search

ansible-collections / microsoft.ad

Ansible collection for Active Directory management
GNU General Public License v3.0
36 stars 19 forks source link

microsoft.ad.user - New-ADUser failed: A parameter cannot be found that matches parameter name 'LockedOut' #108

Closed antonxoxlov closed 2 months ago

antonxoxlov commented 3 months ago
SUMMARY
ISSUE TYPE
* Bug Report
COMPONENT NAME
* microsoft.ad.user
ANSIBLE VERSION
ansible [core 2.16.2]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.11/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.11.5 (main, Oct 25 2023, 14:45:39) [GCC 8.5.0 20210514 (Red Hat 8.5.0-21)] (/usr/bin/python3.11)
jinja version = 3.1.2
libyaml = True
COLLECTION VERSION
ansible-galaxy 2.10.17
$ ansible-galaxy collection list | grep microsoft.ad
microsoft.ad                  1.3.0
OS / ENVIRONMENT
* Testing on a Windows Server 2016
STEPS TO REPRODUCE
* Try to add a user object with the following flag using "microsoft.ad.user" module:
  account_locked: true/false
- name: Configure ActiveDirectory users
microsoft.ad.user:
state: "{{ item.ensure | default(active_directory_ensure) }}"
name: "{{ item.name }}"
display_name: "{{ item.displayname }}"
firstname: "{{ item.first_name }}"
surname: "{{ item.last_name }}"
password_expired: "{{ item.password_change | default(active_directory_expired_password) }}"
user_cannot_change_password: "{{ item.user_cant_change_password | default(active_directory_user_cannot_change_password_enabled) }}"
account_locked: "{{ item.locked_enabled | default(active_directory_account_locked_enabled) }}"
EXPECTED RESULTS
* AD User gets created successfully with the "account_locked" attribute as true or false
ACTUAL RESULTS
* Task fails as below:
"msg": "New-ADUser failed: A parameter cannot be found that matches parameter name 'LockedOut'."
jborean93 commented 3 months ago

Thanks for the bug report, looks like the code didn't handle the account_locked value when creating a new AD user. The PR https://github.com/ansible-collections/microsoft.ad/pull/109 should fix this issue.