From b3af08c4e409f061ac8f97e5cd8644b053fb5115 Mon Sep 17 00:00:00 2001 From: MKletz Date: Wed, 23 Feb 2022 12:39:50 -0600 Subject: [PATCH] Active Directory playbooks (#6) AD playbooks --- README.md | 2 + collections/requirements.yml | 1 + windows/active_directory/create_ad_domain.yml | 34 ++++++++++++++++ .../helpdesk_new_user_portal.yml | 38 ++++++++++++++++++ windows/setup.yml | 40 +++++++++++++++++++ 5 files changed, 115 insertions(+) create mode 100644 windows/active_directory/create_ad_domain.yml create mode 100644 windows/active_directory/helpdesk_new_user_portal.yml diff --git a/README.md b/README.md index bc07e3a..73db4e0 100644 --- a/README.md +++ b/README.md @@ -39,3 +39,5 @@ Please push contributions via a pull request following the naming convention of - Extra vars: demo: + +4. If you require a Windows Active Directory domain you will need to run the "ACTIVE DIRECTORY / Create Active Directory domain" template after the Windows setup completes. This will create the "ansible.local" domain as well as a few generic users and groups. \ No newline at end of file diff --git a/collections/requirements.yml b/collections/requirements.yml index 7dabc2c..0641ebc 100644 --- a/collections/requirements.yml +++ b/collections/requirements.yml @@ -10,5 +10,6 @@ collections: - containers.podman #windows - chocolatey.chocolatey + - community.windows # - azure.azcollection diff --git a/windows/active_directory/create_ad_domain.yml b/windows/active_directory/create_ad_domain.yml new file mode 100644 index 0000000..36ec940 --- /dev/null +++ b/windows/active_directory/create_ad_domain.yml @@ -0,0 +1,34 @@ +--- +- name: Create Active Directory domain + hosts: "{{ HOSTS | default('windows') }}" + + tasks: + - name: Create new domain in a new forest on the target host + ansible.windows.win_domain: + dns_domain_name: ansible.local + safe_mode_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" + register: new_forest + + - name: Reboot the target host + ansible.windows.win_reboot: + reboot_timeout: 3600 + when: new_forest.reboot_required + + - name: Create some groups + community.windows.win_domain_group: + name: "{{ item.name }}" + scope: global + loop: + - { name: "GroupA" } + - { name: "GroupB" } + - { name: "GroupC" } + + - name: Create some users + community.windows.win_domain_user: + name: "{{ item.name }}" + groups: "{{ item.groups }}" + password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" + loop: + - { name: "UserA", groups: "GroupA" } + - { name: "UserB", groups: "GroupB" } + - { name: "UserC", groups: "GroupC" } diff --git a/windows/active_directory/helpdesk_new_user_portal.yml b/windows/active_directory/helpdesk_new_user_portal.yml new file mode 100644 index 0000000..58b1e52 --- /dev/null +++ b/windows/active_directory/helpdesk_new_user_portal.yml @@ -0,0 +1,38 @@ +--- +- name: Helpdesk new user portal + hosts: "{{ HOSTS | default('windows') }}" + + tasks: + - name: Setting host facts using complex arguments + set_fact: + temp_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" + # Example result: ['&Qw2|E[-'] + + - name: Create new user + community.windows.win_domain_user: + name: "{{ firstname }} {{ surname }}" + firstname: "{{ firstname }}" + surname: "{{ surname }}" + sam_account_name: "{{ firstname[0] }}{{ surname }}" + company: BobCo + password: "{{ temp_password }}" + state: present + groups: + - "GroupA" + - "GroupB" + street: 123 4th St. + city: Sometown + state_province: IN + postal_code: 12345 + country: US + attributes: + telephoneNumber: 555-123456 + register: new_user + + - name: Display User + debug: + var: new_user + + - name: Show temp password + debug: + var: temp_password diff --git a/windows/setup.yml b/windows/setup.yml index 2b0045b..7e47a47 100644 --- a/windows/setup.yml +++ b/windows/setup.yml @@ -163,3 +163,43 @@ controller_templates: choices: - 'Running' - 'Stopped' + + - name: "ACTIVE DIRECTORY / Create Active Directory domain" + job_type: run + inventory: "Workshop Inventory" + project: "Ansible official demo project" + playbook: "windows/active_directory/create_ad_domain.yml" + execution_environment: Default execution environment + credentials: + - "Workshop Credential" + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Server Name or Pattern + type: text + variable: HOSTS + required: false + + - name: "ACTIVE DIRECTORY / Helpdesk new user portal" + job_type: run + inventory: "Workshop Inventory" + project: "Ansible official demo project" + playbook: "windows/active_directory/helpdesk_new_user_portal.yml" + execution_environment: Default execution environment + credentials: + - "Workshop Credential" + survey_enabled: true + survey: + name: '' + description: '' + spec: + - question_name: Firstname + type: text + variable: firstname + required: true + - question_name: Surname + type: text + variable: surname + required: true