From eadc47749bdef5d12a8da055b37a8047d5c9499d Mon Sep 17 00:00:00 2001
From: jullienl <lionel.jullien@hpe.com>
Date: Sun, 31 Oct 2021 18:20:50 -0400
Subject: [PATCH] Changes for release-v1.2

---
 WIN_autodeploy_using_autogenerated_ISO.yml | 405 +++++++++++++++++++++
 WIN_unprovision.yml                        |  76 ++++
 files/Ansible_control_node_requirements.md |   2 +-
 group_vars/Windows.yml                     |   4 +
 readme.md                                  | 204 ++++++++++-
 vars/WIN_provisioning.yml                  |  70 ++++
 6 files changed, 759 insertions(+), 2 deletions(-)
 create mode 100644 WIN_autodeploy_using_autogenerated_ISO.yml
 create mode 100644 WIN_unprovision.yml
 create mode 100644 vars/WIN_provisioning.yml

diff --git a/WIN_autodeploy_using_autogenerated_ISO.yml b/WIN_autodeploy_using_autogenerated_ISO.yml
new file mode 100644
index 0000000..a01442d
--- /dev/null
+++ b/WIN_autodeploy_using_autogenerated_ISO.yml
@@ -0,0 +1,405 @@
+---
+
+# Performing automated Windows Server 2022 Boot from SAN installation on Gen10 Synergy Module(s) using a kickstart and a HPE OneView Server Profile Template
+
+- name: Performing an unattended Windows Server 2022 Boot from SAN installation on a Gen10 Synergy Module using a OneView Server Profile Template
+  hosts: Windows
+  collections:
+    - hpe.oneview
+  gather_facts: no
+  vars_files:
+    - vars/WIN_provisioning.yml
+    #- vars/encrypted_credentials.yml
+  vars:
+    # HPE Synergy Composer configuration
+    - config: "{{ playbook_dir }}/oneview_config.json"
+
+    - inventory_fqdn: "{{ inventory_hostname | lower }}.{{ domain }}"
+
+    - ansible_python_interpreter: python3
+    - ansible_host_key_checking: false
+    - validate_certs: false
+
+  tasks: 
+
+# Staging the Windows Server ISO on Ansible Controller
+
+    - name: Checking if Windows Server ISO file exists on "{{lookup("pipe","hostname")}}"
+      stat:
+        path: "{{ src_iso_directory }}/{{ src_iso_file }}"
+      register: p
+      delegate_to: localhost
+
+    - name: Creating the directory "{{ src_iso_directory }}" to host the ISO file on "{{ lookup("pipe","hostname") }}"
+      file:
+        path: "{{ src_iso_directory }}"
+        state: directory
+      delegate_to: localhost
+
+    - name: Downloading file "{{ src_iso_file }}" to "{{ lookup("pipe","hostname") }}" if not present
+      get_url:
+        url: "{{ src_iso_url }}/{{ src_iso_file }}"
+        dest: "{{ src_iso_directory }}"
+        validate_certs: no
+      when: p.stat.exists == False
+      delegate_to: localhost      
+
+    - name: Checking if Windows Server ISO file extraction is necessary on "{{ lookup("pipe","hostname") }}"
+      stat:
+        path: /opt/baremetal/{{ inventory_hostname }}
+      register: p
+      delegate_to: localhost     
+
+    - name: Creating /mnt/{{ inventory_hostname }} on "{{lookup("pipe","hostname")}}" if it does not exist
+      file:
+        path: /mnt/{{ inventory_hostname }}
+        state: directory
+        mode: '0755'
+      delegate_to: localhost
+
+    - name: Creating /opt/baremetal/{{ inventory_hostname }}/ on "{{lookup("pipe","hostname")}}" if it does not exist
+      file:
+        path: /opt/baremetal/{{ inventory_hostname }}
+        state: directory
+        mode: '0755'
+      delegate_to: localhost
+
+    - name: Mounting Windows Server ISO and copying ISO files to /opt/baremetal/{{ inventory_hostname }}/ on "{{lookup("pipe","hostname")}}"
+      shell: |
+        mount -o loop {{ src_iso_directory }}/{{ src_iso_file }} /mnt/{{ inventory_hostname }}/
+        cp -r /mnt/{{ inventory_hostname }}/. /opt/baremetal/{{ inventory_hostname }}/
+        umount /mnt/{{ inventory_hostname }}
+      args:
