From aa2d8f73504202ea7e3fb4d41983d1d9420c1a37 Mon Sep 17 00:00:00 2001
From: "mhorak@totalservice.cz" <mhorak@totalservice.cz>
Date: Mon, 8 Sep 2025 16:39:19 +0200
Subject: [PATCH] version 3.3

---
 patch-dc-controllers.yaml | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/patch-dc-controllers.yaml b/patch-dc-controllers.yaml
index bd1091b..fa36393 100644
--- a/patch-dc-controllers.yaml
+++ b/patch-dc-controllers.yaml
@@ -1,33 +1,29 @@
 ---
-- name: Patch DCs via JEA (minimal allowed cmdlets)
+- name: Patch DCs via JEA 
   hosts: domain_controllers
   gather_facts: no
 
   tasks:
     - name: List available updates
       ansible.windows.win_powershell:
-        script: |
-          Get-WindowsUpdate -MicrosoftUpdate -AcceptAll -IgnoreReboot
+        Get-WindowsUpdate -MicrosoftUpdate -AcceptAll -IgnoreReboot
       register: available_updates
       changed_when: false
 
-    - name: Install updates (no reboot yet)
+    - name: Install updates
       ansible.windows.win_powershell:
-        script: |
-          Install-WindowsUpdate -MicrosoftUpdate -AcceptAll -IgnoreReboot -Verbose
+        Install-WindowsUpdate -MicrosoftUpdate -AcceptAll -IgnoreReboot -Verbose
       register: install_result
 
     - name: Reboot if required
       ansible.windows.win_powershell:
-        script: |
-          Restart-Computer -Force
+        Restart-Computer -Force
       async: 1
       poll: 0
 
     - name: Check update history
       ansible.windows.win_powershell:
-        script: |
-          Get-WUHistory | Select-Object -First 5
+        Get-WUHistory | Select-Object -First 5
       register: wu_history
       changed_when: false