Documentation

win_user - Manages local Windows user accounts

New in version 1.7.

Synopsis

Manages local Windows user accounts

Options

parameter required default choices comments
account_disabled
(added in 1.9)
 no
  • yes
  • no
yes will disable the user account. no will clear the disabled flag.
account_locked
(added in 1.9)
 no
  • no
no will unlock the user account if locked.
description
(added in 1.9)
 no
    Description of the user
    fullname
    (added in 1.9)
    		 no
      Full name of the user
      groups
      (added in 1.9)
      		 no
        Adds or removes the user from this comma-separated lis of groups, depending on the value of groups_action. When groups_action is replace and groups is set to the empty string ('groups='), the user is removed from all groups.
        groups_action
        (added in 1.9)
        		 no replace
        • replace
        • add
        • remove
        If replace, the user is added as a member of each group in groups and removed from any other groups. If add, the user is added to each group in groups where not already a member. If remove, the user is removed from each group in groups.
        name
        		 yes
          Name of the user to create, remove or modify.
          password
          		 no
            Optionally set the user's password to this (plain text) value.
            password_expired
            (added in 1.9)
            		 no
            • yes
            • no
            yes will require the user to change their password at next login. no will clear the expired password flag.
            password_never_expires
            (added in 1.9)
            		 no
            • yes
            • no
            yes will set the password to never expire. no will allow the password to expire.
            state
            		 no present
            • present
            • absent
            • query
            When present, creates or updates the user account. When absent, removes the user account if it exists. When query (new in 1.9), retrieves the user account details without making any changes.
            update_password
            (added in 1.9)
            		 no always
            • always
            • on_create
            always will update passwords if they differ. on_create will only set the password for newly created users.
            user_cannot_change_password
            (added in 1.9)
            		 no
            • yes
            • no
            yes will prevent the user from changing their password. no will allow the user to change their password.

            Examples

            # Ad-hoc example
$ ansible -i hosts -m win_user -a "name=bob password=Password12345 groups=Users" all
$ ansible -i hosts -m win_user -a "name=bob state=absent" all

# Playbook example
---
- name: Add a user
  hosts: all
  gather_facts: false
  tasks:
    - name: Add User
      win_user:
        name: ansible
        password: "@ns1bl3"
        groups: ["Users"]

            This is a Core Module

            For more information on what this means please read Core Modules

            For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.