ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Ansible Agent Option?

    Scheduled Pinned Locked Moved IT Discussion
    ansible
    163 Posts 11 Posters 28.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @Dashrender
      last edited by

      @Dashrender said in Ansible Agent Option?:

      Same goes for user accounts on the machine. Let's assume the user has local admin rights - they create more accounts - I assume that Salt/Ansible have ways to remove those accounts when their refresh period takes place?

      Yes, again very core. These are specifically some of the functions that we expect to use (and most everyone does.) Nothing weird here, just part of the power that state machines intrinsically provide.

      1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender @scottalanmiller
        last edited by

        @scottalanmiller said in Ansible Agent Option?:

        @Obsolesce said in Ansible Agent Option?:

        I get that you want to use it to ensure for example 7-zip is on every device you want to manage. I understand you would do that with SS/Ansible/etc.... normally. But your situation is not the design intentions, even though a specific task you want to do is.

        I don't think that that is true. At least with Salt, this is the intended use case. Laptops aren't a special case, they are a one user local GUI server and should (or can) be treated as such and Salt is engineered ground up for that.

        MDM isn't, it's designed for a one off task, yes, but not the general case. The thing that makes Salt powerful is that it addresses the "universal case" or as close to it as is reasonably possible and doesn't make any special cases or exceptions.

        In user land there are almost always special cases and exceptions - how do you deal with those with Salt?

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Obsolesce
          last edited by

          @Obsolesce said in Ansible Agent Option?:

          @coliver said in Ansible Agent Option?:

          @Obsolesce said in Ansible Agent Option?:

          @scottalanmiller said in Ansible Agent Option?:

          A simple test would be this.... if MDM is the right tool for your laptops, then it would also be the right tool for your servers.

          Servers are not mobile devices.

          Nor are Desktops but it would be nice to manage them with the same tool. Intune comes to mind it will do some state management and is getting better with time...

          Nobody is managing servers with Intune. They are using SaltStack/Ansible/Chef/Puppet/DSC/SCCM for servers. NOT Intune. Also, Intune doesn't even support Server OSs.

          True. And having tried it some time ago, at least then, it was horribly anemic. Just no power. I'm sure it has improved, but even rudimentary RMM platforms had more configuration management for machines.

          1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @scottalanmiller
            last edited by

            @scottalanmiller said in Ansible Agent Option?:

            @Dashrender said in Ansible Agent Option?:

            @scottalanmiller said in Ansible Agent Option?:

            @Obsolesce said in Ansible Agent Option?:

            @coliver said in Ansible Agent Option?:

            @Obsolesce said in Ansible Agent Option?:

            Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

            From an MSP perspective that can get pretty inefficient and heavy.

            Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

            Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

            This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

            DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

            By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

            scottalanmillerS 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @Dashrender
              last edited by

              @Dashrender said in Ansible Agent Option?:

              @scottalanmiller said in Ansible Agent Option?:

              @Obsolesce said in Ansible Agent Option?:

              I get that you want to use it to ensure for example 7-zip is on every device you want to manage. I understand you would do that with SS/Ansible/etc.... normally. But your situation is not the design intentions, even though a specific task you want to do is.

              I don't think that that is true. At least with Salt, this is the intended use case. Laptops aren't a special case, they are a one user local GUI server and should (or can) be treated as such and Salt is engineered ground up for that.

              MDM isn't, it's designed for a one off task, yes, but not the general case. The thing that makes Salt powerful is that it addresses the "universal case" or as close to it as is reasonably possible and doesn't make any special cases or exceptions.

              In user land there are almost always special cases and exceptions - how do you deal with those with Salt?

              That users have unique configuration per user isn't the same as an infrastructure and tooling exception. Infrastructure systems like Salt I want to be uniform = all of IT uses one tool to do all tasks (obviously nothing is truly universal yet.) But the task might be to have unique users, configuration, and packages on every computer. It's a uniform, no exceptions tool, doing a unique task every time, perhaps.

              DashrenderD 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @Dashrender
                last edited by

                @Dashrender said in Ansible Agent Option?:

                @scottalanmiller said in Ansible Agent Option?:

                @Dashrender said in Ansible Agent Option?:

                @scottalanmiller said in Ansible Agent Option?:

                @Obsolesce said in Ansible Agent Option?:

                @coliver said in Ansible Agent Option?:

                @Obsolesce said in Ansible Agent Option?:

                Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                From an MSP perspective that can get pretty inefficient and heavy.

                Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                DashrenderD 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller
                  last edited by

                  One of the goals with Salt, Ansible, or presumably an MDM is to manage the machines without ever needing to log in and touch them.

                  1 Reply Last reply Reply Quote 0
                  • DashrenderD
                    Dashrender @scottalanmiller
                    last edited by

                    @scottalanmiller said in Ansible Agent Option?:

                    @Dashrender said in Ansible Agent Option?:

                    @scottalanmiller said in Ansible Agent Option?:

                    @Obsolesce said in Ansible Agent Option?:

                    I get that you want to use it to ensure for example 7-zip is on every device you want to manage. I understand you would do that with SS/Ansible/etc.... normally. But your situation is not the design intentions, even though a specific task you want to do is.

                    I don't think that that is true. At least with Salt, this is the intended use case. Laptops aren't a special case, they are a one user local GUI server and should (or can) be treated as such and Salt is engineered ground up for that.

                    MDM isn't, it's designed for a one off task, yes, but not the general case. The thing that makes Salt powerful is that it addresses the "universal case" or as close to it as is reasonably possible and doesn't make any special cases or exceptions.

                    In user land there are almost always special cases and exceptions - how do you deal with those with Salt?

                    That users have unique configuration per user isn't the same as an infrastructure and tooling exception. Infrastructure systems like Salt I want to be uniform = all of IT uses one tool to do all tasks (obviously nothing is truly universal yet.) But the task might be to have unique users, configuration, and packages on every computer. It's a uniform, no exceptions tool, doing a unique task every time, perhaps.

                    OK I guess I see that.

                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @Dashrender
                      last edited by

                      @Dashrender said in Ansible Agent Option?:

                      @scottalanmiller said in Ansible Agent Option?:

                      @Dashrender said in Ansible Agent Option?:

                      @scottalanmiller said in Ansible Agent Option?:

                      @Obsolesce said in Ansible Agent Option?:

                      I get that you want to use it to ensure for example 7-zip is on every device you want to manage. I understand you would do that with SS/Ansible/etc.... normally. But your situation is not the design intentions, even though a specific task you want to do is.

                      I don't think that that is true. At least with Salt, this is the intended use case. Laptops aren't a special case, they are a one user local GUI server and should (or can) be treated as such and Salt is engineered ground up for that.

                      MDM isn't, it's designed for a one off task, yes, but not the general case. The thing that makes Salt powerful is that it addresses the "universal case" or as close to it as is reasonably possible and doesn't make any special cases or exceptions.

                      In user land there are almost always special cases and exceptions - how do you deal with those with Salt?

                      That users have unique configuration per user isn't the same as an infrastructure and tooling exception. Infrastructure systems like Salt I want to be uniform = all of IT uses one tool to do all tasks (obviously nothing is truly universal yet.) But the task might be to have unique users, configuration, and packages on every computer. It's a uniform, no exceptions tool, doing a unique task every time, perhaps.

                      OK I guess I see that.

                      One hammer, one kind of nail, but you can build many different houses.

                      1 Reply Last reply Reply Quote 0
                      • DashrenderD
                        Dashrender @scottalanmiller
                        last edited by

                        @scottalanmiller said in Ansible Agent Option?:

                        @Dashrender said in Ansible Agent Option?:

                        @scottalanmiller said in Ansible Agent Option?:

                        @Dashrender said in Ansible Agent Option?:

                        @scottalanmiller said in Ansible Agent Option?:

                        @Obsolesce said in Ansible Agent Option?:

                        @coliver said in Ansible Agent Option?:

                        @Obsolesce said in Ansible Agent Option?:

                        Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                        From an MSP perspective that can get pretty inefficient and heavy.

                        Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                        Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                        This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                        DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                        By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                        That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                        Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                        DustinB3403D JaredBuschJ 2 Replies Last reply Reply Quote 0
                        • DustinB3403D
                          DustinB3403 @Dashrender
                          last edited by

                          @Dashrender said in Ansible Agent Option?:

                          @scottalanmiller said in Ansible Agent Option?:

                          @Dashrender said in Ansible Agent Option?:

                          @scottalanmiller said in Ansible Agent Option?:

                          @Dashrender said in Ansible Agent Option?:

                          @scottalanmiller said in Ansible Agent Option?:

                          @Obsolesce said in Ansible Agent Option?:

                          @coliver said in Ansible Agent Option?:

                          @Obsolesce said in Ansible Agent Option?:

                          Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                          From an MSP perspective that can get pretty inefficient and heavy.

