diff --git a/sio2/ct-ansible/hosts b/sio2/ct-ansible/hosts
new file mode 100644
index 0000000..0f7c417
--- /dev/null
+++ b/sio2/ct-ansible/hosts
@@ -0,0 +1,4 @@
+[user]
+srv
+
+
diff --git a/sio2/ct-ansible/utilisateur.yml b/sio2/ct-ansible/utilisateur.yml
new file mode 100644
index 0000000..c3bbe4d
--- /dev/null
+++ b/sio2/ct-ansible/utilisateur.yml
@@ -0,0 +1,36 @@
+---
+- hosts: srv
+  vars:
+    password: Azerty1+
+  tasks:
+
+    - name: creation de l'utilisateur sioadm
+      user:
+        name: sioadm
+        state: present
+        generate_ssh_key: yes
+        uid: 1200
+        groups: sudo
+        append: yes
+        password: "{{ 'Azerty1+' | password_hash('sha512') }}"
+      
+    - name: desinstallation du paquet wpasupplicant
+      apt:
+         name: wpasupplicant
+         state: absent
+
+    - name: desinstallation du paquet rpcbind
+      apt:
+         name: rpcbind
+         state: absent
+
+    - name: copie du fichier /etc/resolv.conf
+      copy:
+        src: resolv.conf
+        dest: /etc/resolv.conf
+
+    - name: ajout de la ligne PermitRootLogin prohibit-password dans /etc/ssh/sshd_config
+      lineinfile:
+        path: /etc/ssh/sshd_config
+        line: 'PermitRootLogin prohibit-password'
+        create: yes