I managed to figure out how to do this, if anyone is interested, used
invoke-command:
- name: Sync Active Directory With New Changes
ansible.windows.win_shell:
Invoke-Command -ComputerName '{{ server.dc }}' -ScriptBlock { repadmin
/syncall /AdeP }
become: yes
become_method: runas
vars:
ansible_become_user: '{{ server.domain }}\username of a domain admin
account'
ansible_become_password: '{{ ansible_password }}'
become_user: "{{ server.domain }}\username of a domain admin account"
On Monday, December 6, 2021 at 12:15:24 PM UTC-6 Nitrous wrote:
> This works from the ansible task server using powershell:
>
> $password = "xxx" | ConvertTo-SecureString -asPlainText -Force
> $username = "xx\xxxxx"
> $credential = New-Object
> System.Management.Automation.PSCredential($username,$password)
> Invoke-Command -ComputerName DC01 -credential $Credential -ScriptBlock {
> repadmin /syncall /AdeP }
>
> How can I use the above to be able to use it using the
> ansible.windows.win_shell
> module, in ansible? Thanks
>
> On Monday, December 6, 2021 at 11:22:04 AM UTC-6 Nitrous wrote:
>
>> I am trying to figure out, how to run repadmin on the Domain controller
>> itself:
>>
>> - name: Sync Active Directory With New Changes
>>
>> ansible.windows.win_shell: repadmin /syncall '{{ server.domain }}'
>> /AdeP
>> become: yes
>> become_method: runas
>> become_user: '{{ server.domain }}\username'
>>
>> The above tries to run on the task server, that has the AD modules
>> installed, but I would like to run the above on the domain
>> controller itself.
>>
>> Would we use the delegate option and then specify the Domain controller?
>> Thanks
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f1d0e454-74c0-4ea0-929c-3c58ff46fcf2n%40googlegroups.com.
