-
Notifications
You must be signed in to change notification settings - Fork 0
/
120.0_ensure_mssql_aag_local_user.yaml
53 lines (51 loc) · 1.65 KB
/
120.0_ensure_mssql_aag_local_user.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# Example Playbook for local AAG User
- name: Ensure Local User for SQL
hosts: windows
vars_files:
- ./vars/main.yml
- ./vars/agents_vars.yaml
vars:
app_credentials_username: 'sql_service_local'
app_credentials_name: 'bob demouser sql'
app_credentials_password: 'Password123!'
mssql_port: 1433
mssql_user: "Demo\\Administrator"
tasks:
- name: "Ensure user {{ app_credentials_username }} is present"
ansible.windows.win_user:
name: "{{ app_credentials_username }}"
password: "{{ app_credentials_password }}"
state: present
groups:
- Users
- Administrators
- name: Check DB connection
delegate_to: localhost
community.general.mssql_script:
login_user: "{{ mssql_user }}"
login_password: "{{ansible_password }}"
login_host: "{{ ansible_hostname }}"
login_port: "{{ mssql_port }}"
db: master
script: "SELECT 1"
- name: Ensure User Login
delegate_to: localhost
community.general.mssql_script:
login_user: "{{ mssql_user }}"
login_password: "{{ansible_password }}"
login_host: "{{ ansible_hostname }}"
login_port: "{{ mssql_port }}"
db: master
script: |
USE [master]
GO
IF NOT EXISTS
(SELECT name
FROM master.sys.server_principals
WHERE name = '{{ ansible_hostname }}\sql_service_local')
BEGIN
CREATE LOGIN [{{ ansible_hostname }}\sql_service_local] FROM WINDOWS WITH DEFAULT_DATABASE=[master]
END
GO
ALTER SERVER ROLE [sysadmin] ADD MEMBER [{{ ansible_hostname }}\sql_service_local]
GO