roles/samba-dc: Support joining existing domain
The *samba-dc* role now supports joining an existing Active Directory domain as an additional domain controller. The `samba_is_first_dc` variable controls whether the machine will be provisioned with a new domain (when true) or added to an existing domain (when false). Joining an existing domain naturally requires credentials of a user with permission to add a new DC, the `samba_dc_join_username` and `samba_dc_join_password` variables can be used to specify them. Alternatively, if these variables are not defined, then the process will attempt to use Kerberos credentials. This would require playbooks to make a ticket-granting-ticket available somehow, such as by executing `kinit` prior to applying the *samba-dc* role.
This commit is contained in:
@@ -1 +1,2 @@
|
||||
samba_dc_use_rfc2307: true
|
||||
samba_is_first_dc: false
|
||||
|
||||
Reference in New Issue
Block a user