+        warn: false # To prevent warning
+      when: p.stat.exists == False
+      delegate_to: localhost      
+
+# Creating $OEM$ resources to host the different scripts that we need to run at startup
+
+    - name: Creating $OEM$ on "{{lookup("pipe","hostname")}}" in /opt/baremetal/{{ inventory_hostname }}/sources to run scripts at startup
+      file:
+        path: "{{ item }}"
+        state: directory
+        owner: root
+        group: root
+        mode: 0775
+      loop:
+        - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$
+        - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$1
+        - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$1/Temp
+        - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$
+        - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup
+        - /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup/Scripts
+      delegate_to: localhost
+
+    - name: Download POSH script from GitHub to configure Windows for remote management with Ansible 
+      get_url:
+        url: https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
+        dest: /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$1/Temp/winRM.ps1
+        mode: '0775'  
+      delegate_to: localhost
+
+# Creating a Server Profile in HPE OneView from a boot from SAN Server Profile Template:
+
+    - name: Creating Server Profile "{{ inventory_hostname }}" from Server Profile Template "{{ server_template }}"
+      oneview_server_profile:
+        config: "{{ config }}"
+        data:
+          serverProfileTemplateName: "{{ server_template }}"
+          name: "{{ inventory_hostname }}"
+        # serverHardwareUri: "/rest/server-hardware/39313738-3234-584D-5138-323830343848"
+        # server_hardware: Encl1, bay 12
+        # If any hardware is provided, it tries to get one available
+      delegate_to: localhost
+      register: result
+
+    - name: Capturing information for the customization of the kickstart file [server generation - MAC of first management NIC - LUN uri of the primary boot volume]
+      set_fact:
+        server_hardware_name: "{{ server_hardware.name }}"
+        generation: "{{ server_hardware.generation }}"
+        lunuri: "{{ (server_profile.sanStorage.volumeAttachments | selectattr('bootVolumePriority', 'equalto', 'Primary') | map(attribute='volumeUri') | list)[0] }}"
+        mac1: "{{ (server_profile.connectionSettings.connections | selectattr('id', 'equalto', 1) | map(attribute='mac') | list)[0] }}"
+        mac2: "{{ (server_profile.connectionSettings.connections | selectattr('id', 'equalto', 2) | map(attribute='mac') | list)[0] }}"
+
+#     #- debug: var=server_profile
+#     #- debug: var=serial_number
+#     #- debug: var=server_hardware
+#     #- debug: var=compliance_preview
+#     #- debug: var=created
+
+#     #- debug: var=generation
+#     #- debug: var=lunuri
+#     #- debug: var=mac1 
+
+    - name: Showing the result of the Server Profile creation task
+      debug:
+        msg: "Hardware selected: {{ server_hardware_name }} - Result: {{ result.msg }}"
+
+    - name: Collecting volumes information
+      oneview_volume_facts:
+        config: "{{ config }}"
+      delegate_to: localhost
+
+    #- debug: var=storage_volumes
+      
+    - name: Capturing boot LUN size defined in the Server Profile to ensure that Windows Server will be installed on this disk using the kickstart file
+      set_fact:
+        size: "{{ ((storage_volumes | selectattr('uri', 'equalto', lunuri) | map(attribute='provisionedCapacity') | list)[0] | int / (1024*1024*1024) ) |int}}"
+
+    # - debug: var=size
+
+# Creation of the SetupComplete.cmd to configure the network settings
+
