Open dan-esc opened 5 months ago
Files identified in the description:
If these files are incorrect, please update the component name
section of the description or use the !component
bot command.
cc @Akasurde @Nosmoht @justchris1 click here for bot help
Summary
https://github.com/ansible-collections/community.general/blob/main/plugins/modules/ipa_user.py#L321 nsaccountlock = state == 'disabled'
I created a service account that only had permissions to change specific attributes about users when trying to run a playbook, it failed because it was unable to change NSaccount lock
Insufficient access: Insufficient 'write' privilege to the 'nsAccountLock' attribute of entry
We should be able to change attributes about users even if they are disabled
Issue Type
Bug Report
Component Name
ipa_user
Ansible Version
Community.general Version
Configuration
OS / Environment
No response
Steps to Reproduce
Expected Results
Expect the shell to be set and no other attributes
Actual Results
Code of Conduct