatureUpdatePlays]$ ansible-playbook update1.yml -vvv
ansible-playbook 2.9.10
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/vagrant/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 3.6.8 (default, Apr 16 2020, 01:36:27) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
PLAYBOOK: update1.yml *************************************************************************************************
1 plays in update1.yml
PLAY [win10-pro-2] ****************************************************************************************************
META: ran handlers
TASK [Install Windows Updates] ****************************************************************************************
task path: /home/vagrant/ansible/win_10_Updates/FeatureUpdatePlays/update1.yml:5
win_updates: running win_updates module
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_updates.ps1
Pipelining is enabled.
<win10-pro-2> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-2
EXEC (via pipeline wrapper)
ok: [win10-pro-2] => {
"changed": false,
"filtered_updates": {},
"found_update_count": 0,
"installed_update_count": 0,
"reboot_required": false,
"updates": {}
}
TASK [Ensure that WinRM is started when the system has settled] *******************************************************
task path: /home/vagrant/ansible/win_10_Updates/FeatureUpdatePlays/update1.yml:23
Using module file /usr/lib/python3.6/site-packages/ansible/modules/windows/win_service.ps1
Pipelining is enabled.
<win10-pro-2> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5986 TO win10-pro-2
EXEC (via pipeline wrapper)
ok: [win10-pro-2] => {
"can_pause_and_continue": false,
"changed": false,
"depended_by": [],
"dependencies": [
"RPCSS",
"HTTP"
],
"description": "Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.",
"desktop_interact": false,
"display_name": "Windows Remote Management (WS-Management)",
"exists": true,
"name": "WinRM",
"path": "C:\\Windows\\System32\\svchost.exe -k NetworkService -p",
"start_mode": "delayed",
"state": "running",
"username": "NT AUTHORITY\\NetworkService"
}
META: ran handlers
META: ran handlers
PLAY RECAP ************************************************************************************************************
win10-pro-2 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
How to I get Ansible to see this and install it then re-boot the system when it is done?