Sysprep Done Using Ansible

Posted on February 19, 2026 by larry

I got sysprep working at a minimal level the way I want. I now have a base windows 11 image I can use to rebuild a box relatively quickly.

After a reboot I rename it and add it to the domain.

From there ansible takes over. I am able to use a rocky 9.7 box to manage Windows Desktops via the domain through winrm

Here is how I got winrm working (not I just used a self signed cert)

Enable-PSRemoting -Force
$CertDnsName = "win11.example.com"
$Cert = New-SelfSignedCertificate `
    -DnsName $CertDnsName `
	-Provider "Microsoft RSA SChannel Cryptographic Provider" `
	-KeyLength 2048 -NotAfter (Get-Date).AddYears(5) `
    -CertStoreLocation Cert:\LocalMachine\My
$CertThumbprint = $Cert.Thumbprint

# Create Listener
New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -HostName $CertDnsName -CertificateThumbPrint $CertThumbprint -Force

# Open Firewall
New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Direction Inbound -LocalPort 5986 -Protocol TCP -Action Allow

# Verify
winrm enumerate winrm/config/listener

On the Linux side I had to make sure I had the correct ansible packages

sudo dnf -y install ansible-core epel-release
sudo dnf -y install krb5-workstation krb5-devel python3-devel gcc python3-passlib apg 
sudo dnf install -y python3-kerberos krb5-workstation

python3 -m pip install pywinrm requests
ansible-galaxy collection install community.general
ansible-galaxy collection install community.mysql
ansible-galaxy collection install ansible.posix
ansible-galaxy collection install ansible.windows:2.3.0

This got me working but my ansible.cfg needed to look like this

[defaults]
inventory = ./inventory
host_key_checking = False
retry_files_enabled = False
stdout_callback = default
timeout = 30
ansible_connection=winrm

# Optional but useful
interpreter_python = auto_silent

[connection]
pipelining = True

[winrm]
# Kerberos settings
transport = kerberos
scheme = https
port = 5986
server_cert_validation = ignore
kerberos_delegation = true

And finally some variables needed to be set in the inventory file

##### Sample inventory
[windows]
win11a.example.com
win11b.example.com
win11c.example.com

[windows:vars]
ansible_connection=winrm
ansible_port=5986
ansible_winrm_transport=kerberos
ansible_winrm_scheme=https
ansible_winrm_server_cert_validation=ignore

kilist
kdestroy
kinit Admin@EXAMPLE.COM

In other news, got a new Sony earbuds, RIP my old set.

Still need to get bathroom done

Got a new UPS to install this weekend.

Weight: 321.6

Posted in Coding, New Toys, Technical, Training, Weigh In | Leave a comment

Managing Windows With Ansible

Posted on February 18, 2026 by larry

Spun up a couple of cloned Windows 11 VMs and used sysprep on them

Would like to streamline the sysprep process, so may work on creating a sysprep file.

That is later though, meanwhile I got 3 windows boxes I can mess with. I may clone them to make it easier to rebuild without sysprep.

Weight: 321.6

Posted in Coding, Technical, Training, Weigh In | Leave a comment

Gung Hay Fat Choy! 2026

Posted on February 17, 2026 by larry

Chinese new year today, wish it was yesterday, but today is also Fat Tuesday.

Not sure what I want to give up, will think about it today.

Recall this was a busy weekend for me, caught up to me this afternoon. After my 3PM meeting I took a quick break and woke up at 7:30, but I did get up at 6 to work so it is about right.

Weight: 323.8

Posted in Training, Weigh In | Leave a comment

Ran Out of Time

Posted on February 16, 2026 by larry

Wow, didn’t think I would run out of time on a 4 day weekend, yet here I am.

I woke up later, but not really late today.

