Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Task 1.2.4 - Failed to import secedit.ini #107

Open
kpi-nourman opened this issue Dec 16, 2024 · 12 comments
Open

Task 1.2.4 - Failed to import secedit.ini #107

kpi-nourman opened this issue Dec 16, 2024 · 12 comments
Assignees
@MrSteve81
Labels
bug Something isn't working

Comments

@kpi-nourman
Copy link

kpi-nourman commented Dec 16, 2024
edited
Loading

Describe the Issue
Task 1.2.4 | PATCH | Ensure Reset account lockout counter after is set to 15 or more minutes. | Set Variable.]
fatal failed in below:
\tProcess Security Policy area\nThe parameter is incorrect.\n\nThe task has completed with an error.
"msg": "Failed to import secedit.ini file from C:\Users\nourman\AppData\Local\Temp\tmpE9FC.tmp",

Expected Behavior
pass that task

Actual Behavior
Ansible Failed to import secedit.ini file

Control(s) Affected
Rule 1.2.4

Environment (please complete the following information):

  • branch being used: devel
  • Ansible Version: Ansible Automation Platform 2.4
  • Host Python Version:
  • Ansible Server Python Version:
  • Additional Details:

Additional Notes
Anything additional goes here

Possible Solution
resolution to solved this
@kpi-nourman kpi-nourman added the bug Something isn't working label Dec 16, 2024
@MrSteve81 MrSteve81 self-assigned this Dec 23, 2024
@MrSteve81
Copy link
Contributor

@kpi-nourman please provide as well what version of Windows you are using and how you are running it.

For example
in Azure
Locally In Virtualbox or another VM
Bare Metal
Etc.

We are working through a number of issues around this and we have only been able to test locally and on Azure. There have been ways with the order of controls that have been causing issues between local and cloud based, but I fear there is more logic we will have to build in.

@kpi-nourman
Copy link
Author

kpi-nourman commented Dec 24, 2024
edited
Loading

@kpi-nourman please provide as well what version of Windows you are using and how you are running it.

For example in Azure Locally In Virtualbox or another VM Bare Metal Etc.

We are working through a number of issues around this and we have only been able to test locally and on Azure. There have been ways with the order of controls that have been causing issues between local and cloud based, but I fear there is more logic we will have to build in.

running using Windows Server 2019 Standard run on VM using VMware vSphere with Windows Version 1809, 10.0.17763 Build 17763

@MrSteve81
Copy link
Contributor

MrSteve81 commented Dec 24, 2024
edited
Loading

@kpi-nourman

Ok seems that the common issue I am seeing now is that it is VSphere. In this case the order of how it is being applied is the issue. We saw that this is the case of azure vs local. Is it possible to get additional information for me using Ansible facts. I am wondering how Ansible is recognizing vsphere. The facts I am interested in are

ansible_virtualization_type

After this we will need to figure out the proper order of applying things. Also I need to know if the order it is running is the standard section 1 or it's trying to apply the cloud section one yaml.

There are two unique orders depending on the type of system.

Also check this link out as well we are seeing a similar issue in 2022

ansible-lockdown/Windows-2022-CIS#49 (comment)

