From 42c54afd0ad918ea1861c20afe1009b0ef190da2 Mon Sep 17 00:00:00 2001 From: Jordan Borean Date: Tue, 3 Oct 2023 06:28:48 +1000 Subject: [PATCH] Make name optional Allows using the identity module option if no name was specified. Currently name must be set with state=present but identity will be used if no name was specified. --- changelogs/fragments/search-by-identity.yml | 4 ++++ plugins/doc_fragments/ad_object.py | 2 +- plugins/module_utils/_ADObject.psm1 | 19 +++++++++++++------ 3 files changed, 18 insertions(+), 7 deletions(-) create mode 100644 changelogs/fragments/search-by-identity.yml diff --git a/changelogs/fragments/search-by-identity.yml b/changelogs/fragments/search-by-identity.yml new file mode 100644 index 0000000..6f7426c --- /dev/null +++ b/changelogs/fragments/search-by-identity.yml @@ -0,0 +1,4 @@ +minor_changes: +- Make ``name`` an optional parameter for the AD modules. Either ``name`` or ``identity`` needs to be set with their + respective behaviours. If creating a new AD user and only ``identity`` is set, that will be the value used for the + name of the object. diff --git a/plugins/doc_fragments/ad_object.py b/plugins/doc_fragments/ad_object.py index e70cf63..30e8689 100644 --- a/plugins/doc_fragments/ad_object.py +++ b/plugins/doc_fragments/ad_object.py @@ -111,7 +111,7 @@ class ModuleDocFragment: - The C(name) of the AD object to manage. - If I(identity) is specified, and the name of the object it found does not match this value, the object will be renamed. - - This must be set when I(state=present) or if I(identity) is not set. + - This if I(identity) must be set to find the object to manage. - This is not always going to be the same as the C(sAMAccountName) for user objects. It is strictly the C(name) of the object in the path specified. Use I(identity) to select an object to manage by C(sAMAccountName). diff --git a/plugins/module_utils/_ADObject.psm1 b/plugins/module_utils/_ADObject.psm1 index 1c61c90..a075487 100644 --- a/plugins/module_utils/_ADObject.psm1 +++ b/plugins/module_utils/_ADObject.psm1 @@ -740,7 +740,7 @@ Function Invoke-AnsibleADObject { } $stateRequiredIf = @{ - present = @('name') + present = @() absent = @() } @@ -905,9 +905,15 @@ Function Invoke-AnsibleADObject { $objectGuid = $null if (-not $adObject) { + $adName = if ($module.Params.name) { + $module.Params.name + } + else { + $module.Params.identity + } $newParams = @{ Confirm = $false - Name = $module.Params.name + Name = $adName WhatIf = $module.CheckMode PassThru = $true } @@ -926,7 +932,7 @@ Function Invoke-AnsibleADObject { $module.Diff.after = @{ attributes = $diffAttributes.after - name = $module.Params.name + name = $adName path = $objectPath } @@ -985,7 +991,7 @@ Function Invoke-AnsibleADObject { $module.Result.changed = $true if ($module.CheckMode) { - $objectDN = "$namePrefix=$($module.Params.name -replace ',', '\,'),$objectPath" + $objectDN = "$namePrefix=$($adName -replace ',', '\,'),$objectPath" $objectGuid = [Guid]::Empty # Dummy value for check mode } else { @@ -1075,8 +1081,9 @@ Function Invoke-AnsibleADObject { } $finalADObject = $null - if ($module.Params.name -cne $objectName) { - $objectName = $module.Params.name + $desiredName = $module.Params.name + if ($desiredName -and $desiredName -cne $objectName) { + $objectName = $desiredName $module.Diff.after.name = $objectName $finalADObject = Rename-ADObject @commonParams @adParams -NewName $objectName