---
- name: run automation for windows
  #gather_facts: no
  hosts: localhost
  tasks: 
  - name: create hostgroup for ad group creation 
    add_host: 
      hostname: awe-mps-006.adagility.net
      groups: ad_group
      ansible_connection: winrm
      ansible_port: 5985
      ansible_winrm_server_cert_validation: ignore
      ansible_user: "{{ansible_user}}"
      ansible_password: "{{ansible_password}}"
      ansible_winrm_transport: kerberos
  - name: create host group for new host 
    add_host: 
      hostname: "{{ip_address}}"
      group: new_host
      ansible_connection: winrm
      ansible_port: 5985
      ansible_winrm_server_cert_validation: ignore
      ansible_user:  "{{local_admin}}" 
      ansible_password: "{{local_admin_pw}}"
      ansible_winrm_transport: ntlm
- name: Create admin group
  hosts: ad_group
  tasks:
    - name: Create ad security group for Devices
      community.windows.win_domain_group:
        name: G-MGMT-LA-DEVADM-{{ hostname|upper }}
        path: OU=Local_Admin,OU=Device_Privileges,OU=Management_Groups,OU=Aperam,DC=ADAGILITY,DC=NET
        domain_username: "{{domain_admin}}"
        domain_password: "{{domain_password}}"
        state: present
        scope: global

- name: run automation for windows
  gather_facts: no
  hosts: new_host
  become_method: runas
  #vars:
    #- ansible_user: "{{local_admin}}"
    #- ansible_password: 
  roles:
    - role: windows_install-check-mk
    - role: windows_install-windirstat
    - role: windows_install-sentinelone
    - role: checkmk_join
    - role: windows_domain-join
    - role: windows_finalize