@animatco
Copy link

gather_facts for 2019, 2022, 2025 for vSphere nodes
LWTST2025 | SUCCESS => {
"ansible_facts": {
"ansible_architecture": "64-bit",
"ansible_architecture2": "x86_64",
"ansible_bios_date": "06/25/2021",
"ansible_bios_version": "VMW71.00V.18227214.B64.2106252220",
"ansible_date_time": {
"date": "2024-12-26",
"day": "26",
"epoch": "1735227232.27351",
"epoch_int": 1735227232,
"epoch_local": "1735205632.27351",
"hour": "09",
"iso8601": "2024-12-26T15:33:52Z",
"iso8601_basic": "20241226T093352273506",
"iso8601_basic_short": "20241226T093352",
"iso8601_micro": "2024-12-26T15:33:52.273506Z",
"minute": "33",
"month": "12",
"second": "52",
"time": "09:33:52",
"tz": "Central Standard Time",
"tz_offset": "-06:00",
"weekday": "Thursday",
"weekday_number": "4",
"weeknumber": "51",
"year": "2024"
},
"ansible_distribution": "Microsoft Windows Server 2025 Standard",
"ansible_distribution_major_version": "10",
"ansible_distribution_version": "10.0.26334.0",
"ansible_domain": "Akuna.Mhata.org",
"ansible_env": {
"ALLUSERSPROFILE": "C:\ProgramData",
"APPDATA": "C:\Users\KING\AppData\Roaming",
"COMPUTERNAME": "LWTST2025",
"ComSpec": "C:\WINDOWS\system32\cmd.exe",
"CommonProgramFiles": "C:\Program Files\Common Files",
"CommonProgramFiles(x86)": "C:\Program Files (x86)\Common Files",
"CommonProgramW6432": "C:\Program Files\Common Files",
"DriverData": "C:\Windows\System32\Drivers\DriverData",
"LOCALAPPDATA": "C:\Users\KING\AppData\Local",
"NUMBER_OF_PROCESSORS": "4",
"OS": "Windows_NT",
"PATHEXT": ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL",
"PROCESSOR_ARCHITECTURE": "AMD64",
"PROCESSOR_IDENTIFIER": "Intel64 Family 6 Model 63 Stepping 0, GenuineIntel",
"PROCESSOR_LEVEL": "6",
"PROCESSOR_REVISION": "3f00",
"PROMPT": "$P$G",
"PSExecutionPolicyPreference": "Unrestricted",
"PSModulePath": "C:\Users\KING\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules",
"PUBLIC": "C:\Users\Public",
"Path": "C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\WindowsPowerShell\Scripts;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\KING\AppData\Local\Microsoft\WindowsApps",
"ProgramData": "C:\ProgramData",
"ProgramFiles": "C:\Program Files",
"ProgramFiles(x86)": "C:\Program Files (x86)",
"ProgramW6432": "C:\Program Files",
"SystemDrive": "C:",
"SystemRoot": "C:\WINDOWS",
"TEMP": "C:\Users\KING\AppData\Local\Temp",
"TMP": "C:\Users\KING\AppData\Local\Temp",
"USERDOMAIN": "LWTST2025",
"USERNAME": "KING",
"USERPROFILE": "C:\Users\KING",
"windir": "C:\WINDOWS"
},
"ansible_fqdn": "LWTST2025.Akuna.Mhata.org",
"ansible_hostname": "LWTST2025",
"ansible_interfaces": [
{
"connection_name": "Ethernet0",
"default_gateway": "192.168.1.1",
"dns_domain": "Akuna.Mhata.org",
"interface_index": 5,
"interface_name": "vmxnet3 Ethernet Adapter",
"ipv4": {
"address": "192.168.1.252",
"prefix": "22"
},
"ipv6": {
"address": "fe80::d51e:6f47:5aed:b663%5",
"prefix": "64"
},
"macaddress": "00:50:56:A5:7A:01",
"mtu": 1500,
"speed": 10000
}
],
"ansible_ip_addresses": [
"fe80::d51e:6f47:5aed:b663%5",
"192.168.1.252"
],
"ansible_kernel": "10.0.26334.0",
"ansible_lastboot": "2024-12-09 03:12:00Z",
"ansible_machine_id": "S-1-5-21-1756165062-2337078823-3160586835",
"ansible_memfree_mb": 11384,
"ansible_memtotal_mb": 16384,
"ansible_netbios_name": "LWTST2025",
"ansible_nodename": "LWTST2025.Akuna.Mhata.org",
"ansible_os_family": "Windows",
"ansible_os_installation_type": "Server",
"ansible_os_name": "Microsoft Windows Server 2025 Standard",
"ansible_os_product_type": "server",
"ansible_owner_contact": "",
"ansible_owner_name": "Administrator",
"ansible_pagefilefree_mb": 2145,
"ansible_pagefiletotal_mb": 2432,
"ansible_powershell_version": 5,
"ansible_processor": [
"0",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6242R CPU @ 3.10GHz",
"1",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6242R CPU @ 3.10GHz",