+    - name: Creating configure_network.ps1 that will be launched by SetupComplete.cmd (creation of a team using the first two NICs and configuration of IP parameters)
+      copy:
+        force: true
+        dest: /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup/Scripts/configure_network.ps1
+        content: |
+          $mac1="{{ mac1 }}"
+          $net1=get-netadapter | where MacAddress -eq $mac1.replace(":","-") | select name
+          $mac2="{{ mac2 }}"
+          $net2=get-netadapter | where MacAddress -eq $mac2.replace(":","-") | select name
+          New-NetLbfoTeam -Name mgmt_nw_team -TeamMembers $net1.name,$net2.name -confirm:$false
+          netsh interface ip set address mgmt_nw_team static "{{host_management_ip}}" "{{netmask}}" "{{gateway}}" 1 
+          netsh interface ip add dns mgmt_nw_team "{{nameserver1}}"
+          netsh interface ip add dns mgmt_nw_team "{{nameserver2}}" index=2
+          $team_index = Get-NetAdapter -Name mgmt_nw_team | % ifindex
+          Set-DnsClient -InterfaceIndex $team_index -ConnectionSpecificSuffix "{{domain}}" -RegisterThisConnectionsAddress $true -UseSuffixWhenRegistering $true
+      delegate_to: localhost      
+
+    - name: Creating SetupComplete.cmd for the network settings
+      # SetupComplete.cmd automatically runs after the Windows Setup process
+      # Windows Setup logs the action in the C:\Windows\Panther\UnattendGC\Setupact.log file
+      copy:
+        force: true
+        dest: /opt/baremetal/{{ inventory_hostname }}/sources/$OEM$/$$/Setup/Scripts/SetupComplete.cmd
+        content: |        
+          Powershell.exe -ExecutionPolicy Bypass -File "%SYSTEMROOT%/Setup/Scripts/configure_network.ps1" -WindowStyle Hidden > "%SYSTEMROOT%\Panther\UnattendGC\setupcomplete.log" 2>&1
+      delegate_to: localhost          
+
+# Creation of the new Windows Server ISO image with unattended installation
+
+    - name: Updating autounattend.xml file 
+      template:
+        src: files/{{ windows_version }}/{{ unattend }}
+        dest: /opt/baremetal/{{ inventory_hostname }}
+      delegate_to: localhost
+  
+    - name: Creating customized bootable ISO 
+      shell: >
+        mkisofs 
+        --allow-limited-size 
+        -no-emul-boot 
+        -b "boot/etfsboot.com" 
+        -boot-load-seg 0 
+        -boot-load-size 8 
+        -eltorito-alt-boot 
+        -no-emul-boot 
+        -e "efi/microsoft/boot/efisys_noprompt.bin" 
+        -boot-load-size 1 
+        -iso-level 4 
+        -udf 
+        -o /opt/baremetal/{{ inventory_hostname }}.iso
+        /opt/baremetal/{{ inventory_hostname }}/
+      delegate_to: localhost
+
+    - name: Creating /usr/share/nginx/html/isos/ on "{{lookup("pipe","hostname")}}" if it does not exist
+      file:
+        path: /usr/share/nginx/html/isos/
+        state: directory
+        mode: '0755'
+      delegate_to: localhost
+  
+    - name: Moving created ISO to the nginx default html folder of "{{ lookup("pipe","hostname") }}" 
+      shell: |
+        mv /opt/baremetal/{{ inventory_hostname }}.iso /usr/share/nginx/html/isos/
+      delegate_to: localhost
+
+# Starting the OS unattended installation
+
+    - name: Powering on and booting "{{ server_hardware_name }}" from created ISO using iLO Virtual Media 
+      community.general.hpilo_boot:
+        host: "{{ server_hardware.mpHostInfo.mpIpAddresses[1].address }}" 
+        login: Administrator
+        password: password
+        media: cdrom
+        image: 'http://{{ lookup("pipe","hostname") }}/isos/{{ inventory_hostname }}.iso'
+      delegate_to: localhost
+
+    - name: Waiting for Windows Server installation to complete - Waiting for "{{ host_management_ip }}" to respond...
