---
- name: install needed packages
  apt:
    name:
      - sssd-ad
      - sssd-tools
      - adcli
    state: latest

- name: provide identities from directory
  template:
    src: sssd.conf.j2
    dest: /etc/sssd/sssd.conf
    mode: 0600
  notify: restart sssd

  ## Either one of the variables is defined:
- name: join the domain
  shell:
    cmd: >
      echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" |
      adcli join --stdin-password -U global-admin {{ domain | upper }}
  when: >
    ansible_cmdline.adpw | default('') | length > 0 or
    adpw.user_input | default('') | length > 0