"2",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6242R CPU @ 3.10GHz",
"3",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6242R CPU @ 3.10GHz"
],
"ansible_processor_cores": 1,
"ansible_processor_count": 4,
"ansible_processor_threads_per_core": 1,
"ansible_processor_vcpus": 4,
"ansible_product_name": "VMware7,1",
"ansible_product_serial": "VMware-42 25 b3 38 8e 5a 34 82-a1 51 aa a6 ee eb e5 fd",
"ansible_reboot_pending": true,
"ansible_swaptotal_mb": 0,
"ansible_system": "Win32NT",
"ansible_system_description": "",
"ansible_system_vendor": "VMware, Inc.",
"ansible_uptime_seconds": 1491713,
"ansible_user_dir": "C:\Users\KING",
"ansible_user_gecos": "",
"ansible_user_id": "KING",
"ansible_user_sid": "S-1-5-21-1756165062-2337078823-3160586835-1000",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "VMware",
"ansible_win_rm_certificate_expires": "2025-07-07 12:41:16",
"ansible_win_rm_certificate_thumbprint": "57521A54FF86C2449C26C8024480A6C2DBAEB9CD",
"ansible_windows_domain": "Akuna.Mhata.org",
"ansible_windows_domain_member": true,
"ansible_windows_domain_role": "Member server",
"gather_subset": [
"all"
],
"module_setup": true
},
"changed": false
}
lwtst2019 | SUCCESS => {
"ansible_facts": {
"ansible_architecture": "64-bit",
"ansible_architecture2": "x86_64",
"ansible_bios_date": "01/11/2023",
"ansible_bios_version": "VMW71.00V.21100432.B64.2301110304",
"ansible_date_time": {
"date": "2024-12-26",
"day": "26",
"epoch": "1735227232.44505",
"epoch_int": 1735227232,
"epoch_local": "1735209232.44505",
"hour": "10",
"iso8601": "2024-12-26T15:33:52Z",
"iso8601_basic": "20241226T103352445045",
"iso8601_basic_short": "20241226T103352",
"iso8601_micro": "2024-12-26T15:33:52.445045Z",
"minute": "33",
"month": "12",
"second": "52",
"time": "10:33:52",
"tz": "Eastern Standard Time",
"tz_offset": "-05:00",
"weekday": "Thursday",
"weekday_number": "4",
"weeknumber": "51",
"year": "2024"
},
"ansible_distribution": "Microsoft Windows Server 2019 Standard",
"ansible_distribution_major_version": "10",
"ansible_distribution_version": "10.0.17763.0",
"ansible_domain": "Akuna.Mhata.org",
"ansible_env": {
"ALLUSERSPROFILE": "C:\ProgramData",
"APPDATA": "C:\Users\KING\AppData\Roaming",
"COMPUTERNAME": "lwtst2019",
"ComSpec": "C:\Windows\system32\cmd.exe",
"CommonProgramFiles": "C:\Program Files\Common Files",
"CommonProgramFiles(x86)": "C:\Program Files (x86)\Common Files",
"CommonProgramW6432": "C:\Program Files\Common Files",
"DriverData": "C:\Windows\System32\Drivers\DriverData",
"LOCALAPPDATA": "C:\Users\KING\AppData\Local",
"NUMBER_OF_PROCESSORS": "4",
"OS": "Windows_NT",
"PATHEXT": ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL",
"POWERSHELL_DISTRIBUTION_CHANNEL": "MSI:Windows Server 2019 Standard",
"PROCESSOR_ARCHITECTURE": "AMD64",
"PROCESSOR_IDENTIFIER": "Intel64 Family 6 Model 85 Stepping 7, GenuineIntel",
"PROCESSOR_LEVEL": "6",
"PROCESSOR_REVISION": "5507",
"PROMPT": "$P$G",
"PSExecutionPolicyPreference": "Unrestricted",
"PSModulePath": "C:\Users\KING\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules",
"PUBLIC": "C:\Users\Public",
"Path": "C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\PowerShell\7\;C:\Users\KING\AppData\Local\Microsoft\WindowsApps",
"ProgramData": "C:\ProgramData",
"ProgramFiles": "C:\Program Files",
"ProgramFiles(x86)": "C:\Program Files (x86)",
"ProgramW6432": "C:\Program Files",
"SystemDrive": "C:",
"SystemRoot": "C:\Windows",
"TEMP": "C:\Users\KING\AppData\Local\Temp",
"TMP": "C:\Users\KING\AppData\Local\Temp",
"USERDOMAIN": "lwtst2019",
"USERNAME": "KING",
"USERPROFILE": "C:\Users\KING",
"windir": "C:\Windows"
},
"ansible_fqdn": "lwtst2019.Akuna.Mhata.org",
"ansible_hostname": "lwtst2019",
"ansible_interfaces": [
{
"connection_name": "Ethernet0",
"default_gateway": "192.168.1.1",
"dns_domain": null,
"interface_index": 5,
"interface_name": "vmxnet3 Ethernet Adapter",
"ipv4": {