+      wait_for: 
+        timeout: 1500 
+        host: "{{ host_management_ip }}"
+        port: 3389
+      register: boot_wait_time
+      delegate_to: localhost
+    
+    - debug:
+        msg: "{{ inventory_hostname }} installation took {{ (boot_wait_time.elapsed / 60) | round | int }} minutes"
+
+# Cleaning up staging files
+
+    - name: Deleting all temporary files in the stagging location on "{{lookup("pipe","hostname")}}" 
+      file:
+        path: "/opt/baremetal/{{ inventory_hostname }}"
+        state: absent
+      delegate_to: localhost
+
+    - name: Deleting created ISO file in the web server directory on "{{lookup("pipe","hostname")}}" 
+      file:
+        path: "/usr/share/nginx/html/isos/{{ inventory_hostname }}.iso"
+        state: absent
+      delegate_to: localhost
+
+    - name: Unmounting original ISO file on "{{lookup("pipe","hostname")}}" 
+      file:
+        path: "/mnt/{{ inventory_hostname }}"
+        state: absent
+      delegate_to: localhost
+
+    - name: Collecting product_id found in install.xml file of the HPE iSUT package
+      shell: |
+        unzip -p files/{{ windows_version }}/{{ iSUT_package }} install.xml | grep "product id" | awk '{ print substr ($0, 16, 36 ) }'
+      args:
+        warn: false # To prevent warning
+      register: iSUT_product_id  
+      delegate_to: localhost
+
+    - name: Collecting product_id found in install.xml file of the HPE AMS package
+      shell: |
+        unzip -p files/{{ windows_version }}/{{ AMS_package }} install.xml | grep "product id" | awk '{ print substr ($0, 16, 36 ) }'
+      args:
+        warn: false # To prevent warning
+      register: AMS_product_id  
+      delegate_to: localhost
+
+      #- debug: msg='{{ iSUT_product_id.stdout }}'
+      #- debug: msg='{{ AMS_product_id.stdout }}'
+
+# Adding a DNS record for the newly provisioned server in the defined DNS server 
+
+- name: Creating a DNS record for the bare metal Windows Server
+  hosts: Windows
+  gather_facts: no
+  vars_files:
+    - vars/WIN_provisioning.yml
+    - vars/windows_dns.yml
+    # - vars/encrypted_credentials.yml
+  tasks:
+    - name: Adding "{{ inventory_hostname }}" with "{{ host_management_ip }}" on "{{ dns_server }}" in "{{ domain }}" DNS domain
+      community.windows.win_dns_record:
+        name: "{{ inventory_hostname }}"
+        type: "A"
+        value: "{{ host_management_ip }}"
+        zone: "{{ domain }}"
+        state: present
+      delegate_to: "{{ dns_server }}" 
+
+
+# Installing iSUT and AMS on the server for online installation of HPE drivers for Windows Server
+
+- name: Installing HPE iSUT and HPE AMS on the server for online installation of HPE drivers for Windows Server
+  hosts: Windows
+  collections:
+    - hpe.oneview
+  gather_facts: no
+  vars_files:
+    - vars/WIN_provisioning.yml
+    # - vars/encrypted_credentials.yml
+  vars:
+  # HPE Synergy Composer configuration
+   - config: "{{ playbook_dir }}/oneview_config.json"  
+  
+  tasks:
+
+    - name: Copying HPE iSUT package file to {{ inventory_hostname }}
+      win_copy:
+        src: files/{{ windows_version }}/{{ iSUT_package }}
+        dest: c:\Temp\sut.exe
+
+    - name: Copying HPE AMS package file to {{ inventory_hostname }}
+      win_copy:
+        src: files/{{ windows_version }}/{{ AMS_package }}
+        dest: c:\Temp\amsd.exe
+     
+    - name: Installing Integrated Smart Update Tools
+      win_package:
+        path: c:\Temp\sut.exe
+        product_id: '{{ iSUT_product_id.stdout }}'
+        arguments: /s
+      register: SUT_install
+      # failed_when is required because the installation of the package returns a false error.
+      failed_when: "SUT_install.rc != 0 and SUT_install.rc != 1"
+
+    - name: Installing HPE Agentless Management Service
+      win_package:
+        path: c:\Temp\amsd.exe 
+        product_id: '{{ AMS_product_id.stdout }}'
+        arguments: /s 
+      register: AMS_install
+      # failed_when is required because the installation of the package returns a false error.
+      failed_when: "AMS_install.rc != 0 and AMS_install.rc != 1"
+ 
+    - name: Configuring iSUT mode to allow OS driver updates via HPE OneView Server Profile
+      win_shell: 
+        sut.exe -set mode=autodeploy 
+        #sut -set mode=AutoDeployReboot
+        #sut -set mode=AutoStage
+        #sut -set mode=OnDemand
+      register: sut_status
+
+    - debug: msg="{{ sut_status.stdout }}"
+
+# Changing the OneView Server Profile to enable OS drivers installation using the SSP/SPP.    
