After making a new domain, and adding a server to it, cant promote that server to domain controller.
heres how im trying, - hosts: domaincontrollers[1:] tasks: - name: set dns for other domain controllers win_dns_client: adapter_names: '*' ipv4_addresses: #- "{{ hostvars[item]['ansible_facts']['ip_addresses'][2] }}" - 10.6.5.10 - 1.1.1.1 # loop: "{{ groups['domaincontrollers'] }}" - name: join the domain win_domain_membership: dns_domain_name: foo.local hostname: "{{inventory_hostname}}" domain_admin_user: foo\dom domain_admin_password: A1!vagrant state: domain register: dmout - win_reboot: when: dmout.reboot_required - name: make domain controllers win_domain_controller: dns_domain_name: foo.local domain_admin_user: foo\dom domain_admin_password: A1!vagrant safe_mode_password: A1!vagrant state: domain_controller register: newdc - name: reboot for new settings win_reboot: test_command: 'exit (Get-Service -Name Netlogon).Status -ne "Running"' post_reboot_delay: 600 when: newdc.reboot_required and heres the error, TASK [Gathering Facts] ************************************************************************************** ok: [domain1] TASK [set dns for other domain controllers] ***************************************************************** ok: [domain1] TASK [join the domain] ************************************************************************************** ok: [domain1] TASK [win_reboot] ******************************************************************************************* skipping: [domain1] TASK [make domain controllers] ****************************************************************************** An exception occurred during task execution. To see the full traceback, use -vvv. The error was: at <ScriptBlock>, <No file>: line 214 fatal: [domain1]: FAILED! => {"changed": false, "msg": "Unhandled exception while executing module: Verification of user credential permissions failed. An Active Directory domain controller for the domain \"foo.local\" could not be contacted.\r\n\r\nEnsure that you supplied the correct DNS domain name.\r\n\r\n\r\n"} PLAY RECAP ************************************************************************************************** domain0 : ok=3 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 domain1 : ok=3 changed=0 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0 the one change on domain0 is making the new domain admin, which is always redone (setting its password) domain1 is on the domain, can log in "dom", and can ping domain0.foo.local -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/eba016ba-c131-4ea6-b4dd-51d843b50883%40googlegroups.com.