"address": "192.168.1.250",
"prefix": "22"
},
"ipv6": {},
"macaddress": "00:50:56:88:54:51",
"mtu": 1500,
"speed": 10000
}
],
"ansible_ip_addresses": [
"192.168.1.25022"
],
"ansible_kernel": "10.0.17763.0",
"ansible_lastboot": "2024-11-08 17:42:02Z",
"ansible_machine_id": "S-1-5-21-3292981187-2166132357-1355570727",
"ansible_memfree_mb": 3205,
"ansible_memtotal_mb": 8192,
"ansible_netbios_name": "lwtst2019",
"ansible_nodename": "lwtst2019.Akuna.Mhata.org",
"ansible_os_family": "Windows",
"ansible_os_installation_type": "Server",
"ansible_os_name": "Microsoft Windows Server 2019 Standard",
"ansible_os_product_type": "server",
"ansible_owner_contact": "",
"ansible_owner_name": "Administrator",
"ansible_pagefilefree_mb": 1129,
"ansible_pagefiletotal_mb": 1280,
"ansible_powershell_version": 5,
"ansible_processor": [
"0",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6248 CPU @ 2.50GHz",
"1",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6248 CPU @ 2.50GHz",
"2",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6248 CPU @ 2.50GHz",
"3",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6248 CPU @ 2.50GHz"
],
"ansible_processor_cores": 1,
"ansible_processor_count": 4,
"ansible_processor_threads_per_core": 1,
"ansible_processor_vcpus": 4,
"ansible_product_name": "VMware7,1",
"ansible_product_serial": "VMware-42 08 da ce 05 5a a8 9c-58 8d 0c 33 f7 78 d8 3e",
"ansible_reboot_pending": true,
"ansible_swaptotal_mb": 0,
"ansible_system": "Win32NT",
"ansible_system_description": "",
"ansible_system_vendor": "VMware, Inc.",
"ansible_uptime_seconds": 4121510,
"ansible_user_dir": "C:\Users\KING",
"ansible_user_gecos": "",
"ansible_user_id": "KING",
"ansible_user_sid": "S-1-5-21-3292981187-2166132357-1355570727-1000",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "VMware",
"ansible_win_rm_certificate_expires": "2025-06-12 10:27:41",
"ansible_win_rm_certificate_thumbprint": "3A63D1E9A61A002FBE858C66E5775BF981844091",
"ansible_windows_domain": "Akuna.Mhata.org",
"ansible_windows_domain_member": true,
"ansible_windows_domain_role": "Member server",
"gather_subset": [
"all"
],
"module_setup": true
},
"changed": false
}
LWTST2022 | SUCCESS => {
"ansible_facts": {
"ansible_architecture": "64-bit",
"ansible_architecture2": "x86_64",
"ansible_bios_date": "08/19/2024",
"ansible_bios_version": "VMW71.00V.24224532.B64.2408191458",
"ansible_date_time": {
"date": "2024-12-26",
"day": "26",
"epoch": "1735227232.31225",
"epoch_int": 1735227232,
"epoch_local": "1735205632.31225",
"hour": "09",
"iso8601": "2024-12-26T15:33:52Z",
"iso8601_basic": "20241226T093352312245",
"iso8601_basic_short": "20241226T093352",
"iso8601_micro": "2024-12-26T15:33:52.312245Z",
"minute": "33",
"month": "12",
"second": "52",
"time": "09:33:52",
"tz": "Central Standard Time",
"tz_offset": "-06:00",
"weekday": "Thursday",
"weekday_number": "4",
"weeknumber": "51",
"year": "2024"
},
"ansible_distribution": "Microsoft Windows Server 2022 Standard",
"ansible_distribution_major_version": "10",
"ansible_distribution_version": "10.0.20348.0",
"ansible_domain": "Akuna.Mhata.org",
"ansible_env": {
"ALLUSERSPROFILE": "C:\ProgramData",
"APPDATA": "C:\Users\KING\AppData\Roaming",
"COMPUTERNAME": "LWTST2022",
"ComSpec": "C:\Windows\system32\cmd.exe",
"CommonProgramFiles": "C:\Program Files\Common Files",
"CommonProgramFiles(x86)": "C:\Program Files (x86)\Common Files",
"CommonProgramW6432": "C:\Program Files\Common Files",
"DriverData": "C:\Windows\System32\Drivers\DriverData",
"LOCALAPPDATA": "C:\Users\KING\AppData\Local",
"NODE_PATH": "D:\Program Files\SQL Anywhere 17\Node",
"NUMBER_OF_PROCESSORS": "8",
"OPENSSL_CONF": "C:\OpenSSL-Win32\bin\openssl.cfg",
"OS": "Windows_NT",
"PATHEXT": ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL",
"POWERSHELL_DISTRIBUTION_CHANNEL": "MSI:Windows Server 2022 Standard",
"PROCESSOR_ARCHITECTURE": "AMD64",
