---
- name: Install needed packages
  ansible.builtin.apt:
    name:
      - sssd-ad
      - sssd-tools
      - adcli

- name: Provide user identities from AD
  ansible.builtin.template:
    src: sssd.conf.j2
    dest: /etc/sssd/sssd.conf
    mode: '0600'
  notify: Restart sssd

  ## Either one of the variables is defined:
- name: Join the domain
  ansible.builtin.shell:
    cmd: >
      echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" |
      adcli join --stdin-password -U global-admin {{ domain | upper }}
  when: >
    ansible_cmdline.adpw | default('') | length > 0 or
    adpw.user_input | default('') | length > 0