Updated the setup of DNS resolver and Kerberos configuration to ensure proper domain authentication. This change will improve the overall security of the system.
Enhanced the provision.yml to properly stop and mask regular Samba services, while unmasking and enabling the Samba AD/DC service. This ensures a more robust setup for the domain controller.
Renamed debug block to use Ansible debug output, removing unnecessary variables and improving readability. This change aims to make the code more maintainable and efficient.
Updated the Ansible playbook to correctly detect the Samba version and perform an upgrade if necessary. The changes also include adding the Samba Team Debian GPG key, repository, and updating the APT cache.
Updated the Samba Team Debian repository URL to use the modern method, which includes a signed-by keyring. This change improves security and stability of the package installation process.
Updated the URL for the Samba Team Debian GPG key to use a more reliable source, ensuring future installations can correctly verify the team's identity.
Updated the Ansible playbook to use modern methods for adding the Samba Team Debian GPG key and repository, making it easier to upgrade to a newer version of Samba. This change also includes updating the APT cache when an upgrade is needed.
Refactored the `tasks/preparing.yml` file to improve its structure, readability, and consistency with best practices. This includes updating variable names, adding whitespace, and standardizing indentation.
Prevents potential conflicts during the installation process by stopping Samba services before provisioning. This ensures a smoother and more reliable setup. The new step is added at line 74 of tasks/install.yml.
Fixed a typo in the debug message, updating it to use the correct variable `samba_domain_info.adminpass` instead of `addc_admin_password`. This ensures accurate output and prevents potential errors. The updated code will now correctly display the admin password for Samba AD DC.
Updated the debug message to include a new variable, allowing for more flexibility in the output. This change improves the readability and maintainability of the Ansible playbook.
Added a debug message to the Ansible playbook to display the admin password from the Samba domain, allowing for easier testing and debugging of the Samba AD DC setup.
Updated the admin password variable in the provision.yml file to use a dynamically generated value, making it easier to manage and update passwords across different environments.
Added a new task to stop relevant Samba services before provisioning, ensuring a clean environment for the AD DC setup. This change improves the overall stability and reliability of the provisioning process.
Updated the service configuration to ensure proper stopping of samba-ad-dc before provisioning, improving overall installation stability and consistency.
Updated the Ansible playbook to use apt instead of package for installing samba packages, adding additional options for improved efficiency and cleanup.
Updated the `no_log` option in the `samba_provision` task to always display passwords, making it easier to debug and understand the provisioning process.
Updated verify.yml to include an optional command to display the cached Kerberos ticket, utilizing the 'klist' command and registering its output. This change enhances the flexibility of the verification process.
Updated the `samba_domain_info` section to use the new authentication domain and netbios domain. Also updated the `tasks/provision.yml` file to reflect these changes, including the correct realm, domain, server role, and interfaces for the Samba domain.
Added a check to ensure the domain is not already provisioned before running the samba-tool domain provision command. This prevents duplicate provisions and ensures consistency in the domain setup.
Added Samba domain information and package installation to the defaults/main.yml template, allowing for easier setup of a Samba Active Directory Domain Controller. This change enables the use of Samba as an alternative to OpenLDAP for authentication purposes.
This commit adds a new feature to the playbook that configures DNS settings for a Samba AD DC. It includes changes to the `defaults/main.yml` file, `tasks/install.yml`, `tasks/preparing.yml`, `tasks/verify.yml`, and `templates/resolv.conf.j2` files.
Added a new line to the `resolv.conf.j2` template to specify the Ansible-managed DNS server (`{{ addc_ansible_host }}`). This ensures that the system uses both the local host and the managed DNS server for DNS resolution.
