Active Directory: Domain

Summary

This module contains actions related to Active Directory domain configuration & policies.

Actions

active_directory.domain.

domain_components

Use this action to get the distinguished name of the domain itself.

Minimum Plugin Version: 12.4.0

Input

• domain: a fully qualified Active Directory domain.

Output

The distinguished name of the domain.

Example

The snippet below would generate the following output:

DC=example,DC=domain,DC=net

- active_directory.domain.domain_components:
    domain: example.domain.net
  save: domain_components

active_directory.domain.

lockout_duration

Get the Account Lockout Duration policy setting from the domain.

Minimum Plugin Version: 6.3.0

Input

• domain_controller: a DomainController dictionary

Output

A single TimePeriod.

Example

- active_directory.domain.lockout_duration:
  load:
    domain_controller: domain_controller
  save: lockout_duration

- ppa.ui.output_info:
    text: Accounts will be locked out for {{ lockout_duration.days }} days & {{ lockout_duration.seconds }} seconds.

active_directory.domain.

lockout_threshold

Get the Account Lockout Threshold policy setting from the domain.

Minimum Plugin Version: 6.3.0

Input

• domain_controller: a DomainController dictionary

Output

The account lockout threshold as a number.

Example

- active_directory.domain.lockout_threshold:
  load:
    domain_controller: domain_controller
  save: lockout_threshold

- ppa.ui.output_info:
    text: Accounts will be locked out after {{ lockout_threshold }} failed logon attempts.

active_directory.domain.

maximum_password_age

Get the Maximum Password Age policy setting from the domain.

Minimum Plugin Version: 6.3.0

Input

• domain_controller: a DomainController dictionary

Output

A single TimePeriod.

Example

- active_directory.domain.maximum_password_age:
  load:
    domain_controller: domain_controller
  save: maximum_password_age

- ppa.ui.output_info:
    text: The maximum password age is {{ maximum_password_age.days }} days & {{ maximum_password_age.seconds }} seconds.

active_directory.domain.

minimum_password_age

Get the Minimum Password Age policy setting from the domain.

Minimum Plugin Version: 6.3.0

Input

• domain_controller: a DomainController dictionary

Output

A single TimePeriod.

Example

- active_directory.domain.minimum_password_age:
  load:
    domain_controller: domain_controller
  save: minimum_password_age

- ppa.ui.output_info:
    text: The minimum password age is {{ minimum_password_age.days }} days & {{ minimum_password_age.seconds }} seconds.

active_directory.domain.

minimum_password_length

Get the Minimum Password Length policy setting from the domain.

Minimum Plugin Version: 6.3.0

Input

• domain_controller: a DomainController dictionary

Output

The minimum password length as a number.

Example

- active_directory.domain.minimum_password_length:
  load:
    domain_controller: domain_controller
  save: minimum_length

- ppa.ui.output_info:
    text: New passwords must be at least {{ minimum_length }} characters long.

active_directory.domain.

password_history_length

Get the Enforce Password History policy setting from the domain.

Minimum Plugin Version: 6.3.0

Input

• domain_controller: a DomainController dictionary

Output

The password history length as a number.

Example

- active_directory.domain.password_history_length:
  load:
    domain_controller: domain_controller
  save: history_length

- ppa.ui.output_info:
    text: New passwords must differ from the last {{ history_length }} passwords.