+
+    - name: Updating Server Profile to enable Firmware and OS Drivers using SUT
+      oneview_server_profile:
+        config: "{{ config }}"
+        state: "present"
+        data:
+          name: "{{ inventory_hostname }}"
+          firmware:
+            firmwareInstallType: "FirmwareAndOSDrivers"
+      delegate_to: localhost
+      register: result
+
+    - debug: msg="{{ result.msg }}"
+
+# Joining Windows domain 
+
+    - name: Joining domain {{ domain }}
+      ansible.windows.win_domain_membership:
+        dns_domain_name: "{{ domain }}"
+        hostname: "{{ inventory_hostname }}"
+        domain_admin_user: "{{ win_domain_admin_user }}"
+        domain_admin_password: "{{ win_domain_admin_password }}"
+        state: domain
+      register: domain_state
+ 
+# Waiting for HPE drivers to be installed
+
+    - name: Monitoring SUT status for 'reboot the system' message
+      oneview_server_hardware_facts:
+        config: "{{ config }}"
+        name: "{{ server_hardware.name }}"
+      retries: 50
+      delay: 30 
+      until:  server_hardwares.serverSettings.firmwareAndDriversInstallState.installState == "InstalledPendingReboot"
+      delegate_to: localhost
+
+# Rebooting host for the HPE drivers/firmware activation
+
+    - name: Rebooting host for the HPE drivers/firmware activation and waiting for it to restart
+      win_reboot:
+        msg: "Reboot initiated by Ansible"
+        connect_timeout: 5
+        reboot_timeout: 600
+        pre_reboot_delay: 0
+        post_reboot_delay: 30
+        test_command: whoami
+
+    - name: Displaying install completed message
+      debug: 
+        msg: 
+         - '{{ inventory_hostname }}.{{domain}} Installation completed !'
+         - 'OS is configured and running with HPE OS drivers.'
diff --git a/WIN_unprovision.yml b/WIN_unprovision.yml
new file mode 100644
index 0000000..d26218a
--- /dev/null
+++ b/WIN_unprovision.yml
@@ -0,0 +1,76 @@
+---
+- name: Deleting provisioned Windows Server compute module(s)
+  hosts: Windows
+  collections:
+    - hpe.oneview
+  gather_facts: no
+  vars_files:
+    - vars/WIN_provisioning.yml
+    #- vars/vault.yml  # encrypted credentials yml
+  vars:
+    # HPE Synergy Composer configuration
+    - config: "{{ playbook_dir }}/oneview_config.json"
+
+    - ansible_python_interpreter: python3
+    - ansible_host_key_checking: false
+    - validate_certs: false
+
+  tasks: 
+   
+    - name : Getting server profile "{{ inventory_hostname }}" information
+      oneview_server_profile:
+         config: "{{ config }}"
+         state: "present"
+         data:
+            name: "{{ inventory_hostname }}"
+      delegate_to: localhost
+
+    #- debug: var=server_hardware
+
+    - name: Powering off server hardware "{{ server_hardware.name }}"
+      oneview_server_hardware:
+        config: "{{ config }}"
+        state: power_state_set
+        data:
+            name : "{{ server_hardware.name }}"
+            powerStateData:
+                powerState: "Off"
+                powerControl: "PressAndHold"
+      delegate_to: localhost
+
+    - name: Deleting server profile "{{ inventory_hostname }}"
+      oneview_server_profile:
+        config: "{{ config }}"
+        state: "absent"
+        data:
+          name: "{{ inventory_hostname }}"
+      delegate_to: localhost
+      register: result
+
+    - name: Result of the task to delete the server profile
+      debug:
+        msg: "{{ result.msg }}"
+
+    - name: Removing {{ inventory_hostname }} SSH key 
+      known_hosts:
+        name: '{{ inventory_hostname }}'
+        path: ~/.ssh/known_hosts
+        state: absent
+      delegate_to: localhost
+
+
+- name: Removing the DNS record for "{{ inventory_hostname }}"
+  hosts: Windows
+  gather_facts: no
+  vars_files:
+    - vars/WIN_provisioning.yml
+    - vars/windows_dns.yml
+  tasks:
+    - name: Removing "{{ host_management_ip }}"" from "{{ dns_server }}" 
+      community.windows.win_dns_record:
+        name: "{{ inventory_hostname }}"
+        type: "A"
+        zone: "{{ domain }}"
+        state: absent
+      delegate_to: "{{ dns_server }}" 
+
diff --git a/files/Ansible_control_node_requirements.md b/files/Ansible_control_node_requirements.md
index d428f7d..eef841d 100644
--- a/files/Ansible_control_node_requirements.md
+++ b/files/Ansible_control_node_requirements.md
@@ -4,7 +4,7 @@
 ```
 mkdir ~/Projects
 cd ~/Projects
-git clone https://github.com/jullienl/HPE-Synergy-baremetal
