 
    New in version 2.3.
| Parameter | Choices/Defaults | Comments | 
|---|---|---|
| database_path 
                    path
                                         added in 2.5 | The path to a directory on a fixed disk of the Windows host where the domain database will be created.. If not set then the default path is  %SYSTEMROOT%\NTDS. | |
| dns_domain_name 
                    string
                                         | When  stateisdomain_controller, the DNS name of the domain for which the targeted Windows host should be a DC. | |
| domain_admin_password 
                    string
                     / required                     | Password for the specified  domain_admin_user. | |
| domain_admin_user 
                    string
                     / required                     | Username of a domain admin for the target domain (necessary to promote or demote a domain controller). | |
| local_admin_password 
                    string
                                         | Password to be assigned to the local  Administratoruser (required whenstateismember_server). | |
| read_only 
                    boolean
                                         added in 2.5 | 
 | Whether to install the domain controller as a read only replica for an existing domain. | 
| safe_mode_password 
                    string
                                         | Safe mode password for the domain controller (required when  stateisdomain_controller). | |
| site_name 
                    string
                                         added in 2.5 | Specifies the name of an existing site where you can place the new domain controller. This option is required when read_only is  yes. | |
| state 
                    string
                                         | 
 | Whether the target host should be a domain controller or a member server. | 
| sysvol_path 
                    path
                                         added in 2.5 | The path to a directory on a fixed disk of the Windows host where the Sysvol folder will be created. If not set then the default path is  %SYSTEMROOT%\SYSVOL. | 
See also
- name: Ensure a server is a domain controller
  win_domain_controller:
    dns_domain_name: ansible.vagrant
    domain_admin_user: testguy@ansible.vagrant
    domain_admin_password: password123!
    safe_mode_password: password123!
    state: domain_controller
    log_path: C:\ansible_win_domain_controller.txt
# ensure a server is not a domain controller
# note that without an action wrapper, in the case where a DC is demoted,
# the task will fail with a 401 Unauthorized, because the domain credential
# becomes invalid to fetch the final output over WinRM. This requires win_async
# with credential switching (or other clever credential-switching
# mechanism to get the output and trigger the required reboot)
- win_domain_controller:
    domain_admin_user: testguy@ansible.vagrant
    domain_admin_password: password123!
    local_admin_password: password123!
    state: member_server
    log_path: C:\ansible_win_domain_controller.txt
- name: Promote server as a read only domain controller
  win_domain_controller:
    dns_domain_name: ansible.vagrant
    domain_admin_user: testguy@ansible.vagrant
    domain_admin_password: password123!
    safe_mode_password: password123!
    state: domain_controller
    read_only: yes
    site_name: London
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | 
|---|---|---|
| reboot_required boolean | always | True if changes were made that require a reboot. Sample: True | 
More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.
Hint
If you notice any issues in this documentation you can edit this document to improve it.