ansible_samba_ad_dc/tasks/preparing.yml

---
#  Disable tools, such as resolvconf, that automatically update your /etc/resolv.conf DNS resolver configuration file
- name: Stop and disable systemd-resolved if present
  ansible.builtin.systemd:
    name: systemd-resolved
    enabled: false
    state: stopped
  when: ansible_facts.services['systemd-resolved.service'] is defined

- name: Remove /etc/resolv.conf if it's a symlink to systemd-resolved
  ansible.builtin.file:
    path: /etc/resolv.conf
    state: absent
  when: "'/run/systemd/resolve' in ansible_facts.lsb.description | default('')"

- name: Create static /etc/resolv.conf
  ansible.builtin.copy:
    dest: /etc/resolv.conf
    content: |
      nameserver {{ location_internal_dns }}
      nameserver {{ location_external_dns }}
    owner: root
    group: root
    mode: '0644'

- name: Disable resolvconf package (if installed)
  ansible.builtin.package:
    name: resolvconf
    state: absent

- name: Disable DNS updates from NetworkManager (if present)
  ansible.builtin.blockinfile:
    path: /etc/NetworkManager/NetworkManager.conf
    block: |
      [main]
      dns=none
  notify: Restart NetworkManager
  when: ansible_facts.services['NetworkManager.service'] is defined

- name: Prevent dhclient from modifying resolv.conf (if present)
  ansible.builtin.lineinfile:
    path: /etc/dhcp/dhclient.conf
    regexp: '^#?supersede domain-name-servers'
    line: 'supersede domain-name-servers {{ location_internal_dns }}, {{ location_external_dns }};'
    create: yes

# Verify that the /etc/hosts file on the DC correctly resolves the fully-qualified domain name (FQDN) and short host name to the LAN IP address of the DC
- name: Set /etc/hosts entry for Samba AD DC
  ansible.builtin.lineinfile:
    path: /etc/hosts
    line: '{{ addc_ansible_host }} {{ addc_hostname | upper }}.{{ addc_tld | lower }} {{ addc_hostname | upper }}'
    state: present
    create: yes

- name: Ensure '127.0.0.1 localhost' is present and nothing else on that line
  ansible.builtin.lineinfile:
    path: /etc/hosts
    regexp: '^127\.0\.0\.1\s+'
    line: '127.0.0.1 localhost'
    state: present

# Remove any existing smb.conf file
- name: Get compiled default smb.conf path from smbd
  ansible.builtin.shell: smbd -b | grep CONFIGFILE | awk '{print $2}'
  register: smb_conf_path
  changed_when: false
  failed_when: smb_conf_path.rc != 0

- name: Remove smb.conf using discovered path
  ansible.builtin.file:
    path: '{{ smb_conf_path.stdout }}'
    state: absent

# Remove all Samba database files, such as *.tdb and *.ldb files
- name: Get Samba directories from smbd -b
  ansible.builtin.shell: smbd -b | egrep 'LOCKDIR|STATEDIR|CACHEDIR|PRIVATE_DIR' | awk '{print $2}'
  register: samba_dirs
  changed_when: false
  failed_when: samba_dirs.rc != 0

- name: Filter existing directories
  ansible.builtin.find:
    paths: '{{ item }}'
    file_type: directory
    recurse: no
  loop: '{{ samba_dirs.stdout_lines }}'
  register: existing_dirs

- name: Collect existing directories
  ansible.builtin.set_fact:
    valid_dirs: "{{ existing_dirs.results | selectattr('matched', '>', 0) | map(attribute='files') | sum(start=[]) | map(attribute='path') | list }}"

- name: Find *.tdb and *.ldb files
  ansible.builtin.find:
    paths: '{{ item }}'
    patterns: '*.tdb,*.ldb'
    recurse: yes
    use_regex: false
  loop: '{{ valid_dirs }}'
  register: db_files

- name: Remove found tdb/ldb files
  ansible.builtin.file:
    path: '{{ item.path }}'
    state: absent
  loop: "{{ db_files.results | map(attribute='files') | sum(start=[]) }}"
  when: item.path is defined

- name: Report removed files
  ansible.builtin.debug:
    msg: 'Removed: {{ item.path }}'
  loop: "{{ db_files.results | map(attribute='files') | sum(start=[]) }}"