add dc site support

provisioning/ad/Vagrantfile

@@ -13,5 +13,16 @@ Vagrant.configure("2") do |config|
         ansible.inventory_path = "./inventory"
     end
   end
+  config.vm.define "dc2" do |config|
+    config.vm.box = "StefanScherer/windows_2019"
+    config.vm.hostname = "dc2"
+    config.vm.synced_folder '.', '/vagrant', disabled: true
+    config.vm.network :private_network, ip: "192.168.68.9", gateway: settings['ad_server_gateway']
+
+    config.vm.provision "ansible" do |ansible|
+        ansible.playbook = "./playbook2.yml"
+        ansible.inventory_path = "./inventory"
+    end
+  end
 end
 

provisioning/ad/inventory

@@ -1,5 +1,6 @@
 [dc]
 dc1 ansible_host=192.168.68.10
+dc2 ansible_host=192.168.68.9
 
 [dc:vars]
 ansible_user="vagrant"

provisioning/ad/playbook.yml

@@ -1,5 +1,5 @@
 ---
-- hosts: dc1
+- hosts: dc
   gather_facts: true
 
   vars_files:

provisioning/ad/playbook2.yml

@@ -0,0 +1,152 @@
+---
+- hosts: dc2
+  gather_facts: true
+
+  vars_files:
+    - ../../default.config.yml
+    - vars/main.yml
+
+  tasks:
+    - name: Create Scripts folder
+      win_file:
+        state: directory
+        path: C:\Scripts
+
+    - name: Set timezone to 'GMT Standard Time' (GMT)
+      community.windows.win_timezone:
+        timezone: "{{ timezone }}"
+
+    - name: set local admin password
+      ansible.windows.win_user:
+        name: Administrator
+        password: "{{ windows_domain_controller_info['domain_admin_password'] }}"
+        state: present
+
+    - name: Firewall rule to allow ICMP v4 echo (ping)
+      community.windows.win_firewall_rule:
+        name: ICMP Allow incoming V4 echo request
+        enabled: yes
+        state: present
+        profiles: private
+        action: allow
+        direction: in
+        protocol: icmpv4
+        icmp_type_code:
+        - '8:*'
+
+    - name: Firewall rule to allow RDP on TCP port 3389
+      community.windows.win_firewall_rule:
+        name: Remote Desktop
+        localport: 3389
+        action: allow
+        direction: in
+        protocol: tcp
+        profiles: private
+        state: present
+        enabled: yes
+
+    - name: features | Installing RSAT AD Admin Center
+      ansible.windows.win_feature:
+        name: RSAT-AD-AdminCenter
+        state: present
+
+    - name: features | Installing AD Domain Services
+      ansible.windows.win_feature:
+        name: AD-Domain-Services
+        include_management_tools: true
+        include_sub_features: true
+        state: present
+
+    - name: Creating a windows domain
+      ansible.windows.win_domain:
+        dns_domain_name: "{{ windows_domain_controller_info['dns_domain_name'] }}"
+        safe_mode_password: "{{ windows_domain_controller_info['safe_mode_password'] }}"
+      register: create_win_domain
+      delegate_to: dc1
+
+    - name: Reboot
+      ansible.windows.win_reboot:
+      when: create_win_domain.reboot_required
+
+    - name: Setting DNS Servers
+      ansible.windows.win_dns_client:
+        adapter_names: "*"
+        ipv4_addresses: "{{ ad_server_ip_address }}"
+
+    - name: Managing Domain Controller Membership
+      ansible.windows.win_domain_controller:
+        dns_domain_name: "{{ windows_domain_controller_info['dns_domain_name'] }}"
+        domain_admin_user: "{{ windows_domain_controller_info['domain_admin_user'] }}"
+        domain_admin_password: "{{ windows_domain_controller_info['domain_admin_password'] }}"
+        safe_mode_password: "{{ windows_domain_controller_info['safe_mode_password'] }}"
+        state: "{{ windows_domain_controller_info['state'] }}"
+      register: _windows_domain_controller
+
+    - name: Reboot
+      ansible.windows.win_reboot:
+      when: _windows_domain_controller.reboot_required
+
+    - name: Ensure user Jon is present with address information
+      community.windows.win_domain_user:
+        name: jon
+        firstname: Jon
+        surname: Jonsson
+        password: J0nP4ssw0rd
+        state: present
+        groups_action: add
+        groups:
+          - Domain Admins
+        attributes:
+          telephoneNumber: 354 123 45 67
+
+    - name: Add user with POSIX attributes
+      community.windows.win_domain_user:
+        name: testuser1
+        firstname: Test User
+        surname: One
+        password: TestP4ssw0rd
+        state: present
+        attributes:
+          uidNumber: "5001"
+          gidNumber: "5002"
+          unixHomeDirectory: "/home/testuser1"
+          loginShell: "/bin/bash"
+
+    - name: Copy dns-server-configure.ps1 to the scripts folder
+      ansible.windows.win_copy:
+        src: files/dns-server-configure.ps1
+        dest: C:\Scripts\dns-server-configure.ps1
+
+    - name: Execute the dns powershell script
+      win_command: powershell.exe -ExecutionPolicy Bypass -File C:\Scripts\dns-server-configure.ps1
+      register: results
+
+    - name: Execute the dns powershell script
+      win_command: powershell.exe -ExecutionPolicy Bypass -File C:\Scripts\dns-server-configure.ps1
+      register: results
+
+    - name: Create A records
+      community.windows.win_dns_record:
+        name: "{{ ad_server_name }}"
+        type: "A"
+        values:
+          - "{{ ad_server_ip_address }}"
+        zone: "{{ ad_domain }}"
+
+    - name: Create A records for IDM subdomain
+      community.windows.win_dns_record:
+        name: "{{ ipa_server_name }}.{{ ipa_domain }}."
+        state: present
+        type: "A"
+        values:
+          - "{{ ipa_server_ip_address }}"
+        zone: "{{ ad_domain }}"
+
+    - name: Creating NS records for IDM subdomain
+      community.windows.win_dns_record:
+        name: "{{ ipa_domain }}."
+        state: present
+        type: "NS"
+        values:
+          - "{{ ipa_server_name }}.{{ ipa_domain }}"
+        zone: "{{ ad_domain }}"