Create Organizational Units With Ansible on Active Directory

In this blog, I will show you how how to create Organizational Units in an Active Directory Domain using Ansible for Windows.

This post will build on the foundation of the series Manage Manage Windows Machines with Ansible that covers how to get started with Ansible and manage domain-joined machines with Ansible.

DSC Resource Kit

By default, Ansible comes with great modules for Windows however the native modules don’t come with a an option to create Organizational Units in Active Directory.

Luckily,  Ansible has a module called Win_Dsc that allows us to use PowerShell DSC with Ansible and in our case, we will tap into the DSC Resource Kit which include an Active Directory module.

Playbook

To help you get going and save you time, I’ve created a Playbook that will do the following tasks:

  1. Install the latest NuGet package provider which is needed for the DSC Resource Kit.
  2. Install the ActiveDirectoryDSC module
  3. Create an Organizational unit called newOU.

Note: In my case, I’m running these tasks against my Windows Active Directory Domain Controller.

---
-  name: "Create OU"
   hosts: windows
   tasks:
   - win_shell: install-packageprovider -name nuget -force
   - name: "Install XactiveDirectory"
     win_psmodule:
        name: ActiveDirectoryDSC
        state: present
   - name: "Create AU"
     win_dsc:
        resource_name: ADOrganizationalUnit
        name: "NewOU"
        path:  "dc=corp, dc=enterprise, dc=local"

Don’t forget to check the Manage Windows Machines With Ansible series:

Processing…
Success! You're on the list.

Posted

in

,

by