Windows Server: Inputs & Outputs
Summary
Each plugin uses a set of dictionaries to store data.
These are used by plugin actions as both inputs and outputs.
This page will cover:
- The dictionaries used in this plugin
- The information each dictionary contains
Dictionary Types
DNSRecord
- Contains Windows DNS record details
Example - A Record
1 2 3 4 5 6 7 8 |
|
Example - CName Record
1 2 3 4 5 6 7 8 |
|
Example - PTR Record
1 2 3 4 5 6 7 8 |
|
DNSRecord Keys
hostname: The record hostname.
type: The record type (A, CNAME, or PTR).
time_to_live: Dictionary containing the TTL in days, hours, minutes, & seconds.
data: Record-specific data (see examples above for more).
DNSZone
- Contains Windows DNS zone details
Example
1 2 3 4 5 6 |
|
DNSZone Keys
name: The name of the zone.
type: The zone type.
is_auto_created: Indicates whether the zone was created automatically.
is_ds_integrated: Indicates whether the zone is integrated with Active Directory.
is_reverse_lookup_zone: Indicates whether the zone is a reverse lookup zone.
is_signed: Indicates whether the zone is signed.
DomainUser
- Contains Active Directory user account details
Example
1 2 3 4 5 6 |
|
User Keys
givenName: Domain user's first name
surname: Domain user's surname
sAMAccountName: Domain user's SAM Account Name
userPrincipalName: Domain user's userPrincipalName
distinguishedName: Domain user's distinguishedName
enabled: Indicates whether the user is enabled
Group
- Contains Windows group details
Example
1 2 3 |
|
Group Keys
name: The name of the group
description: The group description
sid: The group object SID
domain_group: True if the group is a domain group, otherwise False
LocalUser
- Contains Windows local user account details
Example
1 2 3 4 5 6 7 8 |
|
LocalUser Keys
name: The name of the user.
full_name: The user's full name.
description: The user description.
enabled: Indicates whether the user is enabled.
password_changeable: Indicates whether the user can change their own password.
password_will_expire: Indicates whether the user's password will expire.
password_required: Indicates whether a password is required to log on as this user.
sid: The user account object SID.
PrintDriver
- Contains print driver details
PrintDriver Keys
name: Printer name.
manufacturer: Name of the driver manufacturer.
print_environment: Printer environment.
path: Path to the print driver.
Printer
- Contains printer details
Printer Keys
name: Printer name.
driver_name: Name of the driver used by the printer.
port_name: Port name used by the printer.
shared: Indicates whether the printer is shared.
published: Indicates whether the printer is published.
status: Printer status.
PrinterPort
- Contains printer port details
PrinterPort Keys
name: Printer port name.
description: Printer port description.
RDPSession
-
Contains RDP session details
-
The example below shows the dictionary structure in YAML
Example
1 2 3 4 5 |
|
All RDPSession Keys
id: The RDP session ID on the Windows Server.
username: The username the RDP session was authenticated with.
session_name: The name of the RDP session.
state: The state of the RDP session (Disconnected
, Connected
, Active
, Listening
).
Service
-
Contains Windows service details
-
The example below shows the dictionary structure in YAML
Example
1 2 3 4 5 6 7 8 9 10 |
|
All Service Keys
name: The name of the service.
display_name: The display name for the service.
state: The state of the service.
status: The service status.
start_name: The account the service runs under.
description: The service description.
WindowsServer
-
Contains remote Powershell connection details for a Windows Server
-
It is used as an input to many of the actions in this plugin
-
The example below shows the dictionary structure in YAML
-
See the required and optional keys underneath the example
Authentication Methods
PPA v2.7.0 introduces support for Kerberos authentication, on top of the existing NTLM support.
If a username & password are supplied, NTLM authentication will be attempted.
To use Kerberos authentication, just omit the username & password.
Kerberos support requires plugin version 2.0.0 and newer.
Supplying Credentials
You should always use a PPA Vault integration to provide credentials to a plugin action.
Authenticating Using Kerberos
When authenticating to a Windows server using Kerberos, the server must have the following Service Principal Names set:
WSMAN/{hostname}
WSMAN/{FQDN}
For more information regarding Service Principal Names, click here
Kerberos Authentication
Requires PPA v2.7.0 or newer, & plugin version 2.0.0 or newer.
1 2 |
|
NTLM Authentication
1 2 3 4 |
|
Required Keys
address: The target IP or DNS address.
Optional Keys
username: Username for authentication (if using NTLM authentication).
password: Password for authentication (if using NTLM authentication).
validate_cert: Set to false to skip certificate validation (defaults to true).
use_ssl: Set to false to connect over HTTP (defaults to true using HTTPS).
read_timeout: The timeout in seconds for receiving a response from the server (defaults to 30).
operation_timeout: The timeout in seconds for each remote Powershell operation (defaults to 20.