search

ansible-collections / microsoft.ad

Ansible collection for Active Directory management
GNU General Public License v3.0
36 stars 19 forks source link

Add action_groups #93

Closed peterbaumert closed 4 months ago

peterbaumert commented 4 months ago
SUMMARY

Add action groups so one can specify username, password etc. only once

ISSUE TYPE
COMPONENT NAME

meta/runtime.yml

ADDITIONAL INFORMATION

domain_server would be specified once and then used by all following commands

- name: Check Active Directory
  delegate_to: <win-host>
  module_defaults:
    group/microsoft:
        domain_server: "{{ domain_server }}"
        domain_username: "{{ domain_username }}"
        domain_password: "{{ domain_password }}"
  vars:
    ansible_connection: ssh
    ansible_shell_type: cmd
  block:
    - name: Ensure OU is present & protected
      microsoft.ad.ou:
        name: Fancy_OU
        path: OU=Permissions,OU=Groups,DC=example,DC=com
        state: present
        protect_from_deletion: true

    - name: Ensure other OU is present & protected
      microsoft.ad.ou:
        name: Fancy_OU2
        path: OU=Permissions,OU=Groups,DC=example,DC=com
        state: present
        protect_from_deletion: true
peterbaumert commented 4 months ago

Maybe something like


action_groups:
  microsoft:
  - computer
  - debug_ldap_client
  - domain
  - domain_controller
  - membership
  - object
  - object_info
  - offline_join
  - ou
  - user
jborean93 commented 4 months ago

This sounds like a good idea, I'll add it to the list of things to do before the next release.

jborean93 commented 4 months ago

Thanks for the feature suggestion, https://github.com/ansible-collections/microsoft.ad/pull/96 adds the module group microsoft.ad.domain and I've added all the modules that user the domain_{username,password,server} options.