                          Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                          Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                          This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                          DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                          By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                          That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                          Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                          That sounds completely normal to me. Literally daily activity and doesn't at all sound extreme or abnormal.

                          DashrenderD 1 Reply Last reply Reply Quote 2
                          • DashrenderD
                            Dashrender @DustinB3403
                            last edited by

                            @DustinB3403 said in Ansible Agent Option?:

                            @Dashrender said in Ansible Agent Option?:

                            @scottalanmiller said in Ansible Agent Option?:

                            @Dashrender said in Ansible Agent Option?:

                            @scottalanmiller said in Ansible Agent Option?:

                            @Dashrender said in Ansible Agent Option?:

                            @scottalanmiller said in Ansible Agent Option?:

                            @Obsolesce said in Ansible Agent Option?:

                            @coliver said in Ansible Agent Option?:

                            @Obsolesce said in Ansible Agent Option?:

                            Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                            From an MSP perspective that can get pretty inefficient and heavy.

                            Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                            Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                            This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                            DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                            By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                            That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                            Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                            That sounds completely normal to me. Literally daily activity and doesn't at all sound extreme or abnormal.

                            You have people who want different settings, new mapped drives, etc daily? I definitely don't... maybe it's a matter of company size.

                            I think the last 'new' software I deployed was Citrix-workspace.

                            DustinB3403D scottalanmillerS 2 Replies Last reply Reply Quote 0
                            • DustinB3403D
                              DustinB3403 @Dashrender
                              last edited by

                              @Dashrender said in Ansible Agent Option?:

                              @DustinB3403 said in Ansible Agent Option?:

                              @Dashrender said in Ansible Agent Option?:

                              @scottalanmiller said in Ansible Agent Option?:

                              @Dashrender said in Ansible Agent Option?:

                              @scottalanmiller said in Ansible Agent Option?:

                              @Dashrender said in Ansible Agent Option?:

                              @scottalanmiller said in Ansible Agent Option?:

                              @Obsolesce said in Ansible Agent Option?:

                              @coliver said in Ansible Agent Option?:

                              @Obsolesce said in Ansible Agent Option?:

                              Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                              From an MSP perspective that can get pretty inefficient and heavy.

                              Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                              Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                              This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                              DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                              By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                              That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                              Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                              That sounds completely normal to me. Literally daily activity and doesn't at all sound extreme or abnormal.

                              You have people who want different settings, new mapped drives, etc daily? I definitely don't... maybe it's a matter of company size.

                              I think the last 'new' software I deployed was Citrix-workspace.

                              I have people who need things changed daily, yes.

                              DashrenderD 1 Reply Last reply Reply Quote 0
                              • DashrenderD
                                Dashrender @DustinB3403
                                last edited by Dashrender

                                @DustinB3403 said in Ansible Agent Option?:

                                @Dashrender said in Ansible Agent Option?:

                                @DustinB3403 said in Ansible Agent Option?:

                                @Dashrender said in Ansible Agent Option?:

                                @scottalanmiller said in Ansible Agent Option?:

                                @Dashrender said in Ansible Agent Option?:

                                @scottalanmiller said in Ansible Agent Option?:

                                @Dashrender said in Ansible Agent Option?:

                                @scottalanmiller said in Ansible Agent Option?:

                                @Obsolesce said in Ansible Agent Option?:

                                @coliver said in Ansible Agent Option?:

                                @Obsolesce said in Ansible Agent Option?:

                                Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                                From an MSP perspective that can get pretty inefficient and heavy.

                                Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                                Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                                This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                                DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                                By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                                That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                                Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                                That sounds completely normal to me. Literally daily activity and doesn't at all sound extreme or abnormal.

                                You have people who want different settings, new mapped drives, etc daily? I definitely don't... maybe it's a matter of company size.

                                I think the last 'new' software I deployed was Citrix-workspace.

                                I have people who need things changed daily, yes.

                                I suppose that fact itself has little or nothing to do with the actual tool discussion though. You could just as easily use GP to push those changes if needed, or any of thousands of other tools. My bad for tangenting from Scott's comment.

