/
create_domain.yml
65 lines (59 loc) · 2.23 KB
/
create_domain.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
---
- name: create_domain | configuring samba
template:
src: etc/krb5.conf.j2
dest: /etc/krb5.conf
owner: root
group: root
mode: 0644
become: true
notify:
- restart nmbd
- restart smbd
- restart samba-ad-dc
- name: create_domain | checking if domain created
stat:
path: /var/log/.samba_ad_created
register: samba_ad_created_check
- name: create_domain | configuring Active Directory
shell: "samba-tool domain provision --realm={{ samba_ad_info['kerberos_realm']|upper }} --domain={{ samba_ad_info['netbios_domain_name']|upper }} --adminpass='{{ samba_ad_info['adminpass'] }}' --server-role='domain controller' --use-rfc2307"
become: true
register: samba_ad_created
when: >
not samba_ad_created_check['stat']['exists'] and
(samba_create_domain_controller is defined and
samba_create_domain_controller) and
samba_server_role == "active directory domain controller" and
inventory_hostname == samba_primary_domain_controller
- name: create_domain | marking domain as created
file:
dest: /var/log/.samba_ad_created
state: touch
become: true
register: _samba_domain_created
when: >
samba_ad_created['changed'] and
not samba_ad_created_check['stat']['exists'] and
inventory_hostname == samba_primary_domain_controller
- name: create_domain | Setting Fact For Domain Creation Status For Primary Domain Controller
set_fact:
_samba_domain_exists: true
when: >
inventory_hostname == samba_primary_domain_controller and
(samba_ad_created_check['stat']['exists'] or
_samba_domain_created['changed'])
- name: create_domain | Setting Fact For Domain Creation Status For Non Primary Domain Controller
set_fact:
_samba_domain_exists: true
when: >
hostvars[samba_primary_domain_controller]['_samba_domain_exists'] and
inventory_hostname in groups[samba_domain_controllers_group] and
inventory_hostname != samba_primary_domain_controller
- name: create_domain | marking domain as created
file:
dest: /var/log/.samba_ad_created
state: touch
become: true
when: >
hostvars[inventory_hostname]['_samba_domain_exists'] and
not samba_ad_created_check['stat']['exists']