---
# Samba4 installation tasks
- name: Check if Samba domain is already provisioned
  stat:
    path: /var/lib/samba/private/sam.ldb
  register: samba_provisioned

- name: Provision Samba4 domain
  command: >
    samba-tool domain provision
    --use-rfc2307
    --realm={{ samba_realm }}
    --domain={{ samba_domain }}
    --adminpass={{ samba_admin_password }}
    --server-role=dc
    --dns-backend=SAMBA_INTERNAL
    --domain-sid={{ samba_domain_sid }}
  when: not samba_provisioned.stat.exists

- name: Copy Kerberos configuration
  copy:
    src: /var/lib/samba/private/krb5.conf
    dest: /etc/krb5.conf
    remote_src: yes
    backup: yes

- name: Enable and start samba-ad-dc service
  systemd:
    name: samba-ad-dc
    enabled: yes
    state: started
    daemon_reload: yes

- name: Include DNS configuration tasks
  include_tasks: dns_config.yml