Describe the bug
an AD group may be in an OU one or more layers deep, however the code checks only if the group DN contains ou= to trigger it as being an OU search instead of a group search.
name: create user group
ntnx_user_groups:
distinguished_name: "{{distinguished_name}}"
register: result
Stack trace
Expected behavior
a group that is not in the root of the AD should be added as a group not searched for as an OU and fail
Additional context
Changing the check from "ou=" in config to some other check i.e. ( config[0:3] == "ou=" ) to ensure the proper object is searched for, as only an OU has a DN that starts with ou=.
stahnjones
commented
1 month ago
Describe the bug an AD group may be in an OU one or more layers deep, however the code checks only if the group DN contains ou= to trigger it as being an OU search instead of a group search.
To Reproduce Steps to reproduce the behavior:
name: user_group playbook hosts: localhost gather_facts: false collections:
nutanix.ncp module_defaults: group/nutanix.ncp.ntnx: nutanix_host:
nutanix_username:
nutanix_password:
validate_certs: false
tasks:
name: Setting Variables set_fact: distinguished_name: "cn=test_group,ou=groups,dc=nutanix,dc=com" directory_service_uuid: ""
name: create user group ntnx_user_groups: distinguished_name: "{{distinguished_name}}" register: result
Stack trace
Expected behavior a group that is not in the root of the AD should be added as a group not searched for as an OU and fail
Additional context Changing the check from "ou=" in config to some other check i.e. ( config[0:3] == "ou=" ) to ensure the proper object is searched for, as only an OU has a DN that starts with ou=.