Join Mac OSX to Active Directory with Ansible

Joining Mac OSX to Active Directory can be a time-consuming process, with lots of pointing and clicking in the GUI. Being a member of AD is helpful to enable single sign on for users in a mostly Windows domain. But, if you use Ansible, it can only take seconds to rejoin. This is especially helpful when the Mac drops off the domain and needs to be quickly re-added.

See the Ansible playbook in github here:

The most important line is this:

command: "dsconfigad -force -add {{ DOMAIN }} -computer {{ ansible_hostname }}\
 -username {{ username }} -password {{ password }} -ou {{ OUSTRING }}\
 -mobile enable -mobileconfirm disable -localhome enable -useuncpath enable\
 -groups 'Domain Admins' -shell /bin/bash "

It uses the ‘dsconfigad’ utility to remove and rejoin the Mac’s computer account to Active Directory.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s