community / community.windows / 2.2.0 / module / win_domain_computer
Removed in 3.0.0
Reason:This module has been moved into the C(microsoft.ad) collection. | Alternative:Use the M(microsoft.ad.computer) module instead.
Manage computers in Active Directory
Authors: Daniel Sánchez Fábregas (@Daniel-Sanchez-Fabregas), Brian Scholer (@briantist)
Install with ansible-galaxy collection install community.windows:==2.2.0
collections: - name: community.windows version: 2.2.0
Create, read, update and delete computers in Active Directory using a windows bridge computer to launch New-ADComputer, Get-ADComputer, Set-ADComputer, Remove-ADComputer and Move-ADObject powershell commands.
- name: Add linux computer to Active Directory OU using a windows machine community.windows.win_domain_computer: name: one_linux_server sam_account_name: linux_server$ dns_hostname: one_linux_server.my_org.local ou: "OU=servers,DC=my_org,DC=local" description: Example of linux server enabled: yes state: present delegate_to: my_windows_bridge.my_org.local
- name: Remove linux computer from Active Directory using a windows machine community.windows.win_domain_computer: name: one_linux_server state: absent delegate_to: my_windows_bridge.my_org.local
- name: Provision a computer for offline domain join community.windows.win_domain_computer: name: newhost dns_hostname: newhost.ansible.local ou: 'OU=A great\, big organizational unit name,DC=ansible,DC=local' state: present offline_domain_join: yes odj_return_blob: yes register: computer_status delegate_to: windc.ansible.local
- name: Join a workgroup computer to the domain vars: target_blob_file: 'C:\ODJ\blob.txt' ansible.windows.win_shell: | $blob = [Convert]::FromBase64String('{{ computer_status.odj_blob }}') [IO.File]::WriteAllBytes('{{ target_blob_file }}', $blob) & djoin.exe --% /RequestODJ /LoadFile '{{ target_blob_file }}' /LocalOS /WindowsPath "%SystemRoot%"
- name: Restart to complete domain join ansible.windows.win_restart:
ou: description: - Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created. Required when I(state=present). - Special characters must be escaped, see L(Distinguished Names,https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ldap/distinguished-names) for details. type: str name: description: - Specifies the name of the object. - This parameter sets the Name property of the Active Directory object. - The LDAP display name (ldapDisplayName) of this property is name. required: true type: str state: choices: - absent - present default: present description: - Specified whether the computer should be C(present) or C(absent) in Active Directory. type: str enabled: default: true description: - Specifies if an account is enabled. - An enabled account requires a password. - This parameter sets the Enabled property for an account object. - This parameter also sets the ADS_UF_ACCOUNTDISABLE flag of the Active Directory User Account Control (UAC) attribute. type: bool managed_by: description: - The value to be assigned to the LDAP C(managedBy) attribute. - This value can be in the forms C(Distinguished Name), C(objectGUID), C(objectSid) or C(sAMAccountName), see examples for more details. type: str version_added: 1.3.0 version_added_collection: community.windows description: default: '' description: - Specifies a description of the object. - This parameter sets the value of the Description property for the object. - The LDAP display name (ldapDisplayName) for this property is description. type: str dns_hostname: description: - Specifies the fully qualified domain name (FQDN) of the computer. - This parameter sets the DNSHostName property for a computer object. - The LDAP display name for this property is dNSHostName. - Required when I(state=present). type: str domain_server: description: - Specifies the Active Directory Domain Services instance to connect to. - Can be in the form of an FQDN or NetBIOS name. - If not specified then the value is based on the domain of the computer running PowerShell. type: str odj_blob_path: description: - The path to the file where the BLOB will be saved. If omitted, a temporary file will be used. - If I(offline_domain_join=output) the file will be deleted after its contents are returned. - The parent directory for the BLOB file must exist; intermediate directories will not be created. domain_password: description: - The password for I(username). type: str domain_username: description: - The username to use when interacting with AD. - If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation. type: str sam_account_name: description: - Specifies the Security Account Manager (SAM) account name of the computer. - It maximum is 256 characters, 15 is advised for older operating systems compatibility. - The LDAP display name (ldapDisplayName) for this property is sAMAccountName. - If ommitted the value is the same as C(name). - Note that all computer SAMAccountNames need to end with a C($). - If C($) is omitted, it will be added to the end. type: str offline_domain_join: choices: - none - output - path default: none description: - Provisions a computer in the directory and provides a BLOB file that can be used on the target computer/image to join it to the domain while offline. - The C(none) value doesn't do any offline join operations. - C(output) returns the BLOB in output. The BLOB should be treated as secret (it contains the machine password) so use C(no_log) when using this option. - C(path) preserves the offline domain join BLOB file on the target machine for later use. The path will be returned. - If the computer already exists, no BLOB will be created/returned, and the module will operate as it would have without offline domain join. type: str
djoin: contains: invocation: description: The full command line used to call djoin.exe returned: always sample: djoin.exe /PROVISION /MACHINE compname /MACHINEOU OU=Hosts,DC=ansible,DC=local /DOMAIN ansible.local /SAVEFILE blobfile.txt type: str rc: description: The return code from djoin.exe returned: when not check mode sample: 87 type: int stderr: description: The stderr from djoin.exe returned: when not check mode sample: Invalid input parameter combination. type: str stdout: description: The stdout from djoin.exe returned: when not check mode sample: Computer provisioning completed successfully. type: str description: Information about the invocation of djoin.exe. returned: when offline_domain_join is True and the computer didn't exist type: dict odj_blob: description: - The offline domain join BLOB. This is an empty string when in check mode or when offline_domain_join is 'path'. - This field contains the base64 encoded raw bytes of the offline domain join BLOB file. returned: when offline_domain_join is not 'none' and the computer didn't exist sample: <a long base64 string> type: str odj_blob_file: description: The path to the offline domain join BLOB file on the target host. If odj_blob_path was specified, this will match that path. returned: when offline_domain_join is 'path' and the computer didn't exist sample: C:\Users\admin\AppData\Local\Temp\e4vxonty.rkb type: str