xpk
/
ansible.role.adcli
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
14 Commits 1 Branch 0 Tags 51 KiB
Go to file
xpk 3627595693
DOC: updated readme 		2020-05-29 18:36:50 +08:00
tasks FIX: netbios name fix 2020-03-12 13:41:38 +08:00
README.md DOC: updated readme 2020-05-29 18:36:50 +08:00

README.md

Ansible role for joining AD with adcli

URL: https://xpk.headdesk.me/git/xpk/role.adcli.git

Note that ad_netbios_name will default to inventory hostname if not supplied. That said, hostname must be specified in the inventory file.

Writes adcli output to /var/log/adcli.log

Set required variables in group_vars/all.yml

ad_domain: some-domain.tld
ad_dc1: 1.2.3.4
ad_dc2: 2.3.4.5
ad_joinusr: adjoin
ad_joinpw: xxx

Optional variable:

  • ad_sudoers_group
  • ad_netbios_name (note this is a host variable, useful when hostname is longer than the netbios limit of 15 characters)

Sample playbook utilizing this role

Here variables are set in the inventory. One may prefer setting the in group_vars/ so they can be encrypted

- name: Join stupid AD
  hosts: a-hostname-with-more-than-15-characters
  become: yes
  roles:
    - role: adcli

Sample inventory

a-hostname-with-more-than-15-characters ansible_host=192.168.1.101 ad_netbios_name=shorterMe

Pre-checks

Check that the target machines have access to AD controller on these ports: 53, 88, 389, 445. e.g.

nmap -p53,88,389,445 <ad controller ip>

Do a lookup for the SRV records

host -tsrv _ldap._tcp.dc._msdcs.DOMAIN <DC IP>

Adding this as a git submodule to your ansible home

git submodule add https://xpk.headdesk.me/git/xpk/role.adcli.git roles/adcli
git commit -S -m 'SUB: adcli submodule'
git push