+git clone https://github.com/jullienl/HPE-Synergy-baremetal.git
 ```
 
 ## openssh installation
diff --git a/group_vars/Windows.yml b/group_vars/Windows.yml
index 9a93ca9..1a28fbf 100644
--- a/group_vars/Windows.yml
+++ b/group_vars/Windows.yml
@@ -9,3 +9,7 @@ ansible_port: 5985
 
 # The following is necessary for Python 2.7.9+ when using default WinRM self-signed certificates:
 ansible_winrm_server_cert_validation: ignore
+
+# Domain Administrator credentials
+win_domain_admin_user: lj\Administrator
+win_domain_admin_password: xxxxxxxx
\ No newline at end of file
diff --git a/readme.md b/readme.md
index 694fb56..074daa1 100644
--- a/readme.md
+++ b/readme.md
@@ -9,7 +9,7 @@ The provisioning is performed automatically using kickstart/unattend files, auto
 The different playbooks can be used to provision 3 type of OS:
 - Red Hat Enterprise Linux or equivalent
 - vSphere ESXi 6.7 and 7
-- Windows Server 2022 or equivalent (coming soon)
+- Windows Server 2022 or equivalent 
 
 One playbook can provision one OS type on one or multiple servers as defined by the Ansible inventory file.
 
@@ -549,7 +549,209 @@ changed: [RHEL-deploy -> dc.lj.lab]
 PLAY RECAP ***************************************************************************************************************************************************************************************
 RHEL-deploy                : ok=6    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0  
 ```
+## Output sample of Windows Server bare metal provisioning playbook
+```
+ansible-playbook -i hosts WIN_autodeploy_using_autogenerated_ISO.yml 
+
+PLAY [Performing an unattended Windows Server 2022 Boot from SAN installation on a Gen10 Synergy Module using a OneView Server Profile Template] ********************************************************
+
+TASK [Checking if Windows Server ISO file exists on "ansible.lj.lab"] ***********************************************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+TASK [Creating the directory "/opt/winisosrc" to host the ISO file on "ansible.lj.lab"] *****************************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+TASK [Downloading file "en-us_windows_server_version_2022_updated_october_2021_x64_dvd_b6e25591.iso" to "ansible.lj.lab" if not present] ****************************************************************
+skipping: [WIN-1]
+
+TASK [Checking if Windows Server ISO file extraction is necessary on "ansible.lj.lab"] ******************************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+TASK [Creating /mnt/WIN-1 on "ansible.lj.lab" if it does not exist] *************************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Creating /opt/baremetal/WIN-1/ on "ansible.lj.lab" if it does not exist] **************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Mounting Windows Server ISO and copying ISO files to /opt/baremetal/WIN-1/ on "ansible.lj.lab"] ***************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Creating $OEM$ on "ansible.lj.lab" in /opt/baremetal/WIN-1/sources to run scripts at startup] *****************************************************************************************************
+changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$)
+changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$1)
+changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$1/Temp)
+changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$$)
+changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$$/Setup)
+changed: [WIN-1 -> localhost] => (item=/opt/baremetal/WIN-1/sources/$OEM$/$$/Setup/Scripts)
+
+TASK [Download POSH script from GitHub to configure Windows for remote management with Ansible] *********************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Creating Server Profile "WIN-1" from Server Profile Template "Windows BFS"] ***********************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Capturing information for the customization of the kickstart file [server generation - MAC of first management NIC - LUN uri of the primary boot volume]] *****************************************
+ok: [WIN-1]
+
+TASK [Showing the result of the Server Profile creation task] *******************************************************************************************************************************************
+ok: [WIN-1] => {
+    "msg": "Hardware selected: Frame4, bay 3 - Result: Server Profile created."
