Join Mac OSX to Active Directory with Ansible

Joining Mac OSX to Active Directory can be a time-consuming process, with lots of pointing and clicking in the GUI. Being a member of AD is helpful to enable single sign on for users in a mostly Windows domain. But, if you use Ansible, it can only take seconds to rejoin. This is especially helpful when the Mac drops off the domain and needs to be quickly re-added.

See the Ansible playbook in github here:

The most important line is this:

command: "dsconfigad -force -add {{ DOMAIN }} -computer {{ ansible_hostname }}\
 -username {{ username }} -password {{ password }} -ou {{ OUSTRING }}\
 -mobile enable -mobileconfirm disable -localhome enable -useuncpath enable\
 -groups 'Domain Admins' -shell /bin/bash "

It uses the ‘dsconfigad’ utility to remove and rejoin the Mac’s computer account to Active Directory.