I don’t see a way to do this via the module, but I may be missing something obvious.
The current process creates an AD computer object for a linux machine with a one time initial password. Later a local process on said linux machine uses the OTP in a domain join command. I could change this process to be a push from ansible process, but trying to see if I can directly replace the powershell bit with ansible microsoft.ad.computer first.
I could also delegate a powershell command or shell task to a windows machine, but again, trying to see if the module can do it first.
When using the microsoft.ad.computer module, there is no direct equivalent to the -AccountPassword parameter found in the PowerShell New-ADComputer cmdlet. This limitation stems from the way Active Directory manages computer accounts. Specifically, when a computer account is created, it does not allow for a password to be assigned at that moment. Instead, the password for the account is automatically generated by Active Directory when the computer subsequently joins the domain.
If your goal is to replicate the functionality of New-ADComputer, you would typically create the computer account first and then manage its password through separate processes, which usually occur when the computer is actually joining the domain. This means that you cannot explicitly set the password during the account creation phase.
For scenarios where specific password policies or credential handling are necessary, you may need to explore alternative methods or scripts tailored to your unique requirements. This approach ensures that you are compliant with Active Directory’s security model while still achieving your objectives.