added defender disabling gpo, changed print messages in scripts, logging set domain network

3 files changed, 12 insertions, 1 deletions

diff --git a/ansible/roles/dc01/tasks/main.yaml b/ansible/roles/dc01/tasks/main.yaml
index d9b0b40..472c191 100644
--- a/ansible/roles/dc01/tasks/main.yaml
+++ b/ansible/roles/dc01/tasks/main.yaml
@@ -29,6 +29,9 @@
 - name: execute setup-gpo.ps1 as domain admin
   import_tasks: setup_gpo.yaml
 
+- name: execute setup-defender-gpo.ps1 as domain admin
+  import_tasks: setup_defender_gpo.yaml
+
 - name: reboot after gpo setup
   import_tasks: reboot.yaml
 
diff --git a/ansible/roles/dc01/tasks/setup_defender_gpo.yaml b/ansible/roles/dc01/tasks/setup_defender_gpo.yaml
new file mode 100644
index 0000000..56e7809
--- /dev/null
+++ b/ansible/roles/dc01/tasks/setup_defender_gpo.yaml
@@ -0,0 +1,7 @@
+- name: execute setup-defender-gpo.ps1 as domain admin
+  ansible.windows.win_command: powershell.exe -ExecutionPolicy Bypass -File C:\scripts\setup-defender-gpo.ps1 -DomainName "{{ main_domain_name }}"
+  become: yes
+  become_method: runas
+  become_user: "{{ main_domain_name }}\\Administrator"
+  vars:
+    ansible_become_password: "{{ default_win_password }}"
diff --git a/ansible/roles/proxmox_vm/tasks/set_network.yaml b/ansible/roles/proxmox_vm/tasks/set_network.yaml
index da809d5..5420fc2 100644
--- a/ansible/roles/proxmox_vm/tasks/set_network.yaml
+++ b/ansible/roles/proxmox_vm/tasks/set_network.yaml
@@ -1,6 +1,7 @@
 - name: "{{ fqdn }} : (windows) set up static ip address on"
   win_shell: |
-    Start-Transcript -Path C:\set_domain_network_log.txt -Append
+    New-Item -Path C:\Logs -ItemType Directory -Force
+    Start-Transcript -Path C:\Logs\set_domain_network_log.txt -Append
     Get-NetIpAddress -InterfaceAlias 'Ethernet' | Remove-NetIPAddress -Confirm:$false
     New-NetIPAddress -InterfaceAlias 'Ethernet' -IPAddress "{{ ip }}" -PrefixLength 24 -DefaultGateway "{{ gateway }}"
     Set-DnsClientServerAddress -InterfaceAlias 'Ethernet' -ServerAddresses "{{ dns }}"