--- - name: Setup Windows Server 2025 as Additional Domain Controller hosts: all gather_facts: yes tasks: - name: Expand C drive if disk was increased ansible.windows.win_shell: | $size = Get-PartitionSupportedSize -DriveLetter C Resize-Partition -DriveLetter C -Size $size.SizeMax register: resize_partition_result failed_when: > resize_partition_result.rc != 0 and 'already the requested size' not in (resize_partition_result.stderr | default('')) changed_when: resize_partition_result.rc == 0 - name: Set primary DC as DNS server ansible.windows.win_dns_client: adapter_names: "*" ipv4_addresses: - "{{ primary_dc_ip }}" - "127.0.0.1" - name: Install Active Directory Domain Services & Management Tools ansible.windows.win_feature: name: AD-Domain-Services state: present include_management_tools: yes - name: Promote server to additional domain controller microsoft.ad.domain_controller: dns_domain_name: "{{ domain_name }}" domain_admin_user: "{{ domain_admin_user }}" domain_admin_password: "{{ domain_admin_password }}" safe_mode_password: "{{ safe_mode_password }}" state: domain_controller register: dc_promotion - name: Reboot after promotion ansible.windows.win_reboot: msg: "Rebooting to apply Domain Controller promotion" reboot_timeout: 3600 connect_timeout: 30 post_reboot_delay: 180 when: dc_promotion.reboot_required - name: Wait for Active Directory Domain Services to be running ansible.windows.win_service_info: name: NTDS register: ntds_service retries: 20 delay: 30 until: - ntds_service.exists - ntds_service.services[0].state == "running" - name: Force Active Directory replication ansible.windows.win_command: repadmin /syncall /A /e /d register: repadmin_result changed_when: false failed_when: false - name: Show replication status ansible.builtin.debug: var: repadmin_result.stdout_lines