win_domain_controller - Manage domain controller/member server state for a Windows host
New in version 2.3.
Synopsis
- Ensure that a Windows Server 2012+ host is configured as a domain controller or demoted to member server. This module may require subsequent use of the win_reboot action if changes are made.
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| dns_domain_name |
no |
when state is domain_controller, the DNS name of the domain for which the targeted Windows host should be a DC
|
||
| domain_admin_password |
yes |
password for the specified domain_admin_user
|
||
| domain_admin_user |
yes |
username of a domain admin for the target domain (necessary to promote or demote a domain controller)
|
||
| local_admin_password |
no |
password to be assigned to the local Administrator user (required when state is member_server)
|
||
| safe_mode_password |
no |
safe mode password for the domain controller (required when state is domain_controller)
|
||
| state |
no |
|
whether the target host should be a domain controller or a member server
|
Examples
# ensure a server is a domain controller
- hosts: winclient
gather_facts: no
tasks:
- win_domain_controller:
dns_domain_name: ansible.vagrant
domain_admin_user: testguy@ansible.vagrant
domain_admin_password: password123!
safe_mode_password: password123!
state: domain_controller
log_path: c:\ansible_win_domain_controller.txt
# ensure a server is not a domain controller
# note that without an action wrapper, in the case where a DC is demoted,
# the task will fail with a 401 Unauthorized, because the domain credential
# becomes invalid to fetch the final output over WinRM. This requires win_async
# with credential switching (or other clever credential-switching
# mechanism to get the output and trigger the required reboot)
- hosts: winclient
gather_facts: no
tasks:
- win_domain_controller:
domain_admin_user: testguy@ansible.vagrant
domain_admin_password: password123!
local_admin_password: password123!
state: member_server
log_path: c:\ansible_win_domain_controller.txt
Return Values
Common return values are documented here Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| reboot_required |
True if changes were made that require a reboot.
|
always | boolean | True |
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Maintenance Info
For more information about Red Hat’s this support of this module, please refer to this knowledge base article<https://access.redhat.com/articles/rhel-top-support-policies>
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/win_domain_controller_module.html