diff options
| author | heqnx <root@heqnx.com> | 2025-07-17 18:26:06 +0300 |
|---|---|---|
| committer | heqnx <root@heqnx.com> | 2025-07-17 18:26:06 +0300 |
| commit | f1898d96d08d4d06898f30fa5f6d9bf478ad06b7 (patch) | |
| tree | 1609a18ddd2e583e9c31bb139562110dcdafdcd6 /ansible/roles/dc02 | |
| parent | cbd285087e710a265bdddfb4521a39a57bc8702c (diff) | |
| download | ansible-active-directory-range-f1898d96d08d4d06898f30fa5f6d9bf478ad06b7.tar.gz ansible-active-directory-range-f1898d96d08d4d06898f30fa5f6d9bf478ad06b7.zip | |
cleaned up and refactored some ansible code, removed unused role tasks left by duplicating roles
Diffstat (limited to 'ansible/roles/dc02')
| -rw-r--r-- | ansible/roles/dc02/tasks/main.yaml | 3 | ||||
| -rw-r--r-- | ansible/roles/dc02/tasks/populate_ad.yaml | 7 | ||||
| -rw-r--r-- | ansible/roles/dc02/tasks/setup_defender_gpo.yaml | 5 | ||||
| -rw-r--r-- | ansible/roles/dc02/tasks/setup_domain.yaml | 2 | ||||
| -rw-r--r-- | ansible/roles/dc02/tasks/setup_tree_domain.yaml | 2 |
5 files changed, 8 insertions, 11 deletions
diff --git a/ansible/roles/dc02/tasks/main.yaml b/ansible/roles/dc02/tasks/main.yaml index 8cdafa8..d0ae664 100644 --- a/ansible/roles/dc02/tasks/main.yaml +++ b/ansible/roles/dc02/tasks/main.yaml @@ -23,6 +23,9 @@ - name: execute dc-wait-for-ready.ps1 import_tasks: wait_for_ready.yaml +- name: execute setup-gpo.ps1 as domain admin + import_tasks: setup_gpo.yaml + - name: execute setup-defender-gpo.ps1 as domain admin import_tasks: setup_defender_gpo.yaml diff --git a/ansible/roles/dc02/tasks/populate_ad.yaml b/ansible/roles/dc02/tasks/populate_ad.yaml deleted file mode 100644 index e65ab64..0000000 --- a/ansible/roles/dc02/tasks/populate_ad.yaml +++ /dev/null @@ -1,7 +0,0 @@ -- name: execute populate-ad.ps1 - ansible.windows.win_powershell: - script: C:\scripts\populate-ad.ps1 - parameters: - DomainName: "{{ main_domain_name }}" - UserPassword: "{{ default_win_user_password }}" - SvcPassword: "{{ default_win_svc_password }}" diff --git a/ansible/roles/dc02/tasks/setup_defender_gpo.yaml b/ansible/roles/dc02/tasks/setup_defender_gpo.yaml index 18d8042..e871b81 100644 --- a/ansible/roles/dc02/tasks/setup_defender_gpo.yaml +++ b/ansible/roles/dc02/tasks/setup_defender_gpo.yaml @@ -1,5 +1,8 @@ - name: execute setup-defender-gpo.ps1 as domain admin - ansible.windows.win_command: powershell.exe -ExecutionPolicy Bypass -File C:\scripts\setup-defender-gpo.ps1 -DomainName "{{ tree_domain_name }}" + ansible.windows.win_shell: + powershell.exe -ExecutionPolicy Bypass + -File C:\scripts\setup-defender-gpo.ps1 + -DomainName "{{ tree_domain_name }}" become: yes become_method: runas become_user: "{{ tree_domain_name }}\\Administrator" diff --git a/ansible/roles/dc02/tasks/setup_domain.yaml b/ansible/roles/dc02/tasks/setup_domain.yaml deleted file mode 100644 index ef8a541..0000000 --- a/ansible/roles/dc02/tasks/setup_domain.yaml +++ /dev/null @@ -1,2 +0,0 @@ -- name: execute setup-main-domain.ps1 - ansible.windows.win_command: powershell.exe -ExecutionPolicy Bypass -File C:\scripts\setup-main-domain.ps1 -DomainName "{{ tree_domain_name }}" -SafeModePassword "P4ssw0rd1234!" diff --git a/ansible/roles/dc02/tasks/setup_tree_domain.yaml b/ansible/roles/dc02/tasks/setup_tree_domain.yaml index 2067844..4a41c28 100644 --- a/ansible/roles/dc02/tasks/setup_tree_domain.yaml +++ b/ansible/roles/dc02/tasks/setup_tree_domain.yaml @@ -4,6 +4,6 @@ -File C:\scripts\setup-tree-domain.ps1 -ParentForestRootDomain "{{ main_domain_name }}" -NewTreeDomainName "{{ tree_domain_name }}" - -SafeModePassword "P4ssw0rd1234!" + -SafeModePassword "{{ default_win_safemode_password }}" -Username Administrator -Password "{{ default_win_password }}" |