From 6078e8d9b978f5e70b61f7bbb4c3347d7259fbd0 Mon Sep 17 00:00:00 2001
From: Jose <joseraj@gmail.com>
Date: Tue, 21 Oct 2025 21:10:30 +0200
Subject: [PATCH] =?UTF-8?q?feat=20=E2=9C=A8:=20Add=20new=20feature=20to=20?=
 =?UTF-8?q?configure=20Samba=20AD=20DC=20DNS=20settings?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This commit adds a new feature to the playbook that configures DNS settings for a Samba AD DC. It includes changes to the `defaults/main.yml` file, `tasks/install.yml`, `tasks/preparing.yml`, `tasks/verify.yml`, and `templates/resolv.conf.j2` files.
---
 defaults/main.yml        |  4 ++--
 tasks/install.yml        |  1 -
 tasks/preparing.yml      |  2 +-
 tasks/verify.yml         | 12 ++++++------
 templates/resolv.conf.j2 |  2 +-
 5 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index b54aed1..93c074c 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -20,11 +20,11 @@ addc_server_role: "dc"
 addc_ip_network_prefix: "{{ addc_ansible_host.split('.')[:3] | join('.') }}"
 addc_ip_last_octet: "{{ addc_ansible_host.split('.')[-1] }}"
 addc_reverse_zone_name: "{{ addc_ip_network_prefix.split('.') | reverse | join('.') }}.in-addr.arpa"
-addc_tld: "{{ addc_auth_domain | lower }}"
+
 
 
 # template for /etc/resolv.conf
-location_internal_dns: 192.168.2.100
+location_internal_dns: 192.168.1.1
 location_external_dns: 8.8.8.8
 
 backup_path: "/path/to/your/backup/directory"
\ No newline at end of file
diff --git a/tasks/install.yml b/tasks/install.yml
index c949ca1..9613804 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -13,7 +13,6 @@
       - dnsutils      
       - python3-setproctitle
       # - smbclient
-      - ntp
     state: latest
 
 - name: Stop samba-ad-dc before provisioning (if running)
diff --git a/tasks/preparing.yml b/tasks/preparing.yml
index f3616a8..97f16b5 100644
--- a/tasks/preparing.yml
+++ b/tasks/preparing.yml
@@ -48,7 +48,7 @@
 - name: Set /etc/hosts entry for Samba AD DC
   ansible.builtin.lineinfile:
     path: /etc/hosts
-    line: "{{ addc_ansible_host }} {{ addc_hostname | upper }}.{{ addc_tld }} {{ addc_hostname | upper }}"
+    line: "{{ addc_ansible_host }} {{ addc_hostname | upper }}.{{ addc_tld | lower }} {{ addc_hostname | upper }}"
     state: present
     create: yes
 
diff --git a/tasks/verify.yml b/tasks/verify.yml
index 9f1b7a2..ddefd66 100644
--- a/tasks/verify.yml
+++ b/tasks/verify.yml
@@ -21,7 +21,7 @@
       samba-tool dns add {{ addc_ansible_host }} 
       {{ addc_reverse_zone_name }} 
       {{ addc_ip_last_octet }} PTR 
-      {{ addc_hostname | lower }}.{{ addc_tld }}
+      {{ addc_hostname | lower }}.{{ addc_auth_domain | lower }}
       -U Administrator
     responses:
       # Expects the standard Samba password prompt
@@ -52,7 +52,7 @@
 
 
 - name: Verify LDAP Service Record (SRV _ldap._tcp)
-  ansible.builtin.command: host -t SRV _ldap._tcp.{{ addc_tld }}.
+  ansible.builtin.command: host -t SRV _ldap._tcp.{{ addc_auth_domain | lower }}.
   register: ldap_srv_check
   changed_when: false
   failed_when: "'has SRV record' not in ldap_srv_check.stdout"
@@ -63,7 +63,7 @@
 
 
 - name: Verify Kerberos Service Record (SRV _kerberos._udp)
-  ansible.builtin.command: host -t SRV _kerberos._udp.{{ addc_tld }}.
+  ansible.builtin.command: host -t SRV _kerberos._udp.{{ addc_auth_domain | lower }}.
   register: kerberos_srv_check
   changed_when: false
   failed_when: "'has SRV record' not in kerberos_srv_check.stdout"
@@ -74,7 +74,7 @@
 
 
 - name: Verify DC's A (Forward) Record
-  ansible.builtin.command: host -t A {{ addc_hostname | lower }}.{{ addc_tld }}.
+  ansible.builtin.command: host -t A {{ addc_hostname | lower }}.{{ addc_auth_domain | lower }}.
   register: a_record_check
   changed_when: false
   failed_when: "{{ addc_ansible_host }} not in a_record_check.stdout"
@@ -88,8 +88,8 @@
   ansible.builtin.command: host -t PTR {{ addc_ansible_host }}
   register: ptr_record_check
   changed_when: false
-  # Assuming dc1.{{ addc_tld }} is the expected output for the reverse record
-  failed_when: "'domain name pointer {{ addc_hostname | lower }}.{{ addc_tld }}' not in ptr_record_check.stdout"
+  # Assuming dc1.{{ addc_auth_domain }} is the expected output for the reverse record
+  failed_when: "'domain name pointer {{ addc_hostname | lower }}.{{ addc_auth_domain | lower }}' not in ptr_record_check.stdout"
 
 - name: Debug - Show PTR Record check result
   ansible.builtin.debug:
diff --git a/templates/resolv.conf.j2 b/templates/resolv.conf.j2
index 5320276..50c8aa7 100644
--- a/templates/resolv.conf.j2
+++ b/templates/resolv.conf.j2
@@ -1,3 +1,3 @@
 # Managed by Ansible - Samba AD DC DNS- DO NOT EDIT MANUALLY
-search {{ addc_tld }}
+search {{ addc_auth_domain | lower }}
 nameserver {{ addc_ansible_host }}
\ No newline at end of file