ansible / ansible.builtin / v2.9.4 / module / win_domain_group_membership Manage Windows domain group membership | "added in version" 2.8 of ansible.builtin" Authors: Marius Rieder (@jiuka) preview | supported by communityansible.builtin.win_domain_group_membership (v2.9.4) — module
pip
Install with pip install ansible==2.9.4
Allows the addition and removal of domain users and domain groups from/to a domain group.
- name: Add a domain user/group to a domain group win_domain_group_membership: name: Foo members: - Bar state: present
- name: Remove a domain user/group from a domain group win_domain_group_membership: name: Foo members: - Bar state: absent
- name: Ensure only a domain user/group exists in a domain group win_domain_group_membership: name: Foo members: - Bar state: pure
- name: Add a computer to a domain group win_domain_group_membership: name: Foo members: - DESKTOP$ state: present
name: description: - Name of the domain group to manage membership on. required: true type: str state: choices: - absent - present - pure default: present description: - Desired state of the members in the group. - When C(state) is C(pure), only the members specified will exist, and all other existing members not specified are removed. type: str members: description: - A list of members to ensure are present/absent from the group. - The given names must be a SamAccountName of a user, group, service account, or computer. - For computers, you must add "$" after the name; for example, to add "Mycomputer" to a group, use "Mycomputer$" as the member. required: true type: list domain_server: description: - Specifies the Active Directory Domain Services instance to connect to. - Can be in the form of an FQDN or NetBIOS name. - If not specified then the value is based on the domain of the computer running PowerShell. type: str domain_password: description: - The password for I(username). type: str domain_username: description: - The username to use when interacting with AD. - If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation. type: str
added: description: A list of members added when C(state) is C(present) or C(pure); this is empty if no members are added. returned: success and C(state) is C(present) or C(pure) sample: - UserName - GroupName type: list members: description: A list of all domain group members at completion; this is empty if the group contains no members. returned: success sample: - UserName - GroupName type: list name: description: The name of the target domain group. returned: always sample: Domain-Admins type: str removed: description: A list of members removed when C(state) is C(absent) or C(pure); this is empty if no members are removed. returned: success and C(state) is C(absent) or C(pure) sample: - UserName - GroupName type: list