"PROCESSOR_IDENTIFIER": "Intel64 Family 6 Model 79 Stepping 0, GenuineIntel",
"PROCESSOR_LEVEL": "6",
"PROCESSOR_REVISION": "4f00",
"PROMPT": "$P$G",
"PSExecutionPolicyPreference": "Unrestricted",
"PSModulePath": "C:\Users\KING\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules",
"PUBLIC": "C:\Users\Public",
"Path": "C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\PowerShell\7\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\avs\bin;C:\Program Files\avs\bin32;D:\SQL Anywhere 12\bin64;D:\SQL Anywhere 12\bin32;D:\Program Files\SQL Anywhere 17\bin64;D:\Program Files\SQL Anywhere 17\bin32;D:\PHP64;C:\Users\KING\AppData\Local\Microsoft\WindowsApps",
"ProgramData": "C:\ProgramData",
"ProgramFiles": "C:\Program Files",
"ProgramFiles(x86)": "C:\Program Files (x86)",
"ProgramW6432": "C:\Program Files",
"SQLANY12": "D:\SQL Anywhere 12",
"SQLANY17": "D:\Program Files\SQL Anywhere 17",
"SQLANYSAMP12": "C:\Users\Public\Documents\SQL Anywhere 12\Samples",
"SQLANYSAMP17": "C:\Users\Public\Documents\SQL Anywhere 17\Samples",
"SystemDrive": "C:",
"SystemRoot": "C:\Windows",
"TEMP": "C:\Users\KING\AppData\Local\Temp",
"TMP": "C:\Users\KING\AppData\Local\Temp",
"USERDOMAIN": "LWTST2022",
"USERNAME": "KING",
"USERPROFILE": "C:\Users\KING",
"windir": "C:\Windows"
},
"ansible_fqdn": "LWTST2022.Akuna.Mhata.org",
"ansible_hostname": "LWTST2022",
"ansible_interfaces": [
{
"connection_name": "Ethernet0",
"default_gateway": "192.168.1.1",
"dns_domain": null,
"interface_index": 5,
"interface_name": "vmxnet3 Ethernet Adapter",
"ipv4": {
"address": "192.168.1.240",
"prefix": "23"
},
"ipv6": {},
"macaddress": "00:50:56:A5:82:83",
"mtu": 1500,
"speed": 10000
}
],
"ansible_ip_addresses": [
"192.168.1.240"
],
"ansible_kernel": "10.0.20348.0",
"ansible_lastboot": "2024-12-04 12:29:31Z",
"ansible_machine_id": "S-1-5-21-4218475527-2441478060-1680159493",
"ansible_memfree_mb": 10599,
"ansible_memtotal_mb": 16384,
"ansible_netbios_name": "LWTST2022",
"ansible_nodename": "LWTST2022.Akuna.Mhata.org",
"ansible_os_family": "Windows",
"ansible_os_installation_type": "Server",
"ansible_os_name": "Microsoft Windows Server 2022 Standard",
"ansible_os_product_type": "server",
"ansible_owner_contact": "",
"ansible_owner_name": "Administrator",
"ansible_pagefilefree_mb": 2299,
"ansible_pagefiletotal_mb": 2432,
"ansible_powershell_version": 5,
"ansible_processor": [
"0",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz",
"1",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz",
"2",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz",
"3",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz",
"4",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz",
"5",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz",
"6",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz",
"7",
"GenuineIntel",
"Intel(R) Xeon(R) Gold 6246 CPU @ 3.30GHz"
],
"ansible_processor_cores": 1,
"ansible_processor_count": 8,
"ansible_processor_threads_per_core": 1,
"ansible_processor_vcpus": 8,
"ansible_product_name": "VMware7,1",
"ansible_product_serial": "VMware-42 25 0e f6 e3 a2 55 73-f6 5b da ca 4f e5 38 8c",
"ansible_reboot_pending": true,
"ansible_swaptotal_mb": 0,
"ansible_system": "Win32NT",
"ansible_system_description": "",
"ansible_system_vendor": "VMware, Inc.",
"ansible_uptime_seconds": 1890262,
"ansible_user_dir": "C:\Users\KING",
"ansible_user_gecos": "",
"ansible_user_id": "KING",
"ansible_user_sid": "S-1-5-21-4218475527-2441478060-1680159493-1000",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "VMware",
"ansible_win_rm_certificate_expires": "2027-07-12 17:24:46",
"ansible_win_rm_certificate_thumbprint": "699494C4D734C908D52E9F85330BF0DF1EF4F3B9",
"ansible_windows_domain": "Akuna.Mhata.org",
"ansible_windows_domain_member": true,
"ansible_windows_domain_role": "Member server",
"gather_subset": [
"all"
],
"module_setup": true
},
"changed": false
}

