--- - name: Windows-Add or update registry path Dnscache, with dword entry 'Type', and containing 0x00000020 as the hex value win_regedit: path: HKLM:\SYSTEM\CurrentControlSet\services\Dnscache name: Type data: 0x00000020 type: dword - name: Windows-Checking to see if Crowdstrike is already installed win_shell: | Get-Service -Name "CSFalconService" register: crowd_installed changed_when: false ignore_errors: true - name: Windows-Check if services are installed and running win_service: name: "{{ item }}" state: started with_items: - nsi - BFE - Power - lmhosts - WinHttpAutoProxySvc - Dhcp when: crowd_installed is failed - name: Windows-Disable IE enhanced security win_shell: 'Set-ItemProperty -Path "{{ Emplacement_Clef_Securite }}{{ item.Clef }}" -Name IsInstalled -Value 0' with_items: - { Clef: "{{ Clef_Securite_Admin }}" } - { Clef: "{{ Clef_Securite_Users }}" } vars: Emplacement_Clef_Securite: 'HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\' Clef_Securite_Admin: '{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}' Clef_Securite_Users: '{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}' when: crowd_installed is failed ignore_errors: yes #Keep ignore for non server OS - name: Windows-Add Windows Defender exclusions win_shell: Add-MpPreference -{{ item.ExclusionType }} "{{ item.valeur }}" with_items: - { ExclusionType: ExclusionPath, valeur: 'D:\' } - { ExclusionType: ExclusionPath, valeur: 'C:\ProgramData\' } - { ExclusionType: ExclusionPath, valeur: 'C:\Users\' } - { ExclusionType: ExclusionExtension, valeur: '.exe' } when: crowd_installed is failed - name: Instal Crowdstrike agent win_package: product_id: '{D339C288-2EEA-49A3-B10F-979FC2715A2C}' path: http://{{ katelloURL }}/pulp/isos/NeXT/Library/custom/Misc/Misc-zip-packages/{{ Crowdstrike_version_win }} arguments: /install /quiet /norestart CID={{ Crowdstrike_cid }} VDI=1 state: present when: crowd_installed is failed register: result retries: 1 until: result is succeeded delay: 15 - name: Windows-Add or update registry with binary entry win_regedit: path: 'HKLM:\SYSTEM\CrowdStrike\{9b03c1d9-3138-44ed-9fae-d9f4c034b88d}\{16e0423f-7058-48c9-a204-725362b67639}' name: Default data: [0x03,0x00,0x00,0x00] type: binary when: crowd_installed is failed - name: Windows-Check if CSFalconService is running win_service: name: CSFalconService state: started when: crowd_installed is failed - name: Windows-Check Crowdstrike obtained ID else fail win_shell: '.\CSDeviceControlSupportTool.exe {{ Crowdstrike_cid }} -c showrules' args: chdir: 'C:\Program Files\CrowdStrike' register: crowd_result failed_when: "'Failed' in crowd_result.stdout" retries: 6 until: crowd_result is succeeded delay: 30 when: crowd_installed is failed - name: 'Windows-Windows defender Exclusions cleanup' win_shell: "{{ item.Command }}" with_items: - { Command: '( Get-MpPreference ).ExclusionPath | foreach { Remove-MpPreference -ExclusionPath $_.ToString()}' } - { Command: '( Get-MpPreference ).ExclusionProcess | foreach { Remove-MpPreference -ExclusionProcess $_.ToString()}' } when: crowd_installed is failed - name: 'Windows-Enable IE enhanced security' win_shell: 'Set-ItemProperty -Path "{{ Emplacement_Clef_Securite }}{{ item.Clef }}" -Name IsInstalled -Value 1' with_items: - { Clef: "{{ Clef_Securite_Admin }}" } - { Clef: "{{ Clef_Securite_Users }}" } when: crowd_installed is failed ignore_errors: yes #Keep ignore for non server OS