ansible.windows.win_user module – Manages local Windows user accounts
Note
This module is part of the ansible.windows collection (version 2.5.0).
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install ansible.windows
.
To use it in a playbook, specify: ansible.windows.win_user
.
Synopsis
Manages local Windows user accounts.
For non-Windows targets, use the ansible.builtin.user module instead.
Parameters
Parameter |
Comments |
---|---|
Choices:
|
|
Set the account expiration date for the user. This value should be in the format Set the value to |
|
Only Choices:
|
|
Description of the user. |
|
Full name of the user. |
|
Adds or removes the user from this comma-separated list of groups, depending on the value of groups_action. When groups_action is Since |
|
If If If Choices:
|
|
The designated home directory of the user. |
|
The login script of the user. |
|
Name of the user to create, remove or modify. |
|
Optionally set the user’s password to this (plain text) value. |
|
Choices:
|
|
Choices:
|
|
The profile path of the user. |
|
When When When Choices:
|
|
Choices:
|
|
Choices:
|
Notes
Note
The return values are based on the user object after the module options have been set. When running in check mode the values will still reflect the existing user settings and not what they would have been changed to.
See Also
See also
- ansible.builtin.user
The official documentation on the ansible.builtin.user module.
- ansible.windows.win_domain_membership
Manage domain/workgroup membership for a Windows host.
- community.windows.win_domain_user
The official documentation on the community.windows.win_domain_user module.
- ansible.windows.win_group
Add and remove local groups.
- ansible.windows.win_group_membership
Manage Windows local group membership.
- community.windows.win_user_profile
The official documentation on the community.windows.win_user_profile module.
Examples
- name: Ensure user bob is present
ansible.windows.win_user:
name: bob
password: B0bP4ssw0rd
state: present
groups:
- Users
- name: Ensure user bob is absent
ansible.windows.win_user:
name: bob
state: absent
- name: Set an account expiration date to the 27th of October 2024 at 2:30PM UTC
ansible.windows.win_user:
name: bob
state: present
account_expires: '2024-10-27T14:30:00Z'
- name: Set an account expiration 30 days in the future
ansible.windows.win_user:
name: bob
state: present
account_expires: '{{ "%Y-%m-%dT%H:%M:%S%z" | ansible.builtin.strftime(now().timestamp() + (60 * 60 * 24 * 30)) }}'
- name: Remove account expiration date
ansible.windows.win_user:
name: bob
state: present
account_expires: never
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Whether the user is disabled. Returned: user exists Sample: |
|
Whether the user is locked. Returned: user exists Sample: |
|
The description set for the user. Returned: user exists Sample: |
|
The full name set for the user. Returned: user exists Sample: |
|
A list of groups and their ADSI path the user is a member of. Returned: user exists Sample: |
|
The name of the user Returned: always Sample: |
|
Whether the password is expired. Returned: user exists Sample: |
|
Whether the password is set to never expire. Returned: user exists Sample: |
|
The ADSI path for the user. Returned: user exists Sample: |
|
The SID for the user. Returned: user exists Sample: |
|
Whether the user can change their own password. Returned: user exists Sample: |