                                DustinB3403D scottalanmillerS 2 Replies Last reply Reply Quote 0
                                • DustinB3403D
                                  DustinB3403 @Dashrender
                                  last edited by

                                  @Dashrender said in Ansible Agent Option?:

                                  @DustinB3403 said in Ansible Agent Option?:

                                  @Dashrender said in Ansible Agent Option?:

                                  @DustinB3403 said in Ansible Agent Option?:

                                  @Dashrender said in Ansible Agent Option?:

                                  @scottalanmiller said in Ansible Agent Option?:

                                  @Dashrender said in Ansible Agent Option?:

                                  @scottalanmiller said in Ansible Agent Option?:

                                  @Dashrender said in Ansible Agent Option?:

                                  @scottalanmiller said in Ansible Agent Option?:

                                  @Obsolesce said in Ansible Agent Option?:

                                  @coliver said in Ansible Agent Option?:

                                  @Obsolesce said in Ansible Agent Option?:

                                  Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                                  From an MSP perspective that can get pretty inefficient and heavy.

                                  Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                                  Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                                  This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                                  DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                                  By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                                  That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                                  Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                                  That sounds completely normal to me. Literally daily activity and doesn't at all sound extreme or abnormal.

                                  You have people who want different settings, new mapped drives, etc daily? I definitely don't... maybe it's a matter of company size.

                                  I think the last 'new' software I deployed was Citrix-workspace.

                                  I have people who need things changed daily, yes.

                                  I suppose that fact itself has little or nothing to do with the actual tool discussion though. You could just as easily use GP to push those changes if needed, or any of thousands of other tools. My bad for tangenting from Scott's comment.

                                  On MAC GPO doesn't apply.

                                  DashrenderD 1 Reply Last reply Reply Quote 0
                                  • DashrenderD
                                    Dashrender @DustinB3403
                                    last edited by

                                    @DustinB3403 said in Ansible Agent Option?:

                                    @Dashrender said in Ansible Agent Option?:

                                    @DustinB3403 said in Ansible Agent Option?:

                                    @Dashrender said in Ansible Agent Option?:

                                    @DustinB3403 said in Ansible Agent Option?:

                                    @Dashrender said in Ansible Agent Option?:

                                    @scottalanmiller said in Ansible Agent Option?:

                                    @Dashrender said in Ansible Agent Option?:

                                    @scottalanmiller said in Ansible Agent Option?:

                                    @Dashrender said in Ansible Agent Option?:

                                    @scottalanmiller said in Ansible Agent Option?:

                                    @Obsolesce said in Ansible Agent Option?:

                                    @coliver said in Ansible Agent Option?:

                                    @Obsolesce said in Ansible Agent Option?:

                                    Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                                    From an MSP perspective that can get pretty inefficient and heavy.

                                    Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                                    Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                                    This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                                    DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                                    By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                                    That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                                    Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                                    That sounds completely normal to me. Literally daily activity and doesn't at all sound extreme or abnormal.

                                    You have people who want different settings, new mapped drives, etc daily? I definitely don't... maybe it's a matter of company size.

                                    I think the last 'new' software I deployed was Citrix-workspace.

                                    I have people who need things changed daily, yes.

                                    I suppose that fact itself has little or nothing to do with the actual tool discussion though. You could just as easily use GP to push those changes if needed, or any of thousands of other tools. My bad for tangenting from Scott's comment.

                                    On MAC GPO doesn't apply.

                                    Did I not mention "thousands of other tools"?

                                    1 Reply Last reply Reply Quote 0
                                    • JaredBuschJ
                                      JaredBusch @Dashrender
                                      last edited by JaredBusch

                                      @Dashrender said in Ansible Agent Option?:

                                      @scottalanmiller said in Ansible Agent Option?:

                                      @Dashrender said in Ansible Agent Option?:

                                      @scottalanmiller said in Ansible Agent Option?:

                                      @Dashrender said in Ansible Agent Option?:

                                      @scottalanmiller said in Ansible Agent Option?:

                                      @Obsolesce said in Ansible Agent Option?:

                                      @coliver said in Ansible Agent Option?:

                                      @Obsolesce said in Ansible Agent Option?:

                                      Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                                      From an MSP perspective that can get pretty inefficient and heavy.

