In this blog, I will show you how how to create Organizational Units in an Active Directory Domain using Ansible for Windows.
This post will build on the foundation of the series Manage Manage Windows Machines with Ansible that covers how to get started with Ansible and manage domain-joined machines with Ansible.
DSC Resource Kit
By default, Ansible comes with great modules for Windows however the native modules don’t come with a an option to create Organizational Units in Active Directory.
Luckily, Ansible has a module called Win_Dsc that allows us to use PowerShell DSC with Ansible and in our case, we will tap into the DSC Resource Kit which include an Active Directory module.
Playbook
To help you get going and save you time, I’ve created a Playbook that will do the following tasks:
- Install the latest NuGet package provider which is needed for the DSC Resource Kit.
- Install the ActiveDirectoryDSC module
- Create an Organizational unit called newOU.
Note: In my case, I’m running these tasks against my Windows Active Directory Domain Controller.
--- - name: "Create OU" hosts: windows tasks: - win_shell: install-packageprovider -name nuget -force - name: "Install XactiveDirectory" win_psmodule: name: ActiveDirectoryDSC state: present - name: "Create AU" win_dsc: resource_name: ADOrganizationalUnit name: "NewOU" path: "dc=corp, dc=enterprise, dc=local"
Don’t forget to check the Manage Windows Machines With Ansible series:
- Manage Windows Machines With Ansible – Basics and Active Directory Service Account – Part 1
- Manage Windows Machines With Ansible – Install WinRM – Part 2
- Manage Windows Machines with Ansible – Install and Configure Ansible – Part 3
- Create a Domain User With Playbooks and YAML– Part 4