Closed RandJV closed 5 months ago
While not officially deprecated yet the LAPS functionality of this lookup has been migrated to the new microsoft.ad.ldap inventory plugin. It supports password lookups for both the legacy and new LAPS. It even supports the encrypted format if an extra library is installed. There are some examples in there that show you how to set the user and password for hosts it retrieves with the inventory plugin.
There are no plans on migrating those changes to the laps_password
lookup at this stage, the main reason is around how the lookup plugin will be run on every task slowing things down.
SUMMARY
When connecting to a windows host, I use the lookup('laps_password') module, which takes the attribute "ms-Mcs-AdmPwd" from ldap, but in the new version of laps, the name of the attribute has changed to "msLAPS-Password" in unencrypted form and "msLAPS-EncryptedPassword" in encrypted form. I tried to change the name of the attribute in the laps_password.py script, but he can't get it.
ISSUE TYPE
COMPONENT NAME
lookup('laps_password')
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
Debian GNU/Linux 11 (bullseye)
STEPS TO REPRODUCE
ansible hostname -m win_ping
EXPECTED RESULTS
ACTUAL RESULTS