win_domain - Ensures the existence of a Windows domain.

New in version 2.3.


  • Ensure that the domain named by dns_domain_name exists and is reachable. If the domain is not reachable, the domain is created in a new forest on the target Windows Server 2012R2+ host. This module may require subsequent use of the win_reboot action if changes are made.


parameter required default choices comments
the DNS name of the domain which should exist and be reachable or reside on the target Windows host
safe mode password for the domain controller


# ensure the named domain is reachable from the target host; if not, create the domain in a new forest residing on the target host
- win_domain:
    dns_domain_name: ansible.vagrant
    safe_mode_password: password123!

Return Values

Common return values are documented here Return Values, the following are the fields unique to this module:

name description returned type sample
True if changes were made that require a reboot.
always boolean True


This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance Info

For more information about Red Hat’s this support of this module, please refer to this knowledge base article<>

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.