win_psexec - Runs commands (remotely) as another (privileged) user
New in version 2.3.
Synopsis
- Run commands (remotely) through the PsExec service
- Run commands as another (domain) user (with elevated privileges)
Requirements (on host that executes module)
- Microsoft PsExec
Options
parameter | required | default | choices | comments |
---|---|---|---|---|
chdir |
no |
Run the command from this (remote) directory.
|
||
command |
yes |
The command line to run through PsExec (limited to 260 characters).
|
||
elevated |
no | no |
|
Run the command with elevated privileges.
|
executable |
no | psexec.exe |
The location of the PsExec utility (in case it is not located in your PATH).
|
|
hostnames |
no |
The hostnames to run the command.
If not provided, the command is run locally.
|
||
interactive |
no | no |
|
Run the program so that it interacts with the desktop on the remote system.
|
limited |
no | no |
|
Run the command as limited user (strips the Administrators group and allows only privileges assigned to the Users group).
|
nobanner
(added in 2.4)
|
no | no |
|
Do not display the startup banner and copyright message.
This only works for specific versions of the PsExec binary.
|
noprofile |
no | no |
|
Run the command without loading the account's profile.
|
password |
no |
The password for the (remote) user to run the command as.
This is mandatory in order authenticate yourself.
|
||
priority |
no |
|
Used to run the command at a different priority.
|
|
system |
no | no |
|
Run the remote command in the System account.
|
timeout |
no |
The connection timeout in seconds
|
||
username |
no |
The (remote) user to run the command as.
If not provided, the current user is used.
|
||
wait |
no | yes |
|
Wait for the application to terminate.
Only use for non-interactive applications.
|
Examples
- name: Test the PsExec connection to the local system (target node) with your user win_psexec: command: whoami.exe - name: Run regedit.exe locally (on target node) as SYSTEM and interactively win_psexec: command: regedit.exe interactive: yes system: yes - name: Run the setup.exe installer on multiple servers using the Domain Administrator win_psexec: command: E:\setup.exe /i /IACCEPTEULA hostnames: - remote_server1 - remote_server2 username: DOMAIN\Administrator password: some_password priority: high - name: Run PsExec from custom location C:\Program Files\sysinternals\ win_psexec: command: netsh advfirewall set allprofiles state off executable: C:\Program Files\sysinternals\psexec.exe hostnames: [ remote_server ] password: some_password priority: low
Return Values
Common return values are documented here Return Values, the following are the fields unique to this module:
name | description | returned | type | sample |
---|---|---|---|---|
changed |
Whether or not any changes were made.
|
always | bool | True |
cmd |
The complete command line used by the module, including PsExec call and additional options.
|
always | string | psexec.exe -nobanner \\remote_server -u "DOMAIN\Administrator" -p "some_password" -accepteula E:\setup.exe |
msg |
Possible error message on failure
|
failed | string | The 'password' parameter is a required parameter. |
rc |
The return code for the command
|
always | int | 0 |
stderr |
The error output from the command
|
always | string | Error 15 running E:\setup.exe |
stdout |
The standard output from the command
|
always | string | Success. |
Notes
Note
- More information related to Microsoft PsExec is available from https://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/win_psexec_module.html