@MrSteve81
Copy link
Contributor

@kpi-nourman @animatco also do
You know when the ansible runs, is it running the order as follows

Cloud style

1.2.2 | PATCH | Ensure Account lockout threshold is set to 5 or fewer invalid logon attempt(s), but not 0.
1.2.1 | PATCH | Ensure Account lockout duration is set to 15 or more minutes
1.2.3 | PATCH | Ensure Allow Administrator account lockout is set to Enabled
1.2.4 | PATCH | Ensure Reset account lockout counter after is set to 15 or more minutes."

Or

Local based System

CONTROL 1.2.2, CONTROL 1.2.4, CONTROL 1.2.1, CONTROL 1.2.3

@MrSteve81
Copy link
Contributor

Also feel Free to msg me on discord if you are in there.

@kpi-nourman
Copy link
Author

kpi-nourman commented Dec 27, 2024
edited
Loading

@kpi-nourman

Ok seems that the common issue I am seeing now is that it is VSphere. In this case the order of how it is being applied is the issue. We saw that this is the case of azure vs local. Is it possible to get additional information for me using Ansible facts. I am wondering how Ansible is recognizing vsphere. The facts I am interested in are

ansible_virtualization_type

After this we will need to figure out the proper order of applying things. Also I need to know if the order it is running is the standard section 1 or it's trying to apply the cloud section one yaml.

There are two unique orders depending on the type of system.

Also check this link out as well we are seeing a similar issue in 2022

ansible-lockdown/Windows-2022-CIS#49 (comment)

hi @MrSteve81
Ansible fact below:

