From e6e7f225924798889f78aa939ad97e8e2f89520b Mon Sep 17 00:00:00 2001 From: Jose Date: Sun, 2 Nov 2025 18:16:05 +0100 Subject: [PATCH] =?UTF-8?q?refactor=20=E2=99=BB=EF=B8=8F:=20Update=20Samba?= =?UTF-8?q?=20domain=20info=20and=20provision=20process?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updated the `samba_domain_info` section to use the new authentication domain and netbios domain. Also updated the `tasks/provision.yml` file to reflect these changes, including the correct realm, domain, server role, and interfaces for the Samba domain. --- defaults/main.yml | 18 ++++++++++-------- tasks/provision.yml | 16 +++++++++------- 2 files changed, 19 insertions(+), 15 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 584e450..46b42a1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -8,7 +8,7 @@ addc_netbios_domain: "SAMDOM" # Top level Domain = EXAMPLE.COM addc_tld: "EXAMPLE.COM" # Authentication Domain = SAMDOM.EXAMPLE.COM -addc_auth_domain: "{{ adc_netbios_domain | upper }}.{{ addc_tld | upper }}" +addc_auth_domain: "{{ addc_netbios_domain | upper }}.{{ addc_tld | upper }}" addc_admin_password: "Passw0rd" @@ -22,15 +22,17 @@ addc_ip_last_octet: "{{ addc_ansible_host.split('.')[-1] }}" addc_reverse_zone_name: "{{ addc_ip_network_prefix.split('.') | reverse | join('.') }}.in-addr.arpa" samba_domain_info: - realm: "{{ samba_realm | upper }}" - domain: "{{ samba_domain | upper }}" - server_role: "dc" - dns_backend: "SAMBA_INTERNAL" - adminpass: "{{ samba_admin_password }}" - interfaces: "{{ samba_iface | default('eth0') }}" + realm: "{{ addc_auth_domain | upper }}" + domain: "{{ addc_netbios_domain | upper }}" + server_role: "{{ addc_server_role | default('dc') }}" + dns_backend: "{{ addc_dns_backend | default('SAMBA_INTERNAL') }}" + adminpass: "{{ addc_admin_password }}" + interfaces: "{{ samba_iface_list | join(' ') }}" bind_interfaces_only: "yes" -samba_iface: eth0 +samba_iface_list: + - lo + - eth0 samba_packages: - acl diff --git a/tasks/provision.yml b/tasks/provision.yml index 9210a01..5a2e870 100644 --- a/tasks/provision.yml +++ b/tasks/provision.yml @@ -8,14 +8,16 @@ ansible.builtin.command: > samba-tool domain provision --use-rfc2307 - --realm={{ addc_auth_domain }} - --domain={{ addc_netbios_domain }} - --server-role={{ addc_server_role }} - --dns-backend={{ addc_dns_backend }} - --adminpass={{ addc_admin_password }} - --option="interfaces=lo eth0" - --option="bind interfaces only=yes" + --realm={{ samba_domain_info.realm }} + --domain={{ samba_domain_info.domain }} + --server-role={{ samba_domain_info.server_role }} + --dns-backend={{ samba_domain_info.dns_backend }} + --adminpass={{ samba_domain_info.adminpass }} + --option="interfaces={{ samba_domain_info.interfaces }}" + --option="bind interfaces only={{ samba_domain_info.bind_interfaces_only }}" when: not samba_provisioned.stat.exists register: samba_provision_output changed_when: samba_provision_output.rc == 0 no_log: true # You may toggle this if password should be hidden + +