win_domain_membership - Manage domain/workgroup membership for a Windows host
New in version 2.3.
Synopsis
- Manages domain membership or workgroup membership for a Windows host. Also supports hostname changes. This module may require subsequent use of the win_reboot action if changes are made.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| dns_domain_name | when state is domain, the DNS name of the domain to which the targeted Windows host should be joined | |
| domain_admin_password | password for the specified domain_admin_user
| |
| domain_admin_user required | username of a domain admin for the target domain (required to join or leave the domain) | |
| domain_ou_path (added in 2.4) | The desired OU path for adding the computer object. This is only used when adding the target host to a domain, if it is already a member then it is ignored. | |
| hostname | the desired hostname for the Windows host | |
| state |
| whether the target host should be a member of a domain or workgroup |
| workgroup_name | when state is workgroup, the name of the workgroup that the Windows host should be in |
Examples
# host should be a member of domain ansible.vagrant; module will ensure the hostname is mydomainclient
# and will use the passed credentials to join domain if necessary.
# Ansible connection should use local credentials if possible.
# If a reboot is required, the second task will trigger one and wait until the host is available.
- hosts: winclient
gather_facts: no
tasks:
- win_domain_membership:
dns_domain_name: ansible.vagrant
hostname: mydomainclient
domain_admin_user: [email protected]
domain_admin_password: password123!
domain_ou_path: "OU=Windows,OU=Servers,DC=ansible,DC=vagrant"
state: domain
register: domain_state
- win_reboot:
when: domain_state.reboot_required
# Host should be in workgroup mywg- module will use the passed credentials to clean-unjoin domain if possible.
# Ansible connection should use local credentials if possible.
# The domain admin credentials can be sourced from a vault-encrypted variable
- hosts: winclient
gather_facts: no
tasks:
- win_domain_membership:
workgroup_name: mywg
domain_admin_user: '{{ win_domain_admin_user }}'
domain_admin_password: '{{ win_domain_admin_password }}'
state: workgroup
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| reboot_required boolean | always | True if changes were made that require a reboot. Sample: True |
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Support
For more information about Red Hat’s support of this module, please refer to this Knowledge Base article
Author
- Matt Davis (@nitzmahone)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.5/modules/win_domain_membership_module.html