Nitrous
(Nitrous)
1
I am trying to figure out, how to run repadmin on the Domain controller itself:
- name: Sync Active Directory With New Changes
ansible.windows.win_shell: repadmin /syncall ‘{{ server.domain }}’ /AdeP
become: yes
become_method: runas
become_user: ‘{{ server.domain }}\username’
The above tries to run on the task server, that has the AD modules installed, but I would like to run the above on the domain
controller itself.
Would we use the delegate option and then specify the Domain controller? Thanks
Nitrous
(Nitrous)
2
This works from the ansible task server using powershell:
$password = “xxx” | ConvertTo-SecureString -asPlainText -Force
$username = “xx\xxxxx”
$credential = New-Object System.Management.Automation.PSCredential($username,$password)
Invoke-Command -ComputerName DC01 -credential $Credential -ScriptBlock { repadmin /syncall /AdeP }
How can I use the above to be able to use it using the ansible.windows.win_shell module, in ansible? Thanks
Nitrous
(Nitrous)
3
I managed to figure out how to do this, if anyone is interested, used invoke-command:
- name: Sync Active Directory With New Changes
ansible.windows.win_shell:
Invoke-Command -ComputerName ‘{{ server.dc }}’ -ScriptBlock { repadmin /syncall /AdeP }
become: yes
become_method: runas
vars:
ansible_become_user: ‘{{ server.domain }}\username of a domain admin account’
ansible_become_password: ‘{{ ansible_password }}’
become_user: “{{ server.domain }}\username of a domain admin account”