+}
+
+TASK [Collecting volumes information] *******************************************************************************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+TASK [Capturing boot LUN size defined in the Server Profile to ensure that Windows Server will be installed on this disk using the kickstart file] ****************************************************************
+ok: [WIN-1]
+
+TASK [Creating configure_network.ps1 that will be launched by SetupComplete.cmd (creation of a team using the first two NICs and configuration of IP parameters)] ***************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Creating SetupComplete.cmd for the network settings] **********************************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Updating autounattend.xml file] *******************************************************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Creating customized bootable ISO] *****************************************************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Creating /usr/share/nginx/html/isos/ on "ansible.lj.lab" if it does not exist] ********************************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+TASK [Moving created ISO to the nginx default html folder of "ansible.lj.lab"] **************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Powering on and booting "Frame4, bay 3" from created ISO using iLO Virtual Media] *****************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Waiting for Windows Server installation to complete - Waiting for "192.168.3.175" to respond...] **************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+TASK [debug] ********************************************************************************************************************************************************************************************
+ok: [WIN-1] => {
+    "msg": "WIN-1 installation took 21 minutes"
+}
+
+TASK [Deleting all temporary files in the stagging location on "ansible.lj.lab"] ************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Deleting created ISO file in the web server directory on "ansible.lj.lab"] ************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Unmounting original ISO file on "ansible.lj.lab"] *************************************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Collecting product_id found in install.xml file of the HPE iSUT package] **************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Collecting product_id found in install.xml file of the HPE AMS package] ***************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+PLAY [Creating a DNS record for the bare metal Windows Server] ******************************************************************************************************************************************
+
+TASK [Adding "WIN-1" with "192.168.3.175" on "dc.lj.lab" in "lj.lab" DNS domain] ************************************************************************************************************************
+changed: [WIN-1 -> dc.lj.lab]
+
+PLAY [Installing HPE iSUT and HPE AMS on the server for online installation of HPE drivers for Windows Server] ******************************************************************************************
+
+TASK [Copying HPE iSUT package file to WIN-1] ***********************************************************************************************************************************************************
+changed: [WIN-1]
+
+TASK [Copying HPE AMS package file to WIN-1] ************************************************************************************************************************************************************
+changed: [WIN-1]
+
+TASK [Installing Integrated Smart Update Tools] *********************************************************************************************************************************************************
+ok: [WIN-1]
+
+TASK [Installing HPE Agentless Management Service] ******************************************************************************************************************************************************
+ok: [WIN-1]
 
+TASK [Configuring iSUT mode to allow OS driver updates via HPE OneView Server Profile] ******************************************************************************************************************
+changed: [WIN-1]
+
+TASK [debug] ********************************************************************************************************************************************************************************************
+ok: [WIN-1] => {
+    "msg": "Set Mode: autodeploy\r\nService will be registered and started\r\nSUT Service started successfully\r\nRegistration successful\r\n"
+}
+
+TASK [Updating Server Profile to enable Firmware and OS Drivers using SUT] ******************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [debug] ********************************************************************************************************************************************************************************************
+ok: [WIN-1] => {
+    "msg": "Server profile updated"
+}
+
+TASK [Joining domain lj.lab] ****************************************************************************************************************************************************************************
+changed: [WIN-1]
+
+TASK [Monitoring SUT status for 'reboot the system' message] ********************************************************************************************************************************************
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (50 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (49 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (48 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (47 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (46 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (45 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (44 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (43 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (42 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (41 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (40 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (39 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (38 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (37 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (36 retries left).
+FAILED - RETRYING: Monitoring SUT status for 'reboot the system' message (35 retries left).
+ok: [WIN-1 -> localhost]
+
+TASK [Rebooting host for the HPE drivers/firmware activation and waiting for it to restart] *************************************************************************************************************
+changed: [WIN-1]
+
+TASK [Displaying install completed message] *************************************************************************************************************************************************************
+ok: [WIN-1] => {
+    "msg": [
+        "WIN-1.lj.lab Installation completed !",
+        "OS is configured and running with HPE OS drivers."
