update..

roles/common/tasks/samba-user.yml

@@ -0,0 +1,75 @@
+---
+
+# ---
+# - default user/groups
+# ---
+
+# To be precise, samba groups are system groups. 
+#
+- name: (samba-user.yml) Ensure samba groups exists
+  group:
+    name: '{{ item.name }}'
+    state: present
+    gid: '{{ item.group_id | default(omit) }}'
+  loop: "{{ samba_groups }}"
+  loop_control:
+    label: '{{ item.name }}'
+  when: item.group_id is defined
+  tags:
+    - samba-server
+    - samba-group
+    - system-group
+
+# get all user of the system
+#
+# Note:
+#    the result ist avalable in variable getent_passwd
+#
+- name: (samba_user.yml) Get database of (system) users
+  getent:
+    database: passwd
+  tags:
+    - samba-server
+    - samba-user
+    - system-user
+
+
+# Samba users mut be also system users
+#
+- name: (samba_user.yml) Add (system) users if not yet exists..
+  shell: "/root/bin/admin-stuff/add_new_user.sh {{ item.name }} '{{ item.password }}'"
+  loop: "{{ samba_user }}"
+  loop_control:
+    label: '{{ item.name }}'
+  when:
+    - item.name not in getent_passwd
+  tags:
+    - samba-server
+    - samba-user
+    - system-user
+
+
+- name: (samba-user.yml) Check if samba user exists
+  shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
+  register: samba_user_present
+  changed_when: "samba_user_present.rc == 1"
+  failed_when: "samba_user_present.rc > 1"
+  loop: "{{ samba_user }}"
+  loop_control:
+    label: '{{ item.name }}'
+  tags:
+    - samba-server
+    - samba-user
+
+- name: (samba-user.yml) Add user to samba (with system users password)
+  shell: >
+    (echo '{{ item.item.password }}'; echo '{{ item.item.password }}') 
+    | smbpasswd -s -a {{ item.item.name }}
+  loop: "{{ samba_user_present.results }}"
+  when: item.changed
+  loop_control:
+    label: '{{ item.item.name }}'
+  tags:
+    - samba-server
+    - samba-user
+