---
- name: Setup Windows Server 2025 as Additional Domain Controller
  hosts: all
  gather_facts: yes

  tasks:
    - name: Expand C drive if disk was increased
      ansible.windows.win_shell: |
        $size = Get-PartitionSupportedSize -DriveLetter C
        Resize-Partition -DriveLetter C -Size $size.SizeMax
      ignore_errors: yes

    - name: Set primary DC as DNS server
      ansible.windows.win_dns_client:
        adapter_names: "*"
        ipv4_addresses:
          - "{{ primary_dc_ip }}"
          - "127.0.0.1"

    - name: Install Active Directory Domain Services & Management Tools
      ansible.windows.win_feature:
        name: AD-Domain-Services
        state: present
        include_management_tools: yes

    - name: Promote server to additional domain controller
      microsoft.ad.domain_controller:
        dns_domain_name: "{{ domain_name }}"
        domain_admin_user: "{{ domain_admin_user }}"
        domain_admin_password: "{{ domain_admin_password }}"
        safe_mode_password: "{{ safe_mode_password }}"
        state: domain_controller
      register: dc_promotion

    - name: Reboot after promotion
      ansible.windows.win_reboot:
        msg: "Rebooting to apply Domain Controller promotion"
        reboot_timeout: 1800
        post_reboot_delay: 60
      when: dc_promotion.reboot_required

    - name: Force Active Directory replication
      ansible.windows.win_command: repadmin /syncall /A /e /d
      register: repadmin_result
      changed_when: false
      ignore_errors: yes

    - name: Show replication status
      ansible.builtin.debug:
        var: repadmin_result.stdout_lines