Let’s see what I did

  • Started burning in those new disks using BHT, I wanted to first figure out what was plugged in to which channel on the HBA, but as I added disks, it moved stuff around. There was no consistancy. That burned some time.
  • Tried sanding down the drywall, but the sandpaper I had was too fine.
  • I patched the servers today, and found out cloudflared proxy-dns feature was removed. I rolled back to an older version, but that will need to be figured out. Maybe dnscrypt-proxy, for now the old version still works.
  • Got NUT (Network UPS Tools) working on my raspberry pi. Still need to configure.

I dont think I will be going to bed early, still got more stuff to do.

Weight: 323.8

Posted in New Toys, Raspberry Pi, Technical, Training, Weigh In | Leave a comment

Bathroom Minor Remodel

Posted on February 15, 2026 by larry

Started working on a minor remodel of our bathroom downstairs.

First step is the wall, and getting rid of black mold.

Wasn’t alone on this though, oldest son helped me a lot.

Next one is the toilet, and finally the fan and light in that bathroom.

Also moving on to getting my NAS up. Next step for that project is to begin hard drive burning.

With this many drives, need to use a tool called bht.

Weight: 323.2

Posted in New Toys, Technical, Training, Weigh In | Leave a comment

Happy Valentines Day 2026

Posted on February 14, 2026 by larry

Last year I made a small heart, this year I made a little rose with a tea light in it.

Recall a few days ago I got a remote site working with my son. Today I got a hard drive and am doing a local sync and having him bring that drive to his dorm.

Also gonna start renovating the downstairs bathroom. After this post I am going to cut away some drywall to see how bad it is.

Weight: 322.6

Posted in New Toys, Technical, Training, Weigh In | Leave a comment

New Stuff, A lot done

Posted on February 13, 2026 by larry

Got couple things going on today, figured out how to install ZFS on Rocky 9.7 (note required upgrading from ZFS 2.1 to 2.2

Also installed some fresh UPS batteries, didn’t know some were replaced already and still good. Kind of illustrates reasons for tracking.

Finally, got a new air filter for my office, replaced all the filters for existing ones too. My server room has an air filter now.

All this in addition to my normal Friday tasks.

Daughter moved back in, may get crowded at home.

Weight: 321.0

Posted in New Toys, Technical, Training, Weigh In | Leave a comment

Four Day Weekend

Posted on February 12, 2026 by larry

Good weekend coming up, no football, extra day off, and got a few tasks.

Allows me to start minor renovations that I had planned. One of my goals for February was to make the last bathroom nicer.

Got some material already.

Also the last of the drives are coming in for my NAS, I can begin building it.

Weight: 320.2

Posted in New Toys, Technical, Training, Weigh In | Leave a comment

RTX5060ti on Rocky 9

Posted on February 11, 2026 by larry

Finally got it working, it took just an hour or so to figure it out.

Unfortunately I do not have detailed documentation on how I did it, but here are a couple of small notes

  • First I did was remove everything I did prior and went to the built in noveau driver.
  • After a bit of research I tried 575 but it did not work so I went up to driver version 580
  • So I already had nvidia access, some day will figure out how I got that probably some in repo enabled.
  • First I reset dnf module reset -y nvidia-driver
  • I listed what was available dnf module list nvidia-driver
  • I then set the driver level and I opted for the open version dnf module enable -y nvidia-driver:580-open
  • Then install and reboot dnf install -y nvidia-driver nvidia-driver-cuda

Now I can proceed with LLM stuff.

Final note, Seahawks Championship Parade was today.

Weight: 321.2

Posted in New Toys, Technical, Training, Weigh In | Leave a comment

PLU Network Connected

Posted on February 10, 2026 by larry

Woohoo, I got a remote site working. I was able to walk my son at PLU to connect the network to home.

The trick was connecting to EDUROAM. I needed a different firmware to get it to work.

Also at home got a bell ringer going. Will see how it goes.

Weight: 323.8

Posted in New Toys, Technical, Training, Weigh In | Leave a comment