win_group_membership – Manage Windows local group membership¶
New in version 2.4.
- Allows the addition and removal of local, service and domain users, and domain groups from a local group.
list / required
A list of members to ensure are present/absent from the group.
Accepts local users as .\username, and SERVERNAME\username.
Accepts domain users and groups as DOMAIN\username and [email protected]
Accepts service users as NT AUTHORITY\username.
Accepts all local, domain and service user types as username, favoring domain lookups when in a domain.
string / required
Name of the local group to manage membership on.
Desired state of the members in the group.
- win_domain_group – Creates, modifies or removes domain groups
- The official documentation on the win_domain_group module.
- win_domain_membership – Manage domain/workgroup membership for a Windows host
- The official documentation on the win_domain_membership module.
- win_group – Add and remove local groups
- The official documentation on the win_group module.
- name: Add a local and domain user to a local group win_group_membership: name: Remote Desktop Users members: - NewLocalAdmin - DOMAIN\TestUser state: present - name: Remove a domain group and service user from a local group win_group_membership: name: Backup Operators members: - DOMAIN\TestGroup - NT AUTHORITY\SYSTEM state: absent - name: Ensure only a domain user exists in a local group win_group_membership: name: Remote Desktop Users members: - DOMAIN\TestUser state: pure
Common return values are documented here, the following are the fields unique to this module: