UNIX AD playbooks

This is a personal scratchpad where some playbooks live. I noticed that it's a pain to configure Linux/UNIX for integration with AD and I have multiple boxes at home that qualify. Must have automation!

None of this is in a proper state for public consumption. I will at some point probably cast this into a proper role, but don't hold yoru breath. But since this is a public repo, this document is a public service announcement so you can judge for yourself if it's useful to you.

I run AD from a Samba box. Why? Because it's by far the simlest way to get Kerberos + LDAP running legally for free, and AD is the unfortunate golden standard by which the Kerberos + LDAP landscape is measured. I just didn't want to deal with hassle.

That said: I use Arch/Manjaro Linux as desktops and FreeBSD in all sorts of server workloads. That's why there are two sets of playbooks.

You drop the respective directory directly onto the domain member node you're trying to configure. This'll work for workstations and servers, there's no functional difference there.

WHATEVER YOU DO, DO NOT RUN THESE ON A DOMAIN CONTROLLER! IT WILL BREAK!

Once you have the playbook and the underlying files directory, you can set up the vars in playbook.yaml to match your environment. Yes, my own internal stuff is still in there. Knock yourselves out, it's not secret.

These playbooks do not complete the AD-join, they just prep your system.

1. Run the playbook: ansible-playbook playbook.yaml

2. Join AD: net ads join -U Administrator

3. Run the playbook again

..and you're done.

These have been tested with FreeBSD 13.2 and Arch Linux in June 2023.

They work for me. No guarantees. If this kills a kitten: don't blame me.