Skip to content
Snippets Groups Projects
Select Git revision
  • 60452dcecd0e93bc103f2f8cedaa1684d40f2893
  • master default protected
  • md-export
  • th/mail
  • 179-einladungen-zum-aushaengen-drucken
5 results

8fdd381e6a2a_.py

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    main.yml 3.35 KiB
    ---
    # file: roles/ad-server/tasks/main.yml
    
    - import_tasks: kerberos.yml
    
    - name: ensure ad-server is installed
      apt:
        name: samba
        state: present
      tags:
        - ad-server
    
    - name: ensure winbind is for some reasons installed
      apt:
        name: winbind
        state: present
      tags:
        - ad-server
    
    - name: figure out if domain is provisioned
      stat:
        path: "/var/lib/samba/sysvol/{{ domain }}"
      register: domain_provisioned
      tags:
        - ad-server
        - domain-provision
    
    - block:
        - name: ensure smb.conf is absent for provision
          file:
            path: /etc/samba/smb.conf
            state: absent
          tags:
            - ad-server
            - domain-provision
    
        - name: ensure pexpect is installed
          apt:
            name: python-pexpect
            state: present
          tags:
            - ad-server
            - domain-provision
          when: debian_version == "stretch"
    
        - name: ensure domain is provisioned
          expect:
            # yamllint disable-line rule:line-length
            shell: samba-tool domain join "{{ domain }}" DC -U"{{ domain }}/Administrator" --dns-backend=NONE --option="idmap_ldb:use rfc2307=yes" 2> /root/provision.log
            responses:
              "Password for.*": "{{ ad_admin_password_content }}"
          no_log: true
          tags:
            - ad-server
            - domain-provision
    
        - name: ensure the idmap library is exported
          command: tdbbackup -s .bak /var/lib/samba/private/idmap.ldb
          delegate_to: "{{ ad_primary }}"
          tags:
            - ad-server
            - domain-provision
    
        - name: ensure the idmap library is copied to secondary
          synchronize:
            src: /var/lib/samba/private/idmap.ldb.bak
            dest: /var/lib/samba/private/idmap.ldb
          delegate_to: "{{ ad_primary }}"
          tags:
            - ad-server