New in version 2.3.
Parameter | Choices/Defaults | Comments |
---|---|---|
database_path
path
added in 2.5 |
The path to a directory on a fixed disk of the Windows host where the domain database will be created..
If not set then the default path is
%SYSTEMROOT%\NTDS . |
|
dns_domain_name
-
|
When
state is domain_controller , the DNS name of the domain for which the targeted Windows host should be a DC. |
|
domain_admin_password
-
/ required
|
Password for the specified
domain_admin_user . |
|
domain_admin_user
-
/ required
|
Username of a domain admin for the target domain (necessary to promote or demote a domain controller).
|
|
local_admin_password
-
|
Password to be assigned to the local
Administrator user (required when state is member_server ). |
|
read_only
boolean
added in 2.5 |
|
Whether to install the domain controller as a read only replica for an existing domain.
|
safe_mode_password
-
|
Safe mode password for the domain controller (required when
state is domain_controller ). |
|
site_name
-
added in 2.5 |
Specifies the name of an existing site where you can place the new domain controller.
This option is required when read_only is
yes . |
|
state
-
|
|
Whether the target host should be a domain controller or a member server.
|
sysvol_path
path
added in 2.5 |
The path to a directory on a fixed disk of the Windows host where the Sysvol folder will be created.
If not set then the default path is
%SYSTEMROOT%\SYSVOL . |
- name: ensure a server is a domain controller
win_domain_controller:
dns_domain_name: ansible.vagrant
domain_admin_user: testguy@ansible.vagrant
domain_admin_password: password123!
safe_mode_password: password123!
state: domain_controller
log_path: C:\ansible_win_domain_controller.txt
# ensure a server is not a domain controller
# note that without an action wrapper, in the case where a DC is demoted,
# the task will fail with a 401 Unauthorized, because the domain credential
# becomes invalid to fetch the final output over WinRM. This requires win_async
# with credential switching (or other clever credential-switching
# mechanism to get the output and trigger the required reboot)
- win_domain_controller:
domain_admin_user: testguy@ansible.vagrant
domain_admin_password: password123!
local_admin_password: password123!
state: member_server
log_path: C:\ansible_win_domain_controller.txt
- name: promote server as a read only domain controller
win_domain_controller:
dns_domain_name: ansible.vagrant
domain_admin_user: testguy@ansible.vagrant
domain_admin_password: password123!
safe_mode_password: password123!
state: domain_controller
read_only: yes
site_name: London
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
reboot_required
boolean
|
always |
True if changes were made that require a reboot.
Sample:
True
|
More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.
Hint
If you notice any issues in this documentation you can edit this document to improve it.