Ansible, Windows and PowerShell: the Basics – Part 7, Utilising PowerShell DSC

In Part 7 of this series we’ll continue our journey with Ansible, Windows and PowerShell and look at how utilise PowerShell DSC. If you or your team already own some automation created using PowerShell DSC then it is possible to re-use that via an Ansible Playbook. Or maybe you think that you or they would prefer to create configuration automation going forward using a perhaps more familiar PowerShell DSC, then this could be a solution for you.

The following example will demonstrate how to use the Active Directory DSC module to create a user in AD.

Our job template in AWX is _6_invoke-dsc

The contents of _6_invoke-dsc.yml are are follows:

Since PowerShell DSC modules are typically located in the PowerShell Gallery, we can use the win_psmodule to make sure it is present on our system. (Part 2 of this series covered installing PowerShell Modules from the PowerShell Gallery with Ansible.) The first task ensures that the Active Directory DSC module , xActiveDirectory, is present.

The second task uses the win_dsc Ansible module to configure an Active Directory DSC module resource and create a user in AD. We simply need to list some of the properties of the user in order to create it.

Our Active Directory OU before running the Ansible job contains no user named test_user:

Running a job from the _6_ invoke-dsc job template produces the following result:

Now the user test_user is present:

You can use any existing PowerShell DSC module in the PowerShell Gallery to carry out what you need to achieve and drive the automation from Ansible.