diff --git a/roles/ipaserver/library/ipaserver_prepare.py b/roles/ipaserver/library/ipaserver_prepare.py
index 51ad8b86378786b2dc7bf7a71e361beab8523520..8bf5738e7c226f339a99d39e79df36833ee21545 100644
--- a/roles/ipaserver/library/ipaserver_prepare.py
+++ b/roles/ipaserver/library/ipaserver_prepare.py
@@ -167,6 +167,9 @@ def main():
options.forward_policy = ansible_module.params.get('forward_policy')
options.no_dnssec_validation = ansible_module.params.get(
'no_dnssec_validation')
+ ### ad trust ###
+ options.enable_compat = ansible_module.params.get('enable_compat')
+ options.netbios_name = ansible_module.params.get('netbios_name')
### additional ###
options.setup_ca = ansible_module.params.get('setup_ca')
options._host_name_overridden = ansible_module.params.get(
diff --git a/roles/ipaserver/library/ipaserver_setup_adtrust.py b/roles/ipaserver/library/ipaserver_setup_adtrust.py
index fdc559d3bddf6514fa78f62814a44ff5ca85a4a3..29166e1136cc733c241de5b361ce0915d7daeffe 100644
--- a/roles/ipaserver/library/ipaserver_setup_adtrust.py
+++ b/roles/ipaserver/library/ipaserver_setup_adtrust.py
@@ -54,8 +54,15 @@ def main():
argument_spec = dict(
# basic
hostname=dict(required=False),
- setup_ca=dict(required=True, type='bool', default=False),
- setup_adtrust=dict(required=True, type='bool', default=False),
+ setup_ca=dict(required=False, type='bool', default=False),
+ setup_adtrust=dict(required=False, type='bool', default=False),
+ ### ad trust ###
+ enable_compat=dict(required=False, type='bool', default=False),
+ rid_base=dict(required=False, type='int'),
+ secondary_rid_base=dict(required=False, type='int'),
+ ### additional ###
+ adtrust_netbios_name=dict(required=True),
+ adtrust_reset_netbios_name=dict(required=True, type='bool')
),
)
@@ -67,6 +74,14 @@ def main():
options.host_name = ansible_module.params.get('hostname')
options.setup_ca = ansible_module.params.get('setup_ca')
options.setup_adtrust = ansible_module.params.get('setup_adtrust')
+ ### ad trust ###
+ options.enable_compat = ansible_module.params.get('enable_compat')
+ options.rid_base = ansible_module.params.get('rid_base')
+ options.secondary_rid_base = ansible_module.params.get('secondary_rid_base')
+ ### additional ###
+ adtrust.netbios_name = ansible_module.params.get('adtrust_netbios_name')
+ adtrust.reset_netbios_name = \
+ ansible_module.params.get('adtrust_reset_netbios_name')
# init ##########################################################
diff --git a/roles/ipaserver/library/ipaserver_test.py b/roles/ipaserver/library/ipaserver_test.py
index a451b9f5f90f3743a53d7d9a81c0aeb9af06c510..6385651185a4f0c3aac46f4ad0736ee1bedd9386 100644
--- a/roles/ipaserver/library/ipaserver_test.py
+++ b/roles/ipaserver/library/ipaserver_test.py
@@ -115,8 +115,9 @@ def main():
### ad trust ###
enable_compat=dict(required=False, type='bool', default=False),
netbios_name=dict(required=False),
- rid_base=dict(required=False, type='int'),
- secondary_rid_base=dict(required=False, type='int'),
+ rid_base=dict(required=False, type='int', default=1000),
+ secondary_rid_base=dict(required=False, type='int',
+ default=100000000),
### additional ###
),
@@ -779,12 +780,17 @@ def main():
forward_policy=options.forward_policy,
forwarders=options.forwarders,
no_dnssec_validation=options.no_dnssec_validation,
+ ### ad trust ###
+ rid_base=options.rid_base,
+ secondary_rid_base=options.secondary_rid_base,
### additional ###
_installation_cleanup=_installation_cleanup,
domainlevel=options.domainlevel,
dns_ip_addresses=[ str(ip) for ip
in dns.ip_addresses ],
- dns_reverse_zones=dns.reverse_zones)
+ dns_reverse_zones=dns.reverse_zones,
+ adtrust_netbios_name=adtrust.netbios_name,
+ adtrust_reset_netbios_name=adtrust.reset_netbios_name)
if __name__ == '__main__':
main()
diff --git a/roles/ipaserver/module_utils/ansible_ipa_server.py b/roles/ipaserver/module_utils/ansible_ipa_server.py
index ae5d16afa25c0d7ad11f4aafdeeea8052acc9c4b..dfa26031209d54053737a777d112a76d62463d8e 100644
--- a/roles/ipaserver/module_utils/ansible_ipa_server.py
+++ b/roles/ipaserver/module_utils/ansible_ipa_server.py
@@ -199,6 +199,11 @@ class options_obj(object):
options = options_obj()
installer = options
+# ServerMasterInstall
+options.add_sids = True
+options.add_agents = False
+
+
def api_Backend_ldap2(host_name, setup_ca, connect=False):
# we are sure we have the configuration file ready.
cfg = dict(context='installer', confdir=paths.ETC_IPA, in_server=True,
diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml
index aaf0780037da889bf85ec172b94fd117de5894a9..f482bc080b2d8c4f301a0870448944501352654f 100644
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -144,8 +144,8 @@
auto_forwarders: "{{ ipaserver_auto_forwarders }}"
no_dnssec_validation: "{{ result_ipaserver_test.no_dnssec_validation }}"
### ad trust ###
- # enable_compat
- # netbios_name
+ enable_compat: "{{ ipaserver_enable_compat }}"
+ netbios_name: "{{ ipaserver_netbios_name | default(omit) }}"
# rid_base
# secondary_rid_base
### additional ###
@@ -313,6 +313,13 @@
hostname: "{{ result_ipaserver_test.hostname }}"
setup_ca: "{{ result_ipaserver_test.setup_ca }}"
setup_adtrust: "{{ result_ipaserver_test.setup_adtrust }}"
+ ### ad trust ###
+ enable_compat: "{{ ipaserver_enable_compat }}"
+ rid_base: "{{ result_ipaserver_test.rid_base }}"
+ secondary_rid_base: "{{ result_ipaserver_test.secondary_rid_base }}"
+ ### additional ###
+ adtrust_netbios_name: "{{ result_ipaserver_test.adtrust_netbios_name }}"
+ adtrust_reset_netbios_name: "{{ result_ipaserver_test.adtrust_reset_netbios_name }}"
when: result_ipaserver_test.setup_adtrust
- name: Install - Set DS password