Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding backup dc to the root domain #67

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

adding backup dc to the root domain #67

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 23 additions & 2 deletions src/Vagrantfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,36 @@ Vagrant.configure("2") do |config|
:libvirt__dhcp_enabled => false,
:libvirt__network_address => '172.16.200.0/24',
:libvirt__forward_mode => 'route'

this.vm.provider :libvirt do |libvirt|
libvirt.memory = 4092

if defined?(libvirt.qemu_use_session)
libvirt.qemu_use_session = false
end
end
this.vm.provision "ansible" do |ansible|
ansible.inventory_path = "./ansible/inventory.yml"
ansible.playbook = "./ansible/playbook_vagrant.yml"
ansible.config_file = "./ansible/ansible.cfg"
end
end

config.vm.define "ad1" do |this|
this.vm.box = "peru/windows-server-2022-standard-x64-eval"
this.vm.hostname = "dc1"
this.vm.guest = :windows
this.vm.communicator = "winrm"
this.winrm.username = "Administrator"
this.vm.network "private_network",
:ip => "172.16.200.11",
:libvirt__dhcp_enabled => false,
:libvirt__network_address => '172.16.200.0/24',
:libvirt__forward_mode => 'route'
this.vm.provider :libvirt do |libvirt|
libvirt.memory = 4092
if defined?(libvirt.qemu_use_session)
libvirt.qemu_use_session = false
end
end
this.vm.provision "ansible" do |ansible|
ansible.inventory_path = "./ansible/inventory.yml"
ansible.playbook = "./ansible/playbook_vagrant.yml"
Expand Down
7 changes: 7 additions & 0 deletions src/ansible/group_vars/all
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,13 @@ service: {
safe_password: Secret123,
suffix: 'dc=ad,dc=test'
}
ad1: {
domain: ad.test,
hostname: 'dc1',
netbios: AD1,
safe_password: Secret123,
suffix: 'dc=ad,dc=test'
}
}

user_regular_uid: 1000
Expand Down
2 changes: 2 additions & 0 deletions src/ansible/inventory.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,8 @@ all:
hosts:
dc.ad.test:
ansible_host: 172.16.200.10
dc1.ad.test:
ansible_host: 172.16.200.11
vars:
ansible_connection: winrm
ansible_port: 5985
Expand Down
5 changes: 5 additions & 0 deletions src/ansible/playbook_vagrant.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,8 @@
gather_facts: yes
roles:
- { role: ad, enable_firewall: yes }

- hosts: dc1.ad.test
gather_facts: yes
roles:
- { role: ad, enable_firewall: yes, join_domain: yes }
2 changes: 1 addition & 1 deletion src/ansible/playbook_vm.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,4 +28,4 @@
- hosts: ad
gather_facts: yes
roles:
- { role: ad, skip_addc_install: yes, skip_dns: yes, ad_permanent_users: ['Administrator'] }
- { role: ad, skip_addc_install: yes, join_domain: no, skip_dns: yes, ad_permanent_users: ['Administrator'] }
8 changes: 6 additions & 2 deletions src/ansible/roles/ad/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,11 @@ ad_permanent_users:
skip_dns: no
# Skip installation of AD server
skip_addc_install: no
# Skip addition of sudo shcmea and possibly other ones
# Skip addition of sudo schema and possibly other ones
skip_schema: no
# Open firewall for all incomming traffic.
# Open firewall for all incoming traffic.
open_firewall: yes
# Sets the primary addc
primary_addc: yes
# Joins the domain as an additional addc.
join_domain: no
30 changes: 30 additions & 0 deletions src/ansible/roles/ad/tasks/install.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,37 @@
register: installation
args:
creates: 'C:\Windows\NTDS'
when: not join_domain

- name: Reboot machine
win_reboot:
when: installation.changed

- name: Join domain
win_domain_membership:
dns_domain_name: "{{ service.ad.domain }}"
domain_admin_user: "{{ ansible_user }}@{{ service.ad.domain }}"
domain_admin_password: "{{ service.ad.safe_password }}"
state: domain
register: join
when: join_domain

- name: reboot windows server
win_reboot:
when: join.changed

- name: 'Create new AD forest {{ service.ad.domain }}'
win_domain_controller:
dns_domain_name: "{{ service.ad.domain }}"
domain_admin_user: "{{ ansible_user }}@{{ meta_domain }}"
domain_admin_password: "{{ service.ad.safe_password }}"
safe_mode_password: "{{ service.ad.safe_password }}"
install_dns: true
state: domain_controller
register: installation
when: join_domain

- name: Reboot machine
win_reboot:
when: installation.reboot_required

2 changes: 2 additions & 0 deletions src/tools/setup-dns-files.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ sed -i '/client.test/d' /etc/hosts
sed -i '/nfs.test/d' /etc/hosts
sed -i '/kdc.test/d' /etc/hosts
sed -i '/dc.ad.test/d' /etc/hosts
sed -i '/dc1.ad.test/d' /etc/hosts

# Append the lines
echo "172.16.100.10 master.ipa.test" >> /etc/hosts
Expand All @@ -26,3 +27,4 @@ echo "172.16.100.40 client.test" >> /etc/hosts
echo "172.16.100.50 nfs.test" >> /etc/hosts
echo "172.16.100.60 kdc.test" >> /etc/hosts
echo "172.16.200.10 dc.ad.test" >> /etc/hosts
echo "172.16.200.11 dc1.ad.test" >> /etc/hosts
Loading