---
- name: domaincontroller | provision | check if domain is already provisioned
  stat:
    path: /var/lib/samba/private/sam.ldb
  register: samba_db

- name: domaincontroller | provision | provision the domain if not present
  block:
    - name: domaincontroller | provision | run samba-tool domain provision
      command: >
        samba-tool domain provision
        --use-rfc2307
        --realm={{ samba_realm }}
        --domain={{ samba_workgroup }}
        --server-role=dc
        --dns-backend=SAMBA_INTERNAL
        --adminpass='{{ samba_domain_password }}'
      args:
        creates: /var/lib/samba/private/sam.ldb

    - name: domaincontroller | provision | copy kerberos config to system location
      copy:
        src: /var/lib/samba/private/krb5.conf
        dest: /etc/krb5.conf
        remote_src: true
  when: not samba_db.stat.exists