Skip to content

Instantly share code, notes, and snippets.

Created October 26, 2019 14:27
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
- name: AD - Department Security Group Maintenance Playbook
hosts: <domaincontroller>
gather_facts: no
- department_name: <dept_name>
- ou: <ou>
- name: Get department_name users
win_shell: (get-aduser -LDAPFilter "(department={{ department_name }})").samaccountname
register: ad_users_list
changed_when: False
- name: Make sure group exists and the attributes are correct
name: "{{ department_name }}_department"
description: Ansible Managed Group
displayname: "{{ department_name | title }} Department"
scope: universal
state: present
category: security
organizational_unit: "{{ ou }}"
- name: Build the member list
name: "{{ department_name }}_department"
members: "{{ ad_users_list.stdout_lines }}"
state: pure
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment