mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-25 14:20:22 -07:00
win_scheduled_task: Add enhanced run option support (#24174)
* add enhanced run option support for win_scheduled_task * changed run_level option to runlevel * correct merge conflicts since task path fix * changed run_level option to runlevel * changed do_not_store_password to store_password, and other minor fixes * conditional logic swap, and documentation change for password
This commit is contained in:
parent
52c1a1936d
commit
7d3951d065
3 changed files with 215 additions and 7 deletions
|
@ -87,8 +87,10 @@ $executable = Get-AnsibleParam -obj $params -name "executable" -type "str" -alia
|
|||
$frequency = Get-AnsibleParam -obj $params -name "frequency" -type "str" -validateset "once","daily","weekly" -failifempty $present
|
||||
$time = Get-AnsibleParam -obj $params -name "time" -type "str" -failifempty $present
|
||||
|
||||
# TODO: We should default to the current user
|
||||
$user = Get-AnsibleParam -obj $params -name "user" -type "str" -failifempty $present
|
||||
$user = Get-AnsibleParam -obj $params -name "user" -default "$env:USERDOMAIN\$env:USERNAME" -type "str"
|
||||
$password = Get-AnsibleParam -obj $params -name "password" -type "str"
|
||||
$runlevel = Get-AnsibleParam -obj $params -name "runlevel" -default "limited" -type "str" -validateset "limited", "highest"
|
||||
$store_password = Get-AnsibleParam -obj $params -name "store_password" -default $true -type "bool"
|
||||
|
||||
$weekly = $frequency -eq "weekly"
|
||||
$days_of_week = Get-AnsibleParam -obj $params -name "days_of_week" -type "str" -failifempty $weekly
|
||||
|
@ -165,7 +167,23 @@ try {
|
|||
Exit-Json $result
|
||||
}
|
||||
|
||||
$principal = New-ScheduledTaskPrincipal -UserId "$user" -LogonType ServiceAccount
|
||||
# Handle RunAs/RunLevel options for the task
|
||||
|
||||
if ($store_password) {
|
||||
# Specify direct credential and run-level values to add to Register-ScheduledTask
|
||||
$registerRunOptionParams = @{
|
||||
User = $user
|
||||
RunLevel = $runlevel
|
||||
}
|
||||
if ($password) {
|
||||
$registerRunOptionParams.Password = $password
|
||||
}
|
||||
}
|
||||
else {
|
||||
# Create a ScheduledTaskPrincipal for the task to run under
|
||||
$principal = New-ScheduledTaskPrincipal -UserId $user -LogonType S4U -RunLevel $runlevel -Id Author
|
||||
$registerRunOptionParams = @{Principal = $principal}
|
||||
}
|
||||
|
||||
if ($enabled){
|
||||
$settings = New-ScheduledTaskSettingsSet
|
||||
|
@ -186,7 +204,7 @@ try {
|
|||
$pathResults = Invoke-TaskPathCheck -Path $path
|
||||
|
||||
if (-not $check_mode) {
|
||||
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName $name -Description $description -TaskPath $path -Settings $settings -Principal $principal
|
||||
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName $name -Description $description -TaskPath $path -Settings $settings @registerRunOptionParams
|
||||
}
|
||||
|
||||
$result.changed = $true
|
||||
|
@ -200,7 +218,15 @@ try {
|
|||
# Check task path prior to registering
|
||||
$pathResults = Invoke-TaskPathCheck -Path $path
|
||||
|
||||
if ($task.Description -eq $description -and $task.TaskName -eq $name -and $task.TaskPath -eq $path -and $task.Actions.Execute -eq $executable -and $taskState -eq $enabled -and $task.Principal.UserId -eq $user) {
|
||||
if ((!$store_password -and $task.Principal.LogonType -in @("S4U", "ServiceAccount")) -or ($store_password -and $task.Principal.LogonType -notin @("S4U", "Password") -and !$password)) {
|
||||
$passwordStoreConsistent = $true
|
||||
}
|
||||
else {
|
||||
$passwordStoreConsistent = $false
|
||||
}
|
||||
|
||||
if ($task.Description -eq $description -and $task.TaskName -eq $name -and $task.TaskPath -eq $path -and $task.Actions.Execute -eq $executable -and
|
||||
$taskState -eq $enabled -and $task.Principal.UserId -eq $user -and $task.Principal.RunLevel -eq $runlevel -and $passwordStoreConsistent) {
|
||||
# No change in the task
|
||||
$result.msg = "No change in task $name"
|
||||
}
|
||||
|
@ -209,7 +235,7 @@ try {
|
|||
|
||||
if (-not $check_mode) {
|
||||
$oldPathResults = Invoke-TaskPathCheck -Path $task.TaskPath -Remove
|
||||
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName $name -Description $description -TaskPath $path -Settings $settings -Principal $principal
|
||||
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName $name -Description $description -TaskPath $path -Settings $settings @registerRunOptionParams
|
||||
}
|
||||
$result.changed = $true
|
||||
$result.msg = "Updated task $name"
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue