JonTheNiceGuy/User commands.yml

## User commands.yml
- name: Create Users on W2012 Server
  raw: if (dsquery user -samid "{{item.key}}") {"Not Required"} else { New-ADUser -SamAccountName "{{item.key}}" -UserPrincipalName "{{item.key}}@{{windows_domain}}" -Name "{{item.value.name}}" -DisplayName "{{item.value.name}}" -GivenName "{{item.value.name.split(" ")[1]}}" -Surname "{{item.value.name.split(" ")[-1]}}" -ChangePasswordAtLogon $true -Enabled $true -AccountPassword (ConvertTo-SecureString "{{default_password}}" -AsPlainText -Force) }

- name: Create Users on W2008 Server with Domain Admin
  raw: if (dsquery user -samid "{{item.key}}") {"Not Required"} else {dsadd user "CN={{item.key}},CN=Users,{{search_base}}" -samid "{{item.key}}" -upn "{{item.key}}@{{windows_domain}}" -display "{{item.value.name|default("Undefined")}} {{item.value.role|default("")}}" -fn "{{item.value.name.split(" ")[1]|default("Undefined")}}" -ln "{{item.value.name.split(" ")[-1]|default("Undefined")}}" -mustchpwd yes -pwd "{{default_password}}" -memberof "CN=Domain Admins,CN=Users,{{search_base}}"}

- name: Create a breakglass user on a Linux machine
  user:
    name=breakglass
    system=yes
    comment="For breakglass use ONLY"
    group=sudo
    shell=/bin/bash
    password="{{breakglass_password | password_hash('sha512') }}"
    update_password=on_create

- name: Creating users on ESXi 6.0
  shell: grep {{item.key}} /etc/passwd >>/dev/null || esxcli system account add --id="{{item.key}}" --description="{{item.value.name}}" --password="{{default_password}}" --password-confirmation="{{default_password}}"
	- name: Create Users on W2012 Server
	raw: if (dsquery user -samid "{{item.key}}") {"Not Required"} else { New-ADUser -SamAccountName "{{item.key}}" -UserPrincipalName "{{item.key}}@{{windows_domain}}" -Name "{{item.value.name}}" -DisplayName "{{item.value.name}}" -GivenName "{{item.value.name.split(" ")[1]}}" -Surname "{{item.value.name.split(" ")[-1]}}" -ChangePasswordAtLogon $true -Enabled $true -AccountPassword (ConvertTo-SecureString "{{default_password}}" -AsPlainText -Force) }

	- name: Create Users on W2008 Server with Domain Admin
	raw: if (dsquery user -samid "{{item.key}}") {"Not Required"} else {dsadd user "CN={{item.key}},CN=Users,{{search_base}}" -samid "{{item.key}}" -upn "{{item.key}}@{{windows_domain}}" -display "{{item.value.name\|default("Undefined")}} {{item.value.role\|default("")}}" -fn "{{item.value.name.split(" ")[1]\|default("Undefined")}}" -ln "{{item.value.name.split(" ")[-1]\|default("Undefined")}}" -mustchpwd yes -pwd "{{default_password}}" -memberof "CN=Domain Admins,CN=Users,{{search_base}}"}

	- name: Create a breakglass user on a Linux machine
	user:
	name=breakglass
	system=yes
	comment="For breakglass use ONLY"
	group=sudo
	shell=/bin/bash
	password="{{breakglass_password \| password_hash('sha512') }}"
	update_password=on_create

	- name: Creating users on ESXi 6.0
	shell: grep {{item.key}} /etc/passwd >>/dev/null \|\| esxcli system account add --id="{{item.key}}" --description="{{item.value.name}}" --password="{{default_password}}" --password-confirmation="{{default_password}}"