Active Directory: Domain
Summary
This module contains actions related to Active Directory domain configuration & policies.
Windows Server 2012
Microsoft support for Windows Server 2012 has ended.
Windows Server 2012 does not support newer & more secure TLS cipher suites required by modern versions of OpenSSL. For security reasons we will be removing support for Windows Server 2012 in a future PPA release.
To use plugin version 13 or newer with Windows Server 2012 domain controllers, you must use playbook platform alpine-3.16. This mechanism will be available for the next 6-9 months before being removed from PPA.
Actions
active_directory.domain.
domain_components
Use this action to get the distinguished name of the domain itself.
Minimum Plugin Version: 12.4.0
Input
- domain: a fully qualified Active Directory domain.
Output
The distinguished name of the domain.
Example
The snippet below would generate the following output:
DC=example,DC=domain,DC=net
1 2 3 |
|
active_directory.domain.
get_directory_location
Get the distinguished name of an object's parent Organizational Unit or Container.
This action will accept the distinguishedName of a:
Minimum Plugin Version: 13.1.0
Input
- distinguishedName: the distinguishedName of the item
Output
The distinguishedName of the item's parent.
Example
Given the distinguishedName below:
1 2 3 |
|
The output of this action will be:
OU=Example,DC=Example,DC=Domain
active_directory.domain.
lockout_duration
Get the Account Lockout Duration policy setting from the domain.
Minimum Plugin Version: 6.3.0
Input
- domain_controller: a DomainController dictionary
Output
A single TimePeriod.
Example
1 2 3 4 5 6 7 |
|
active_directory.domain.
lockout_threshold
Get the Account Lockout Threshold policy setting from the domain.
Minimum Plugin Version: 6.3.0
Input
- domain_controller: a DomainController dictionary
Output
The account lockout threshold as a number.
Example
1 2 3 4 5 6 7 |
|
active_directory.domain.
maximum_password_age
Get the Maximum Password Age policy setting from the domain.
Minimum Plugin Version: 6.3.0
Input
- domain_controller: a DomainController dictionary
Output
A single TimePeriod.
Example
1 2 3 4 5 6 7 |
|
active_directory.domain.
minimum_password_age
Get the Minimum Password Age policy setting from the domain.
Minimum Plugin Version: 6.3.0
Input
- domain_controller: a DomainController dictionary
Output
A single TimePeriod.
Example
1 2 3 4 5 6 7 |
|
active_directory.domain.
minimum_password_length
Get the Minimum Password Length policy setting from the domain.
Minimum Plugin Version: 6.3.0
Input
- domain_controller: a DomainController dictionary
Output
The minimum password length as a number.
Example
1 2 3 4 5 6 7 |
|
active_directory.domain.
password_history_length
Get the Enforce Password History policy setting from the domain.
Minimum Plugin Version: 6.3.0
Input
- domain_controller: a DomainController dictionary
Output
The password history length as a number.
Example
1 2 3 4 5 6 7 |
|