octavian.machidon/classroom
1
0
Fork 0
forked from rc/classroom
Code Pull requests Activity
classroom/roles/ad_joined/tasks/main_lin.yml
Gašper Fele-Žorž 93b01e5d53 Fix / extend README
2025-09-02 11:22:49 +02:00

65 lines
1.4 KiB
YAML
Raw Blame History

- name: Install required packages
apt:
name:
- realmd
- sssd
- libpam-mount
- heimdal-clients
- name: Remove krb5-user
apt:
name:
krb5-user
state: absent
- name: Set OU
set_fact:
ou_path: "OU={{locations[0]}},OU=Ucilnice"
- name: Show state
debug:
msg: "Host: {{inventory_hostname}}, OU: {{ou_path}}"
# - import_tasks: ne_sysprep.yaml
- name: "Rename"
# Racunalnik najprej preimenujmo, da ne bosta v domeni obenem 2 z istim imenom
hostname:
name: "{{inventory_hostname}}-linux"
register: hostname_res
- name: Check whether we already joined
command: /bin/bash -c "/usr/sbin/realm list"
register: realm_list_results
- name: Join using realmd
expect:
command: realm join --user={{ad_join_user}} --computer-ou={{ou_path}} {{domain_name}}
responses:
(?i)Password: "{{ad_join_password}}"
ignore_errors: yes
when: realm_list_results.stdout == ""
- name: Copy sssd config
template:
src: sssd.conf
dest: "/etc/sssd/sssd.conf"
owner: root
mode: 0600
- name: Configure libpam-mount
copy:
src: pam_mount.conf.xml
dest: /etc/security/pam_mount.conf.xml
- name: Enable libpam-mount
command: pam-auth-update --enable libpam-mount
become: true
- name: Disable libpam-mkhomedir
command: pam-auth-update --disable mkhomedir
become: true
- name: Restart sssd
service:
name: sssd
state: restarted
View git blame Copy permalink