                                      Why is an MSP wanting to manage client user Windows mobile devices with Ansible? That doesn't make much sense and not really what it's for.

                                      Even not an MSP, why would anyone want to use anything but state machines for managing their machines?

                                      This kinda sounds like you wanna run DeepFreeze on all machines, except for a small area of the disk the users are allowed to write to. that does actually sound awesome - as long as you can prevent execution of programs from that space.

                                      DeepFreeze is a different concept, but could have overlapping use cases. DF is about preserving a single state. State machines are about defining and managing state, which is assumed that it will change (possibly often.)

                                      By change often in the case of a laptop/desktop would be that you're updating software? so you want to make sure you always have the latest version? or are you meaning something else?

                                      That's one option, but you could think of that as not being a state change "Up to date" might be a bits and bytes change, but not a state change (does that make sense?) Moreso what I mean is that a user or group might want machines tweaked with new software, different software, different settings, new mapped drives, whatever, on a regular basis.

                                      Wow, you sound like you have groups that waste a lot of time moving people around, changing their needed access to have those types of things change on a regular basis.

                                      How in the hell is it a waste of time for the business to realign their people's tasks (and thus tools) with the business needs as they change?

                                      Just because you are in a place where nothing has changed in 30 years does not mean the rest of us are.

                                      1 Reply Last reply Reply Quote 2
                                      • JaredBuschJ
                                        JaredBusch @Obsolesce
                                        last edited by JaredBusch

                                        @Obsolesce said in Ansible Agent Option?:

                                        @DustinB3403 said in Ansible Agent Option?:

                                        @Obsolesce said in Ansible Agent Option?:

                                        @DustinB3403 said in Ansible Agent Option?:

                                        @Obsolesce said in Ansible Agent Option?:

                                        @coliver said in Ansible Agent Option?:

                                        @Obsolesce said in Ansible Agent Option?:

                                        Why not have an Ansible server on the same network as the devices and reachable by the Ansible server?

                                        From an MSP perspective that can get pretty inefficient and heavy.

                                        Why is an MSP wanting to manage client user Windows devices with Ansible? That doesn't make much sense and not really what it's for.

                                        Because they're being paid to manage them.

                                        Then they should manage them with MDM software.

                                        And which MDM would recommend?

                                        How the hell do I recommend MDM software based solely on the fact he wants some unknown to me configuration on some unknown to me devices in unknown environments?

                                        FFS, pull your head out of your ass.

                                        There was like 40 posts of nothing but you arguing something that no one fucking cared about.

                                        MDM = Mobile Device Management.

                                        @scottalanmiller does not want or need Mobile Device Management. He never asked for anything related to it.

                                        He specifically asked if anyone knew about an agent or other method too use Ansible without a SDN/VPN/WTFEver LAN extension to allow roaming devices to still be managed by Ansible.

                                        1 Reply Last reply Reply Quote 2
                                        • JaredBuschJ
                                          JaredBusch @Obsolesce
                                          last edited by

                                          @Obsolesce said in Ansible Agent Option?:

                                          @scottalanmiller said in Ansible Agent Option?:

                                          Salt will allow for essentially unlimited system management, with state which is absolutely critical, with monitoring and reporting, with LAN or without LAN, and doesn't need anything installed that can't be found in Chocolatey (not as good as needing nothing at all, but close.)

                                          SO why are you not using SaltStack then? SaltStack and do ANYTHING to a Windows device. How? It can run PowerShell, and it can run scheduled tasks with any configuration. I can think of no case SaltStack wouldn't work for some configuration on a Windows device. SaltStack is like the only exception to the rule, so why not use it?

                                          He is, and has for a long time. And it was even implied in an early post that you apparently didn't bother to read before you decided to go off on your little rant.

                                          Post 11
                                          Post 34

                                          1 Reply Last reply Reply Quote 1
                                          • ObsolesceO
                                            Obsolesce @scottalanmiller
                                            last edited by

                                            @scottalanmiller said in Ansible Agent Option?:

                                            We are, but I want to give Ansible a fair shake and am asking if or how anyone is getting it to overcome this agentless limitation for accessing other machines.

                                            Then you will need to test them in a scenario that they both equally support, or take the limitation factor out of it.

                                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 8
                                            • 9
                                            • 6 / 9
                                            • First post
                                              Last post