After making a new domain, and adding a server to it, cant promote that
server to domain controller.
heres how im trying,
- hosts: domaincontrollers[1:]
tasks:
- name: set dns for other domain controllers
win_dns_client:
adapter_names: '*'
ipv4_addresses:
#- "{{ hostvars[item]['ansible_facts']['ip_addresses'][2] }}"
- 10.6.5.10
- 1.1.1.1
# loop: "{{ groups['domaincontrollers'] }}"
- name: join the domain
win_domain_membership:
dns_domain_name: foo.local
hostname: "{{inventory_hostname}}"
domain_admin_user: foo\dom
domain_admin_password: A1!vagrant
state: domain
register: dmout
- win_reboot:
when: dmout.reboot_required
- name: make domain controllers
win_domain_controller:
dns_domain_name: foo.local
domain_admin_user: foo\dom
domain_admin_password: A1!vagrant
safe_mode_password: A1!vagrant
state: domain_controller
register: newdc
- name: reboot for new settings
win_reboot:
test_command: 'exit (Get-Service -Name Netlogon).Status -ne
"Running"'
post_reboot_delay: 600
when: newdc.reboot_required
and heres the error,
TASK [Gathering Facts]
**************************************************************************************
ok: [domain1]
TASK [set dns for other domain controllers]
*****************************************************************
ok: [domain1]
TASK [join the domain]
**************************************************************************************
ok: [domain1]
TASK [win_reboot]
*******************************************************************************************
skipping: [domain1]
TASK [make domain controllers]
******************************************************************************
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: at <ScriptBlock>, <No file>: line 214
fatal: [domain1]: FAILED! => {"changed": false, "msg": "Unhandled exception
while executing module: Verification of user credential permissions failed.
An Active Directory domain controller for the domain \"foo.local\" could
not be contacted.\r\n\r\nEnsure that you supplied the correct DNS domain
name.\r\n\r\n\r\n"}
PLAY RECAP
**************************************************************************************************
domain0 : ok=3 changed=1 unreachable=0
failed=0 skipped=1 rescued=0 ignored=0
domain1 : ok=3 changed=0 unreachable=0
failed=1 skipped=1 rescued=0 ignored=0
the one change on domain0 is making the new domain admin, which is always
redone (setting its password)
domain1 is on the domain, can log in "dom", and can ping domain0.foo.local
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/eba016ba-c131-4ea6-b4dd-51d843b50883%40googlegroups.com.
