69 lines
1.9 KiB
YAML
69 lines
1.9 KiB
YAML
---
|
|
# title: role-samba4-primary-ad-dc
|
|
#
|
|
# Author: bitfinity-nl
|
|
# Version: 1.0
|
|
# File: tasks/ubt-1804-amd64-login.yml
|
|
#
|
|
# Description: Creating a primairy Active Directory Domain Controller.
|
|
|
|
- name: "Edit Fstab"
|
|
replace:
|
|
path: /etc/fstab
|
|
regexp: 'errors=remount-ro 0'
|
|
replace: 'user_xattr,acl,barrier=1,errors=remount-ro,relatime 0'
|
|
backup: yes
|
|
|
|
- name: "Download template smb.conf.j2 to /etc/samba/smb.conf"
|
|
template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
backup: yes
|
|
with_items:
|
|
- { src: 'pam_winbind.conf.j2', dest: '/usr/share/doc/libpam-winbind/examples/pam_winbind/pam_winbind.conf' }
|
|
notify:
|
|
- restart_samba
|
|
|
|
- name: "Modify /etc/samba/smb.conf for AD logins"
|
|
blockinfile:
|
|
path: /etc/samba/smb.conf
|
|
insertafter: "use rfc2307 = yes"
|
|
block: |
|
|
template homedir = /home/%D/%U
|
|
template shell = /bin/bash
|
|
winbind use default domain = yes
|
|
winbind nss info = rfc2307
|
|
winbind enum users = yes
|
|
winbind enum groups = yes
|
|
winbind offline logon = yes
|
|
vfs objects = acl_xattr
|
|
map acl inherit = Yes
|
|
store dos attributes = Yes
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK"
|
|
notify: restart_samba
|
|
|
|
- name: "Transfer templates"
|
|
template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
backup: yes
|
|
with_items:
|
|
- { src: 'nsswitch.conf.j2', dest: '/etc/nsswitch.conf'}
|
|
|
|
- name: "Configure PAM Configuration"
|
|
shell: DEBIAN_FRONTEND=noninteractive pam-auth-update
|
|
|
|
- name: "Configure PAM - /etc/pam.d/common-account"
|
|
lineinfile:
|
|
path: /etc/pam.d/common-account
|
|
line: 'session required pam_mkhomedir.so skel=/etc/skel/ umask=0022'
|
|
backup: yes
|
|
|
|
- name: "Download template domain-admins.j2 to /etc/sudoers.d/domain-admins"
|
|
template:
|
|
src: domain-admins.j2
|
|
dest: /etc/sudoers.d/domain-admins
|
|
owner: root
|
|
group: root
|
|
mode: 0440
|
|
backup: yes |