From b800da99d99a35bef5d689bde82db491fcca4f4e Mon Sep 17 00:00:00 2001
From: ogrechko <ogrechko@top-sysops.ru>
Date: Wed, 6 May 2026 12:02:52 +0300
Subject: [PATCH] =?UTF-8?q?=D0=9E=D0=B1=D0=BD=D0=BE=D0=B2=D0=B8=D1=82?=
 =?UTF-8?q?=D1=8C=20ansible/promote=5Fdc.yml?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ansible/promote_dc.yml | 37 +++++++++++++++----------------------
 1 file changed, 15 insertions(+), 22 deletions(-)

diff --git a/ansible/promote_dc.yml b/ansible/promote_dc.yml
index 828941f..50b0173 100644
--- a/ansible/promote_dc.yml
+++ b/ansible/promote_dc.yml
@@ -2,18 +2,15 @@
 - name: Setup Windows Server 2025 as Additional Domain Controller
   hosts: all
   gather_facts: yes
-  
-  # В Ansible Semaphore эти переменные лучше передавать через Environment (Extra Variables)
-  # и использовать защищенные хранилища (Key Store) для паролей!
-  vars:
-    domain_name: "example.local"                       # Имя вашего домена
-    primary_dc_ip: "192.168.1.10"                      # IP-адрес текущего контроллера домена (для DNS)
-    domain_admin_user: "Administrator@example.local"   # Учетная запись админа домена
-    # domain_admin_password: "{{ vault_domain_admin_password }}" 
-    # safe_mode_password: "{{ vault_safe_mode_password }}" # Пароль восстановления DSRM
 
   tasks:
-    - name: Set Primary DC as DNS server (Required for Domain Join)
+    - name: Expand C drive if disk was increased
+      ansible.windows.win_shell: |
+        $size = Get-PartitionSupportedSize -DriveLetter C
+        Resize-Partition -DriveLetter C -Size $size.SizeMax
+      ignore_errors: yes
+
+    - name: Set primary DC as DNS server
       ansible.windows.win_dns_client:
         adapter_names: "*"
         ipv4_addresses:
@@ -25,33 +22,29 @@
         name: AD-Domain-Services
         state: present
         include_management_tools: yes
-      register: ad_feature
 
-    - name: Promote server to Additional Domain Controller
+    - name: Promote server to additional domain controller
       microsoft.ad.domain_controller:
-        domain_name: "{{ domain_name }}"
+        dns_domain_name: "{{ domain_name }}"
         domain_admin_user: "{{ domain_admin_user }}"
         domain_admin_password: "{{ domain_admin_password }}"
         safe_mode_password: "{{ safe_mode_password }}"
         state: domain_controller
-        # Указываем, что сервер должен стать дополнительным DC в существующем домене
       register: dc_promotion
 
     - name: Reboot after promotion
       ansible.windows.win_reboot:
         msg: "Rebooting to apply Domain Controller promotion"
-        reboot_timeout: 600
-        post_reboot_delay: 60 # Даем время на инициализацию служб AD после перезагрузки
+        reboot_timeout: 1800
+        post_reboot_delay: 60
       when: dc_promotion.reboot_required
 
-    # Active Directory настраивает репликацию автоматически.
-    # Следующий шаг принудительно инициирует синхронизацию для проверки.
-    - name: Force Active Directory Replication (SyncAll)
+    - name: Force Active Directory replication
       ansible.windows.win_command: repadmin /syncall /A /e /d
       register: repadmin_result
       changed_when: false
-      ignore_errors: yes # Игнорируем ошибки, если топология еще не построилась
+      ignore_errors: yes
 
-    - name: Show Replication Status
+    - name: Show replication status
       ansible.builtin.debug:
-        var: repadmin_result.stdout_lines
\ No newline at end of file
+        var: repadmin_result.stdout_lines