You could earn up to $300 by adding new articles!

Get Started Now

How to Install and Configure Ansible on Debian 9 for Use With Windows Server

Published on: Fri, Jun 29, 2018 at 10:55 am EST

Ansible is an open source tool for automating tasks. It manages the configuration of your Linux and Windows servers. It works without an agent which means that Ansible uses SSH and current user SSH authorization.

You can use Ansible to automate three types of tasks:

  • Provisioning: Set up several servers you need in your infrastructure.
  • Configuration management: Change the configuration of an application, OS, or device; start and stop services; install or update applications; implement a security policy; or perform a wide variety of other configuration tasks.
  • Application deployment: Make DevOps easier by automating the deployment of internally developed applications to your production systems.

This article will guide you through the install and setup process for Ansible on Debian Stretch, as well the configuration for the administration of a machine that's running on a Windows Server.


  • A sudo user.
  • A Debian 9 "Stretch" server instance.


Add the following line to the /etc/apt/sources.list.

deb trusty main

Add the repo keys.

sudo apt-key adv --keyserver --recv-keys 93C4A3FD7BB9C367

Update the system.

sudo apt-get update

Install Ansible.

sudo apt-get install ansible

To administer your Windows servers, you will need to install the following packages:

  • python-pip
  • pip
  • pywinrm

Install the Python packages.

sudo apt-get install python-pip pip

Install WinRM (Windows Remote Management).

sudo apt-get install pywinrm

Confirm the Ansible Installation

Test the Ansible installation by retrieving its version using the following command.

ansible --version
config file = None
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible-
executable location = /usr/local/bin/ansible
python version = 2.7.13 (default, Jan 19 2017, 14:48:08) [GCC 6.3.0 20170118]

Configure Ansible for Windows Server Management

Go to the Ansible directory.

cd /etc/ansible

Edit the hosts file with your favorite text editor.

nano hosts

Add the following lines at the bottom of the windows group.


It is necessary to create an encrypted vault containing the access identifiers for the Windows server. For that, we will create a new encrypted yml file. The file name must match the host group to which it should apply. In our case, the created group is called windows, so the file will be windows.yml.

mkdir group_vars
cd group_vars
ansible-vault create windows.yml

In your yml file, add the following parameters.

ansible_ssh_user: _your_ssh_user_
ansible_ssh_pass: _your_ssh_pass_
ansible_ssh_port: 5986
ansible_connection: winrm
ansible_winrm_server_cert_validation: ignore

Configure the Windows Server

A PowerShell script is available to automatically configure your machine. This script will automatically configure WinRM (Windows Remote Management) and open the firewall.

Download the PowerShell script from Github.

Modify the execution rules of Powershell scripts to allow the execution of the script.

Set-ExecutionPolicy RemoteSigned

Execute the script.


Your Windows Server is now ready for remote management with Ansible.

Want to contribute ?

You could earn up to $300 by adding new articles!

Get started in the SSD Cloud!