From 811153afb1a8e91355ccd7a7d016007a61a9506d Mon Sep 17 00:00:00 2001
From: Klaus Frank <agowa338@users.noreply.github.com>
Date: Sun, 18 Aug 2019 22:14:51 +0200
Subject: [PATCH] Add exception handling to win_domain_controller (#58234)

* Add exception handling to win_domain_controller

* Add changelog

* Fix PSUseDeclaredVarsMoreThanAssignments

* Remove dns domain cannot be resolved error message

As requested by PR review in https://github.com/ansible/ansible/pull/58234#discussion_r300509880
---
 changelogs/fragments/win_domain-exceptions.yaml   |  2 ++
 .../modules/windows/win_domain_controller.ps1     | 15 ++++++++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/fragments/win_domain-exceptions.yaml

diff --git a/changelogs/fragments/win_domain-exceptions.yaml b/changelogs/fragments/win_domain-exceptions.yaml
new file mode 100644
index 0000000000..6c08b7d105
--- /dev/null
+++ b/changelogs/fragments/win_domain-exceptions.yaml
@@ -0,0 +1,2 @@
+bugfixes:
+- win_domain_controller - Do not fail the play without the user being able to catch dcpromo failing because of a pending reboot within a playbook using ignore_error or retry logic.
diff --git a/lib/ansible/modules/windows/win_domain_controller.ps1 b/lib/ansible/modules/windows/win_domain_controller.ps1
index 1498bbf3f2..8d15a5614e 100644
--- a/lib/ansible/modules/windows/win_domain_controller.ps1
+++ b/lib/ansible/modules/windows/win_domain_controller.ps1
@@ -212,7 +212,20 @@ Try {
                 if ($site_name) {
                     $install_params.SiteName = $site_name
                 }
-                Install-ADDSDomainController -NoRebootOnCompletion -Force @install_params
+                try
+                {
+                    $null = Install-ADDSDomainController -NoRebootOnCompletion -Force @install_params
+                } catch [Microsoft.DirectoryServices.Deployment.DCPromoExecutionException] {
+                    # ExitCode 15 == 'Role change is in progress or this computer needs to be restarted.'
+                    # DCPromo exit codes details can be found at https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/troubleshooting-domain-controller-deployment
+                    if ($_.Exception.ExitCode -eq 15) {
+                        $result.reboot_required = $true
+                    } else {
+                        Fail-Json -obj $result -message "Failed to install ADDSDomainController with DCPromo: $($_.Exception.Message)"
+                    }
+                }
+                # If $_.FullyQualifiedErrorId -eq 'Test.VerifyUserCredentialPermissions.DCPromo.General.25,Microsoft.DirectoryServices.Deployment.PowerShell.Commands.InstallADDSDomainControllerCommand'
+                # the module failed to resolve the given dns domain name
 
                 Write-DebugLog "Installation complete, trying to start the Netlogon service"
                 # The Netlogon service is set to auto start but is not started. This is