Osirium PAM (BETA): Active Directories
Summary
This module contains actions for reading Active Directory information from PAM.
Supported Versions
This plugin supports PAM versions 6.5.0 & newer.
Remember
You must have a PAM Server provisioned as a Vault inside PPA to use this plugin.
Actions
pam.active_directories.
get_all
Get all Active Directories from the PAM appliance.
Minimum Plugin Version: 0.1.0
Input
pam_address: the IP or DNS address of the PAM Appliance
Output
A list of ActiveDirectory dictionaries.
Example
1 2 3 |
|
pam.active_directories.
get_by_domain
Get an Active Directory using its FQDN.
Minimum Plugin Version: 0.1.0
Input
pam_address: the IP or DNS address of the PAM Appliance
domain: the Active Directory FQDN
Output
A single ActiveDirectory dictionary.
Example
1 2 3 4 |
|
pam.active_directories.
get_by_id
Get an Active Directory using its ID.
Minimum Plugin Version: 0.1.0
Input
pam_address: the IP or DNS address of the PAM Appliance
active_directory_id: the ID of the Active Directory
Output
A single ActiveDirectory dictionary.
Example
1 2 3 4 |
|
pam.active_directories.
get_by_name
Get an Active Directory using its name.
Minimum Plugin Version: 0.1.0
Input
pam_address: the IP or DNS address of the PAM Appliance
name: the name of the Active Directory
Output
A single ActiveDirectory dictionary.
Example
1 2 3 4 |
|
pam.active_directories.
input_table
Display a list of Active Directories in a table, & allow the task operator to make a selection.
The table will have the following columns:
- Name
- Domain
- Host Name
- Device Count
- User Authentication Service
Minimum Plugin Version: 0.1.0
Input
-
text: The title of the table
-
active_directory_list: a list of ActiveDirectory dictionaries to display in the table
-
minimum: The minimum number of acceptable selections
-
maximum: The maximum number of acceptable selections
Output
A list of ActiveDirectory dictionaries.
Tip
-
If neither a minimum or maximum is provided, the task operator will be able to submit 0 selections.
-
If minimum or maximum are provided, the operation will repeat until the task operator makes a valid number of selections.
Example
1 2 3 4 5 6 7 8 9 10 11 |
|
pam.active_directories.
output_table
Display a list of Active Directories in a table.
The table will have the following columns:
- Name
- Domain
- Host Name
- Device Count
- User Authentication Service
Minimum Plugin Version: 0.1.0
Input
-
text: the title of the table
-
active_directory_list: a list of ActiveDirectory dictionaries to display in the table
Output
Nothing is outputted by this action.
Example
1 2 3 4 5 6 7 8 9 10 11 12 |
|
pam.active_directories.
reveal_control_account
Reveal an Active Directory's control account secrets using its ID.
Minimum Plugin Version: 0.1.0
Input
pam_address: the IP or DNS address of the PAM Appliance
active_directory_id: the ID of the Active Directory
Output
A single Secret dictionary.
Example
1 2 3 4 |
|
pam.active_directories.
search
Search for Active Directories in the PAM appliance.
Minimum Plugin Version: 0.1.0
Input
pam_address: the IP or DNS address of the PAM Appliance
queries: a list of Query dictionaries to use in the search
Output
A list of ActiveDirectory dictionaries.
Example
Finding the Active Directory used as the User Authentication Service in PAM:
1 2 3 4 5 6 7 |
|
Wildcard Queries
You can use the % character as a wildcard in the value
of each query.