win_domain_computer – Manage computers in Active Directory¶
New in version 2.6.
Synopsis¶
Create, read, update and delete computers in Active Directory using a windows bridge computer to launch New-ADComputer, Get-ADComputer, Set-ADComputer, Remove-ADComputer and Move-ADObject powershell commands.
Parameters¶
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
description
string
|
Default: ""
|
Specifies a description of the object.
This parameter sets the value of the Description property for the object.
The LDAP display name (ldapDisplayName) for this property is description.
|
|
dns_hostname
string
|
Specifies the fully qualified domain name (FQDN) of the computer.
This parameter sets the DNSHostName property for a computer object.
The LDAP display name for this property is dNSHostName.
Required when state=present.
|
|
|
domain_password
string
added in 2.8 |
The password for username.
|
|
|
domain_server
string
added in 2.8 |
Specifies the Active Directory Domain Services instance to connect to.
Can be in the form of an FQDN or NetBIOS name.
If not specified then the value is based on the domain of the computer running PowerShell.
|
|
|
domain_username
string
added in 2.8 |
The username to use when interacting with AD.
If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation.
|
|
|
enabled
boolean
|
|
Specifies if an account is enabled.
An enabled account requires a password.
This parameter sets the Enabled property for an account object.
This parameter also sets the ADS_UF_ACCOUNTDISABLE flag of the Active Directory User Account Control (UAC) attribute.
|
|
name
string
/ required
|
Specifies the name of the object.
This parameter sets the Name property of the Active Directory object.
The LDAP display name (ldapDisplayName) of this property is name.
|
|
|
ou
string
|
Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created. Required when state=present.
|
|
|
sam_account_name
string
|
Specifies the Security Account Manager (SAM) account name of the computer.
It maximum is 256 characters, 15 is advised for older operating systems compatibility.
The LDAP display name (ldapDisplayName) for this property is sAMAccountName.
If ommitted the value is the same as
name.Note that all computer SAMAccountNames need to end with a $.
|
|
|
state
string
|
|
Specified whether the computer should be
present or absent in Active Directory. |
See Also¶
See also
- win_domain – Ensures the existence of a Windows domain
The official documentation on the win_domain module.
- win_domain_controller – Manage domain controller/member server state for a Windows host
The official documentation on the win_domain_controller module.
- win_domain_group – Creates, modifies or removes domain groups
The official documentation on the win_domain_group module.
- win_domain_membership – Manage domain/workgroup membership for a Windows host
The official documentation on the win_domain_membership module.
- win_domain_user – Manages Windows Active Directory user accounts
The official documentation on the win_domain_user module.
Examples¶
- name: Add linux computer to Active Directory OU using a windows machine
win_domain_computer:
name: one_linux_server.my_org.local
sam_account_name: linux_server
dns_hostname: one_linux_server.my_org.local
ou: "OU=servers,DC=my_org,DC=local"
description: Example of linux server
enabled: yes
state: present
delegate_to: my_windows_bridge.my_org.local
- name: Remove linux computer from Active Directory using a windows machine
win_domain_computer:
name: one_linux_server.my_org.local
state: absent
delegate_to: my_windows_bridge.my_org.local
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]