This is an interactive task for stopping & disabling the print spooler service on domain-joined Windows servers.
This should be done to protect servers from the PrintNightmare RCE vulnerability.
The task will integrate with Osirium PAM to get both the Active Directory & Windows server details.
Running this Playbook
- Click download playbook
- Import the downloaded file via the Playbooks page on PPA
- Build the playbook from the Edit & Build tab
- Run the playbook from the Preview & Deploy tab
What the Task Does
Once started, this task allows the operator to:
- Pick a PAM Appliance (if more than one exists in PPA)
- Choose an Active Directory domain to get servers from
- Select one or servers to operate against
PPA will then scan each server on the selected domain & do the following:
- Stop the spooler service if it is running
- Disable the spooler service
A summary will be displayed at the end to show which servers had the service running.
Powershell Remoting (WinRM)
This task uses Powershell Remoting over WinRM to connect to the Windows Server.
See this Microsoft article for more information on how to securely enable WinRM.
By default this playbook will:
- Use SSL when connecting to the Windows server
- Validate the Windows server certificate
You can change these settings on lines 9 & 10 of the playbook:
use_ssl: true validate_cert: true
Get PPA for free!
Start automating your estate with a free 30 day trial today. No signup required!Get PPA Express