Try SpotterManage computers in Active Directory
| "added in version" 2.6 of ansible.builtin"
Authors: Daniel Sánchez Fábregas (@Daniel-Sanchez-Fabregas)
preview | supported by community
pipInstall with pip install ansible==2.9.27
Create, read, update and delete computers in Active Directory using a windows bridge computer to launch New-ADComputer, Get-ADComputer, Set-ADComputer, Remove-ADComputer and Move-ADObject powershell commands.
- name: Add linux computer to Active Directory OU using a windows machine
win_domain_computer:
name: one_linux_server.my_org.local
sam_account_name: linux_server$
dns_hostname: one_linux_server.my_org.local
ou: "OU=servers,DC=my_org,DC=local"
description: Example of linux server
enabled: yes
state: present
delegate_to: my_windows_bridge.my_org.local
- name: Remove linux computer from Active Directory using a windows machine
win_domain_computer:
name: one_linux_server.my_org.local
state: absent
delegate_to: my_windows_bridge.my_org.local
ou:
description:
- Specifies the X.500 path of the Organizational Unit (OU) or container where the
new object is created. Required when I(state=present).
type: str
name:
description:
- Specifies the name of the object.
- This parameter sets the Name property of the Active Directory object.
- The LDAP display name (ldapDisplayName) of this property is name.
required: true
type: str
state:
choices:
- absent
- present
default: present
description:
- Specified whether the computer should be C(present) or C(absent) in Active Directory.
type: str
enabled:
default: true
description:
- Specifies if an account is enabled.
- An enabled account requires a password.
- This parameter sets the Enabled property for an account object.
- This parameter also sets the ADS_UF_ACCOUNTDISABLE flag of the Active Directory
User Account Control (UAC) attribute.
type: bool
description:
default: ''
description:
- Specifies a description of the object.
- This parameter sets the value of the Description property for the object.
- The LDAP display name (ldapDisplayName) for this property is description.
type: str
dns_hostname:
description:
- Specifies the fully qualified domain name (FQDN) of the computer.
- This parameter sets the DNSHostName property for a computer object.
- The LDAP display name for this property is dNSHostName.
- Required when I(state=present).
type: str
domain_server:
description:
- Specifies the Active Directory Domain Services instance to connect to.
- Can be in the form of an FQDN or NetBIOS name.
- If not specified then the value is based on the domain of the computer running PowerShell.
type: str
version_added: '2.8'
version_added_collection: ansible.builtin
domain_password:
description:
- The password for I(username).
type: str
version_added: '2.8'
version_added_collection: ansible.builtin
domain_username:
description:
- The username to use when interacting with AD.
- If this is not set then the user Ansible used to log in with will be used instead
when using CredSSP or Kerberos with credential delegation.
type: str
version_added: '2.8'
version_added_collection: ansible.builtin
sam_account_name:
description:
- Specifies the Security Account Manager (SAM) account name of the computer.
- It maximum is 256 characters, 15 is advised for older operating systems compatibility.
- The LDAP display name (ldapDisplayName) for this property is sAMAccountName.
- If ommitted the value is the same as C(name).
- Note that all computer SAMAccountNames need to end with a $.
type: str