-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path01-windows-ad-setup.yml
62 lines (54 loc) · 1.79 KB
/
01-windows-ad-setup.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
---
- name: Deploy Windows Server AD
hosts: winserver
become: false
gather_facts: false
tasks:
- name: Ensure AD timezone matches IPA timezone.
community.windows.win_timezone:
timezone: "{{ winserver_timezone }}"
- name: Change the Window hostname
ansible.windows.win_hostname:
name: "server"
register: hostname
- name: Disable ms_tcpip6 for all Interfaces
community.windows.win_net_adapter_feature:
interface: '*'
state: disabled
component_id:
- ms_tcpip6
- name: Reboot server
ansible.windows.win_reboot:
msg: "Reboot after name and timezone changes."
pre_reboot_delay: 15
when: hostname.reboot_required
- name: Install AD feature
ansible.windows.win_feature:
name: AD-Domain-Services
include_management_tools: true
include_sub_features: true
state: present
- name: Install DNS feature and configure first AD Domain
microsoft.ad.domain:
install_dns: true
dns_domain_name: "{{ winserver_domain }}"
domain_netbios_name: "{{ winserver_netbios_name }}"
safe_mode_password: "{{ winserver_dsrm_password }}"
reboot: true
- name: Add IPA DNS forward zone
ansible.windows.win_shell: 'Add-DnsServerConditionalForwarderZone -Name "{{ ipaserver_domain }}" -MasterServers {{ ipaserver_ip }}'
register: result
failed_when: result.failed and "ResourceExists" not in result.stderr
changed_when: not result.failed
- name: Add jdoe test user.
microsoft.ad.user:
# 'name'' will be the user SAM account name and identity.
name: jdoe
firstname: John
surname: Doe
upn: "jdoe@{{ winserver_domain }}"
enabled: true
password_expired: false
password: SomeUS3Rpassword
update_password: on_create
state: present