Support Active Directory if joined on non-cross account

aws / amazon-ssm-agent

An agent to enable remote management of your EC2 instances, on-premises servers, or virtual machines (VMs).

https://aws.amazon.com/systems-manager/

Apache License 2.0

1.04k stars 322 forks source link

Support Active Directory if joined on non-cross account #397

Open icarusmiles opened 2 years ago

icarusmiles commented 2 years ago

OwnerDirectoryDescription does not seem to exist in the query results.... running on Centos 7.9

aws ds describe-directories --region us-east-1 --query "DirectoryDescriptions[?DirectoryId =='d-90676a899f'].OwnerDirectoryDescription.DirectoryId | [0]" | sed 's/"//g'

Results in: null (incorrect)

aws ds describe-directories --region us-east-1 --query "DirectoryDescriptions[?DirectoryId =='d-90676a899f'].DirectoryId | [0]" | sed 's/"//g'

Results in: d-* (correct)

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

icarusmiles commented 2 years ago

It appears this happens because the script assumes the Active Directory is shared.

icarusmiles commented 2 years ago

Added some logic, maybe messy and could use a touchup. Will look for root directory ID first, then override if share exists.

danVSS commented 1 month ago

OwnerDirectoryDescription does not seem to exist on Centos 7.9

OwnerDirectoryDescription does exist, it shows only when Directories are shared.

@smhmhmd It only exists if shared. So what about when the directory isn't shared? The docs don't indicate that this will only work on shared directories. This script is broken if the directory is not shared. If OwnerDirectoryDescription doesn't exist then why not just take DirectoryId if it exists?

smhmhmd commented 1 month ago

Thanks, I will help @VishnuKarthikRavindran check this and take the contribution in.