Hello All,
I’m using the ‘win_domain_group module’ in ansible 2.6 to add a newly created AD group (new_grp) to an existing AD group ( my_admins). It works, but instead of appending “new_grp” as a member of “my_admins” it removes all current members and adds only “new_group” . Does this module have an append option for attributes?
win_domain_group:
domain_server: “{{ domain_ctrl }}”
domain_username: “{{ domain_user }}”
domain_password: “{{ domain_pass }}”
name: “CN=my_admins,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
path: “{{ ldap_group_path }}”
category: security
scope: global
description: “My test group”
state: present
attributes:
member: “CN=new_grp,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
I can get it to work if I manually list all needed member groups like for the attribute like this?
win_domain_group:
…
…
state: present
attributes:
member:
- “CN=new_grp,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
- “CN=group1,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
- “CN=group2,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
- “CN=group3,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
But as I generate the list from a previous task I’d like to pass the member list as a variable like “{{ teams}}”
teams:
- “CN=new_grp,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
- “CN=group1,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
- “CN=group2,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
- “CN=group3,ou=user groups,ou=accounts,ou=xyz,DC=Lab,DC=local”
Using with_items: “{{ teams}}” , iterates through the list but the result only the last group as a member. Any suggestions on how I can get around this?