+    ]
+}
+
+PLAY RECAP **********************************************************************************************************************************************************************************************
+WIN-1                      : ok=40   changed=24   unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   
+
+```
+
+## Output sample of RHEL bare metal unprovisioning playbook 
+```
+ansible-playbook -i hosts WIN_unprovision.yml 
+
+PLAY [Deleting provisioned Windows Server compute module(s)] ********************************************************************************************************
+
+TASK [Getting server profile "WIN-1" information] *******************************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+TASK [Powering off server hardware "Frame4, bay 3"] *****************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Deleting server profile "WIN-1"] ******************************************************************************************************************************
+changed: [WIN-1 -> localhost]
+
+TASK [Result of the task to delete the server profile] **************************************************************************************************************
+ok: [WIN-1] => {
+    "msg": "Deleted profile"
+}
+
+TASK [Removing WIN-1 SSH key] ***************************************************************************************************************************************
+ok: [WIN-1 -> localhost]
+
+PLAY [Removing the DNS record for "{{ inventory_hostname }}"] *******************************************************************************************************
+
+TASK [Removing "192.168.3.175"" from "dc.lj.lab"] *******************************************************************************************************************
+changed: [WIN-1 -> dc.lj.lab]
+
+PLAY RECAP **********************************************************************************************************************************************************
+WIN-1                      : ok=6    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
+```
 
 ## Thank you
 
diff --git a/vars/WIN_provisioning.yml b/vars/WIN_provisioning.yml
new file mode 100644
index 0000000..b629b06
--- /dev/null
+++ b/vars/WIN_provisioning.yml
@@ -0,0 +1,70 @@
+---
+# Host information is provided by the inventory hosts file
+# esxi_hostname: "ESXi-Ansible"
+# host_management_ip: "192.168.3.172"
+
+# Name of the HPE OneView Server Profile Template that we will use to generate the HPE OneView Server Profile
+server_template: "Windows BFS"
+
+domain: "lj.lab"
+gateway: "192.168.1.1"
+nameserver1: "192.168.2.1"
+nameserver2: "192.168.2.3"
+netmask: "255.255.252.0"
+
+# OS vendor ISO file information
+src_iso_url: "https://liogw.lj.lab/deployment/win2022-x64-en_us"
+src_iso_file: "en-us_windows_server_version_2022_updated_october_2021_x64_dvd_b6e25591.iso"
+
+# Directory on the Ansible control node where the source ISO will be copied:
+src_iso_directory: "/opt/winisosrc"
+
+# Folder located in <Ansible_project_dir>/files to store the autounattend.xml file
+# Use the template name: WIN_<version>. <version> is 2019, 2022, etc.
+windows_version: "WIN_2022"
+
+# Name of the kickstart file available in files/WIN_<version>
+unattend: "autounattend.xml"
+
+# Name of the HPE Packages founf in <Ansible_project_dir>/files
+AMS_package: "AMS-cp046676.exe"
+iSUT_package: "iSUT-cp048420.exe"
+
+###############################################################################################################################
+# unattended file customization
+
+# Windows Server Settings
+administrator_password: "xxxxxxxx"
+windows_key: "xxxxx-xxxxx-xxxxx-xxxxx-xxxxx"
+
+# Timezone
+# See https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/default-time-zones?view=windows-11#time-zones
+timezone: "W. Europe Standard Time"
+
+registered_owner: "Jullienl"
+registered_organization: "HPE"
+
+# Language pack, keyboard and time/currency format
+# See https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/hh825682(v=win.10)#default-keyboards
+# en-US - fr-FR - de-DE - es-ES, etc.
+input_local: "en-US"    # specifies the input language
+system_locale: "en-US"  # specifies the default language to use for non-Unicode programs.
+ui_language: "en-US"    # specifies the language that will be used as the default system language to display user interface
+user_locale: "en-US"    # specifies the per-user settings used for formatting dates, times, currency, and numbers
+
+# Windows version
+Image_name: "Windows Server 2022 SERVERDATACENTER"
+# Image_name: "Windows Server 2022 SERVERDATACENTERCORE"
+# Image_name: "Windows Server 2022 SERVERSTANDARD"
+# Image_name: "Windows Server 2022 SERVERSTANDARDCORE"
+
+# Do not show Server Manager at logon
+no_server_manager_at_logon: "true"
+
+# Enable Remote Desktop 
+remote_desktop: "true"
+
+###############################################################################################################################
+
+
+