  "ansible_facts": {
    "ansible_ip_addresses": [
      "10.199.199.76"
    ],
    "ansible_windows_domain_role": "Stand-alone server",
    "ansible_architecture2": "x86_64",
    "ansible_win_rm_certificate_thumbprint": "B98151533CECDAEC10B77576AD17B705C02CFF1A",
    "ansible_user_gecos": "",
    "ansible_distribution_major_version": "10",
    "ansible_pagefiletotal_mb": 1920,
    "ansible_os_name": "Microsoft Windows Server 2019 Standard Evaluation",
    "ansible_system_description": "",
    "ansible_machine_id": "S-1-5-21-321307898-38979394-1725219285",
    "ansible_product_serial": "VMware-42 1d d0 8a 48 be ef f2-80 9d 37 1f ad c8 7a 5e",
    "ansible_system_vendor": "VMware, Inc.",
    "gather_subset": [
      "all"
    ],
    "ansible_os_install_date": "2024-12-13T04.32.44Z",
    "ansible_bios_version": "VMW201.00V.23553139.B64.2403260940",
    "ansible_user_id": "nourman",
    "ansible_date_time": {
      "epoch_local": "1735319600,45422",
      "epoch_int": 1735294400,
      "date": "2024-12-27",
      "second": "20",
      "tz": "SE Asia Standard Time",
      "iso8601_micro": "2024-12-27T10.13.20.454223Z",
      "iso8601_basic_short": "20241227T171320",
      "minute": "13",
      "day": "27",
      "weekday": "Friday",
      "iso8601": "2024-12-27T10.13.20Z",
      "tz_offset": "+07:00",
      "iso8601_basic": "20241227T171320454223",
      "epoch": "1735294400,45422",
      "weekday_number": "5",
      "hour": "17",
      "year": "2024",
      "month": "12",
      "time": "17.13.20",
      "weeknumber": "51"
    },
    "ansible_user_dir": "C:\\Users\\nourman",
    "ansible_win_rm_certificate_expires": "2027-12-15 17.19.17",
    "ansible_processor_vcpus": 4,
    "ansible_user_sid": "S-1-5-21-321307898-38979394-1725219285-1000",
    "ansible_owner_contact": "",
    "ansible_distribution": "Microsoft Windows Server 2019 Standard Evaluation",
    "ansible_processor": [
      "0",
      "GenuineIntel",
      "Intel(R) Xeon(R) CPU E5-2698 v4 @ 2.20GHz",
      "1",
      "GenuineIntel",
      "Intel(R) Xeon(R) CPU E5-2698 v4 @ 2.20GHz",
      "2",
      "GenuineIntel",
      "Intel(R) Xeon(R) CPU E5-2698 v4 @ 2.20GHz",
      "3",
      "GenuineIntel",
      "Intel(R) Xeon(R) CPU E5-2698 v4 @ 2.20GHz"
    ],
    "ansible_powershell_version": 5,
    "ansible_uptime_seconds": 373,
    "module_setup": true,
    "ansible_interfaces": [
      {
        "dns_domain": null,
        "connection_name": "Ethernet0",
        "default_gateway": "10.199.199.250",
        "mtu": 1500,
        "interface_name": "Intel(R) 82574L Gigabit Network Connection",
        "ipv6": {},
        "macaddress": "00:50:56:9D:CD:2A",
        "speed": 1000,
        "interface_index": 5,
        "ipv4": {
          "address": "10.199.199.76",
          "prefix": "24"
        }
      }
    ],
    "ansible_distribution_version": "10.0.17763.0",
    "ansible_windows_domain_member": false,
    "ansible_swaptotal_mb": 0,
    "ansible_hostname": "windows-test02",
    "ansible_virtualization_role": "NA",
    "ansible_memfree_mb": 6884,
    "ansible_processor_count": 4,
    "ansible_os_product_type": "server",
    "ansible_netbios_name": "WINDOWS-TEST02",
    "ansible_product_name": "VMware20,1",
    "ansible_virtualization_type": "NA",
    "ansible_os_installation_type": "Server",
    "ansible_lastboot": "2024-12-27 17:07:10Z",
    "ansible_architecture": "64-bit",
    "ansible_bios_date": "03/26/2024",
    "ansible_processor_cores": 4,
    "ansible_fqdn": "windows-test02",
    "ansible_domain": "",
    "ansible_memtotal_mb": 8192,
    "ansible_kernel": "10.0.17763.0",
    "ansible_pagefilefree_mb": 1920,
    "ansible_nodename": "windows-test02",
    "ansible_os_family": "Windows",
    "ansible_processor_threads_per_core": 1,
    "ansible_owner_name": "Windows User",
    "ansible_windows_domain": "WORKGROUP",
    "ansible_reboot_pending": false,
    "ansible_system": "Win32NT"
  },
  "warnings": [],
  "deprecations": [],
  "_ansible_verbose_override": true,
  "_ansible_no_log": false,
  "changed": false
}

@kpi-nourman
Copy link
Author

kpi-nourman commented Dec 27, 2024
edited
Loading

@kpi-nourman @animatco also do You know when the ansible runs, is it running the order as follows

Cloud style

1.2.2 | PATCH | Ensure Account lockout threshold is set to 5 or fewer invalid logon attempt(s), but not 0. 1.2.1 | PATCH | Ensure Account lockout duration is set to 15 or more minutes 1.2.3 | PATCH | Ensure Allow Administrator account lockout is set to Enabled 1.2.4 | PATCH | Ensure Reset account lockout counter after is set to 15 or more minutes."

