WINDOWS / AD / Join Domain (#67)

2023-06-05 10:42:40 -05:00
parent 4d34ea9823
commit c0d4493326
4 changed files with 62 additions and 4 deletions
--- a/cloud/README.md
+++ b/cloud/README.md
@@ -40,7 +40,7 @@ After running the setup job template, there are a few steps required to make the

 ### Add Workshop Credential Password

-1) Add the password used to login to Controller. This allows you to connect to Windows Servers provisioned with Create VM job. Required until [RFE](https://github.com/ansible/workshops/issues/1597]) is complete
+1) Add a password that meets the [default complexity requirements](https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements#reference). This allows you to connect to Windows Servers provisioned with Create VM job. Required until [RFE](https://github.com/ansible/workshops/issues/1597]) is complete

 ### Remove Inventory Variables

--- a/windows/README.md
+++ b/windows/README.md
@@ -19,11 +19,14 @@ This category of demos shows examples of Windows Server operations and managemen
 - [**WINDOWS / Arbitrary Powershell**](arbitrary_powershell.yml) - Run given Powershell script (default: retrieve cat fact from API)
 - [**WINDOWS / Powershell Script**](powershell_script.yml) - Run a Powershell script stored in source control to query services
 - [**WINDOWS / Powershell DSC configuring password requirements**](powershell_dsc.yml) - Configure password complexity with Powershell desired state config
- [**WINDOWS / Create Active Directory Domain**](active_directory/create_ad_domain.yml) - Create a new AD Domain
- [**WINDOWS / Helpdesk new user portal**](active_directory/helpdesk_new_user_portal.yml) - Create user in AD Domain
+- [**WINDOWS / Create Active Directory Domain**](create_ad_domain.yml) - Create a new AD Domain
+- [**WINDOWS / Helpdesk new user portal**](helpdesk_new_user_portal.yml) - Create user in AD Domain
+- [**WINDOWS / Join Active Directory Domain**](join_ad_domain.yml) - Join computer to AD Domain

 ## Suggested Usage

 **WINDOWS / Create Active Directory Domain** - This job can take some to complete. It is recommended to run ahead of time if you would like to demo creating a helpdesk user.

 **WINDOWS / Helpdesk new user portal** - This job is dependant on the Create Active Directory Domain completing before users can be created.
+
+**WINDOWS / Join Active Directory Domain** - This job is dependant on the Create Active Directory Domain completing before computers can be joined.
--- a/windows/join_ad_domain.yml
+++ b/windows/join_ad_domain.yml
@@ -0,0 +1,30 @@
+---
+- name: Join Active Directory domain
+  hosts: "{{ _hosts | default(omit) }}"
+  gather_facts: false
+
+  tasks:
+    - name: Set a single address on the adapter named Ethernet
+      ansible.windows.win_dns_client:
+        adapter_names: 'Ethernet*'
+        dns_servers: "{{ hostvars[domain_controller]['private_ip_address'] }}"
+
+    - name: Ensure Demo OU exists
+      delegate_to: "{{ domain_controller }}"
+      community.windows.win_domain_ou:
+        name: Demo
+        state: present
+
+    - name: Join ansible.local domain
+      register: r_domain_membership
+      ansible.windows.win_domain_membership:
+        dns_domain_name: ansible.local
+        hostname: "{{ inventory_hostname }}"
+        domain_admin_user: "{{ ansible_user }}@ansible.local"
+        domain_admin_password: "{{ ansible_password }}"
+        domain_ou_path: "OU=Demo,DC=ansible,DC=local"
+        state: domain
+
+    - name: Reboot windows machine
+      when: r_domain_membership.reboot_required
+      ansible.windows.win_reboot:
--- a/windows/setup.yml
+++ b/windows/setup.yml
@@ -202,7 +202,7 @@ controller_templates:
          variable: _hosts
          required: false

-  - name: "WINDOWS / AD /Create Domain"
+  - name: "WINDOWS / AD / Create Domain"
    job_type: run
    inventory: "Workshop Inventory"
    project: "Ansible official demo project"
@@ -222,6 +222,31 @@ controller_templates:
          variable: _hosts
          required: false

+  - name: "WINDOWS / AD / Join Domain"
+    job_type: run
+    inventory: "Workshop Inventory"
+    project: "Ansible official demo project"
+    playbook: "windows/join_ad_domain.yml"
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    credentials:
+      - "Workshop Credential"
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Server Name or Pattern
+          type: text
+          variable: _hosts
+          required: true
+        - question_name: Domain Controller Inventory Hostname
+          type: text
+          variable: domain_controller
+          required: true
+          description: Inventory hostname for domain controller previously established using the Create Domain template
+
  - name: "WINDOWS / AD / New User"
    job_type: run
    inventory: "Workshop Inventory"