--- - name: Create Active Directory domain hosts: "{{ _hosts | default('os_windows') }}" gather_facts: false tasks: - name: Set Local Admin Password ansible.windows.win_user: name: Administrator password: "{{ ansible_password }}" - name: Create new domain in a new forest on the target host ansible.windows.win_domain: dns_domain_name: ansible.local safe_mode_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" notify: - Reboot host - Wait for AD services - Reboot again - Wait for AD services again - name: Flush handlers ansible.builtin.meta: flush_handlers - name: Create some groups community.windows.win_domain_group: name: "{{ item.name }}" scope: global loop: - name: "GroupA" - name: "GroupB" - name: "GroupC" retries: 5 delay: 10 - name: Create some users community.windows.win_domain_user: name: "{{ item.name }}" groups: "{{ item.groups }}" password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" update_password: on_create loop: - name: "UserA" groups: "GroupA" - name: "UserB" groups: "GroupB" - name: "UserC" groups: "GroupC" retries: 5 delay: 10 handlers: - name: Reboot host ansible.windows.win_reboot: reboot_timeout: 3600 - name: Wait for AD services community.windows.win_wait_for_process: process_name_exact: Microsoft.ActiveDirectory.WebServices pre_wait_delay: 60 state: present timeout: 600 sleep: 10 - name: Reboot again ansible.windows.win_reboot: reboot_timeout: 3600 - name: Wait for AD services again community.windows.win_wait_for_process: process_name_exact: Microsoft.ActiveDirectory.WebServices pre_wait_delay: 60 state: present timeout: 600 sleep: 10