Or

Local based System

CONTROL 1.2.2, CONTROL 1.2.4, CONTROL 1.2.1, CONTROL 1.2.3

Yes, in my output, run control 1.2.2 the task is ok, after that run control 1.2.4 the task fatal then playbook stopped.

TASK [roles/Windows-2019-CIS-devel : 1.2.2 | PATCH | Ensure Account lockout threshold is set to 5 or fewer invalid logon attempt(s), but not 0. | Set Variable.] ***
task path: /runner/project/roles/Windows-2019-CIS-devel/tasks/section01.yml:207
ok: [windows-test02] => {"changed": false, "key": "LockoutBadCount", "section": "System Access", "value": 5}

TASK [roles/Windows-2019-CIS-devel : 1.2.4 | PATCH | Ensure Reset account lockout counter after is set to 15 or more minutes. | Set Variable.] ***
task path: /runner/project/roles/Windows-2019-CIS-devel/tasks/section01.yml:245
fatal: [windows-test02]: FAILED! => {"changed": true, "import_log": "Completed 1 percent (0/63) \tProcess Privilege Rights area        \n\nCompleted 3 percent (1/63) \tProcess Privilege Rights area        \n\nCompleted 4 percent (2/63) \tProcess Privilege Rights area        \n\nCompleted 6 percent (3/63) \tProcess Privilege Rights area        \n\nCompleted 7 percent (4/63) \tProcess Privilege Rights area        \n\nCompleted 9 percent (5/63) \tProcess Privilege Rights area        \n\nCompleted 11 percent (6/63) \tProcess Privilege Rights area        \n\nCompleted 12 percent (7/63) \tProcess Privilege Rights area        \n\nCompleted 14 percent (8/63) \tProcess Privilege Rights area        \n\nCompleted 15 percent (9/63) \tProcess Privilege Rights area        \n\nCompleted 17 percent (10/63) \tProcess Privilege Rights area        \n\nCompleted 19 percent (11/63) \tProcess Privilege Rights area        \n\nCompleted 20 percent (12/63) \tProcess Privilege Rights area        \n\nCompleted 25 percent (15/63…
PLAY RECAP *********************************************************************
windows-test02             : ok=20   changed=0    unreachable=0    failed=1    skipped=27   rescued=0    ignored=0

@MrSteve81
Copy link
Contributor

I have pushed a update to dec24_updates repo could you please test this and let me know if it works. I am also going to push it to 2022 shortly. @animatco

@animatco
Copy link

animatco commented Jan 3, 2025

So we tested again on both a 2019 and 2022 Windows Server on vSphere. They failed at the 1.2.1 section, when we manually modified the prelim.

  • name: Set Fact If Cloud-Based System.
    ansible.builtin.set_fact:
    win22cis_cloud_based_system: true

to be:

  • name: Set Fact If Cloud-Based System.
    ansible.builtin.set_fact:
    win22cis_cloud_based_system: false

doing that allowed the code to continue.

@animatco
Copy link

animatco commented Jan 3, 2025

additional information from gather facts:
Azure:
"ansible_system_vendor": "Microsoft Corporation",
"ansible_virtualization_role": "guest",
"ansible_virtualization_tech_guest": [
"VirtualPC"
],
"ansible_virtualization_tech_host": [
"kvm"
],
"ansible_virtualization_type": "VirtualPC",

Google:
"ansible_system_vendor": "Google",
"ansible_virtualization_role": "guest",
"ansible_virtualization_tech_guest": [
"kvm"
],
"ansible_virtualization_tech_host": [],
"ansible_virtualization_type": "kvm",

vSphere:
"ansible_system_vendor": "VMware, Inc.",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "VMware",

Hyper-V:
"ansible_system_vendor": "Microsoft Corporation",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "Hyper-V",

@animatco
Copy link

animatco commented Jan 6, 2025

Just to let you know the latest update resolved the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MrSteve81 MrSteve81

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@animatco @MrSteve81 @kpi-nourman