win_domain_membership - Manage domain/workgroup membership for a Windows host¶

New in version 2.3.

Synopsis
Parameters
Examples
Return Values
Status
Maintenance
- Support
- Author

Synopsis ¶

Manages domain membership or workgroup membership for a Windows host. Also supports hostname changes.
This module may require subsequent use of the win_reboot action if changes are made.

Parameters ¶

Parameter	Choices/Defaults	Comments
dns_domain_name		When `state` is `domain`, the DNS name of the domain to which the targeted Windows host should be joined.
domain_admin_password		Password for the specified `domain_admin_user`.
domain_admin_user required		Username of a domain admin for the target domain (required to join or leave the domain).
domain_ou_path (added in 2.4)		The desired OU path for adding the computer object. This is only used when adding the target host to a domain, if it is already a member then it is ignored.
hostname		The desired hostname for the Windows host.
state	Choices: domain workgroup	Whether the target host should be a member of a domain or workgroup.
workgroup_name		When `state` is `workgroup`, the name of the workgroup that the Windows host should be in.

Examples ¶

# host should be a member of domain ansible.vagrant; module will ensure the hostname is mydomainclient
# and will use the passed credentials to join domain if necessary.
# Ansible connection should use local credentials if possible.
# If a reboot is required, the second task will trigger one and wait until the host is available.
- hosts: winclient
  gather_facts: no
  tasks:
  - win_domain_membership:
      dns_domain_name: ansible.vagrant
      hostname: mydomainclient
      domain_admin_user: testguy@ansible.vagrant
      domain_admin_password: password123!
      domain_ou_path: "OU=Windows,OU=Servers,DC=ansible,DC=vagrant"
      state: domain
    register: domain_state

  - win_reboot:
    when: domain_state.reboot_required



# Host should be in workgroup mywg- module will use the passed credentials to clean-unjoin domain if possible.
# Ansible connection should use local credentials if possible.
# The domain admin credentials can be sourced from a vault-encrypted variable
- hosts: winclient
  gather_facts: no
  tasks:
  - win_domain_membership:
      workgroup_name: mywg
      domain_admin_user: '{{ win_domain_admin_user }}'
      domain_admin_password: '{{ win_domain_admin_password }}'
      state: workgroup

Return Values ¶

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
reboot_required boolean	always	True if changes were made that require a reboot. Sample: True

Status ¶

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance ¶

This module is flagged as core which means that it is maintained by the Ansible Core Team. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Core Team, see here.

Support ¶

For more information about Red Hat’s support of this module, please refer to this Knowledge Base article

Author ¶

Matt Davis (@nitzmahone)

Hint

If you notice any issues in this documentation you can edit this document to improve it.