In this blog post, we will learn how to promote a Windows server, member server to be a domain controller using Ansible.
The reason Ansible is a good tool to manage Windows server and Active Directory is that everything is documented and can be tracked easily compared to using PowerShell scripts.
Playbook
The following playbook will promote a Windows member server to be a domain controller in an existing forest. Make sure that the service account that you are using is a member of the Enterprise Admins group, Scheme Admins and Domain Admins. You also need to provide the username, domain name and password of the user.
--- - name: "Promote to DC" hosts: memberservers tasks: - name: "Setup DC" win_domain_controller: dns_domain_name: corp.enterprise.local domain_admin_user: ansible@corp.enterprise.local domain_admin_password: password safe_mode_password: password state: domain_controller
The result will see the server become a domain controller. The process should take a few minutes.