mirror of https://github.com/de-it-krachten/ansible-role-adjoin synced 2026-05-14 03:31:39 +00:00

No description

Jinja 100%

Find a file

semantic-release-bot acbc7c176b chore(release): 1.10.0 [skip ci] # [1.10.0](https://github.com/de-it-krachten/ansible-role-adjoin/compare/v1.9.0...v1.10.0) (2026-05-11) ### Bug Fixes * Ensure proper nsswitch configuration ([`77e230c`](`77e230cfb7`)) ### Features * Added support for Fedora 44 ([`336cd20`](`336cd20597`)) * Added support for Ubuntu 26.04 LTS ([`919c627`](`919c627705`)) * Drop support for Fedora 42 ([`a682c89`](`a682c89ad5`))		2026-05-11 21:25:56 +00:00
.github/workflows	Update CI	2026-05-11 22:04:52 +02:00
defaults	Update CI	2026-05-11 22:04:52 +02:00
handlers	feat: Move to FQCN	2022-10-07 15:45:15 +02:00
meta	Update CI	2026-05-11 22:04:52 +02:00
molecule/default	Update CI	2026-05-11 22:04:52 +02:00
tasks	Update CI	2026-05-11 22:04:52 +02:00
templates	feat: Add support for connecting to a specific AD server	2024-06-05 15:27:51 +02:00
.ansible-lint	Update CI	2026-05-11 22:04:52 +02:00
.cicd	Update CI	2026-05-11 22:04:52 +02:00
.cicd.overwrite	Update CI	2026-03-06 20:34:19 +01:00
.collections	feat: Add support for Ubuntu 24.04 / Fedora 40	2024-05-13 21:44:38 +02:00
.gitignore	fix: Delete unwanted '.ansible' files making 'ansible-galaxy' fail	2025-08-04 22:07:44 +02:00
.releaserc.yml	feat: Drop support for Ubuntu 20.04 LTS	2026-02-26 23:54:51 +01:00
.roles	feat: Update CI to latest standards	2022-10-07 15:49:32 +02:00
.yamllint	feat: Update supported platforms & CI	2024-12-29 01:01:56 +01:00
CHANGELOG.md	chore(release): 1.10.0 [skip ci]	2026-05-11 21:25:56 +00:00
README.md	Update CI	2026-05-11 22:04:52 +02:00

README.md

ansible-role-adjoin

Enrolls a Linux host into a Microsoft Active Directory Domain using Kerberos

Dependencies

Roles

None

Collections

None

Platforms

Supported platforms

Red Hat Enterprise Linux 8¹
Red Hat Enterprise Linux 9¹
Red Hat Enterprise Linux 10¹
RockyLinux 8
RockyLinux 9
RockyLinux 10
OracleLinux 8
OracleLinux 9
OracleLinux 10
AlmaLinux 8
AlmaLinux 9
AlmaLinux 10
Debian 11 (Bullseye)
Debian 12 (Bookworm)
Debian 13 (Trixie)
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS
Ubuntu 26.04 LTS
Fedora 43
Fedora 44¹

Note: ¹ : no automated testing is performed on these platforms

Role Variables

defaults/main.yml


# AD realm
# adjoin_realm: example.com

# Command used for joing host to AD
adjoin_command: realm

# Kerberos Service Principal Name (SPN) to create (keytabs)
adjoin_spn: []
# adjoin_spn: [ nfs, cifs ]

# Configure AD connection using SSL/TLS
adjoin_tls: true

# Leave the AD realm before joining it
adjoin_leave: false

# Use AD provided UID/GID
adjoin_ldap_id_mapping: true

# SSSD template to use
adjoin_sssd_template: sssd.conf.j2

# Enforce specific order in /etc/nsswitch.conf
adjoin_nss:
  passwd: "files sss systemd"
  group: "files sss systemd"

defaults/family-Debian.yml


# Character to start values from
adjoin_nss_ljust: 18

# List of OS packages required
adjoin_packages:
  - realmd
  - libnss-sss
  - libpam-sss
  - sssd
  - sssd-tools
  - adcli
  - samba-common-bin
  - oddjob
  - oddjob-mkhomedir
  - packagekit
  - krb5-user

defaults/family-RedHat.yml


# Character to start values from
adjoin_nss_ljust: 13

# List of OS packages required
adjoin_packages:
  - sssd
  - realmd
  - oddjob
  - oddjob-mkhomedir
  - adcli
  - samba-common
  # - samba-common-tools
  - krb5-workstation
  - openldap-clients
  # - policycoreutils-python

defaults/family-Suse.yml


# Character to start values from
adjoin_nss_ljust: 13

# List of OS packages required
adjoin_packages:
  - krb5-client
  - realmd
  - adcli
  - sssd
  - sssd-ldap
  - sssd-ad
  - sssd-tools

Example Playbook

molecule/default/converge.yml


- name: sample playbook for role 'adjoin'
  hosts: all
  become: 'yes'
  vars:
    molecule_driver: '{{ lookup(''env'', ''MOLECULE_DRIVER_NAME'') }}'
    adjoin_password: test
    adjoin_realm: example.com
    adjoin_user: test
  tasks:
    - name: Include role 'adjoin'
      ansible.builtin.include_role:
        name: adjoin