From 04e6d2d4c8487af373adecb47f5b279b7aeecab8 Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Fri, 30 Dec 2022 01:52:49 +0100
Subject: [PATCH] update voc

---
 defaults/main.yml |  3 +++
 tasks/main.yml    | 11 ++++++++---
 2 files changed, 11 insertions(+), 3 deletions(-)
 create mode 100644 defaults/main.yml

diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..332a805
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+win__special_rdp_user: 'voc'
+win__allow_special_rdp_user: false
diff --git a/tasks/main.yml b/tasks/main.yml
index b4b58a7..fb75297 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -11,9 +11,9 @@
   changed_when: _a.changed
 
 - name: Touch a file (creates if not present, updates modification time if present)
-  ansible.windows.win_file:
-    path: .ansible\status\rdp.txt
-    state: touch
+  ansible.windows.win_copy:
+    dest: .ansible\status\rdp.txt
+    content: 'Ansible opened RDP on this host'
   register: _a
 
 # https://exchangepedia.com/2016/10/enable-remote-desktop-rdp-connections-for-admins-on-windows-server-2016.html
@@ -37,3 +37,8 @@
     profiles: private
     state: present
     enabled: true
+
+- name: "Allow RDP for User {{ win__special_rdp_user }}"
+  ansible.windows.win_powershell:
+    script: 'Add-LocalGroupMember -Group "Remote Desktop Users" -Member {{ win__special_rdp_user }}'
+  when: win__allow_special_rdp_user | bool