Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ADManagedServiceAccount: Add KerberosEncryptionType Property #511

Closed
X-Guardian opened this issue Sep 24, 2019 · 2 comments · Fixed by #517
Closed

ADManagedServiceAccount: Add KerberosEncryptionType Property #511

X-Guardian opened this issue Sep 24, 2019 · 2 comments · Fixed by #517
Labels
enhancement The issue is an enhancement request. good first issue The issue should be easier to fix and can be taken up by a beginner to learn to contribute on GitHub

Comments

@X-Guardian
Copy link
Contributor

Details of the scenario you tried and the problem that is occurring

I am hitting the issue described here with a Group Managed Service Account created with this resource.

Suggested solution to the issue

Add the 'KerberosEncryptionType' property to the ADManagedServiceAccount resource that can be used when calling Set-ADServiceAccount.
@johlju johlju added enhancement The issue is an enhancement request. good first issue The issue should be easier to fix and can be taken up by a beginner to learn to contribute on GitHub help wanted The issue is up for grabs for anyone in the community. labels Sep 24, 2019
@johlju
Copy link
Member

johlju commented Sep 24, 2019

Looks like this is a highly needed property!

@X-Guardian
Copy link
Contributor Author

I'm working on a PR for this.

This was referenced Oct 5, 2019
Closed
Merged
@johlju johlju added in progress The issue is being actively worked on by someone. and removed help wanted The issue is up for grabs for anyone in the community. labels Nov 2, 2019
johlju pushed a commit that referenced this issue Nov 2, 2019
@X-Guardian @johlju
BREAKING CHANGE: ADManagedServiceAccount: Add KerberosEncryptionType …
7df133d 
…Property and Refactor (#517)

- Changes to ADManagedServiceAccount
  - KerberosEncryptionType property added (issue #511).
  - BREAKING CHANGE: AccountType parameter ValidateSet changed from ('Group', 'Single') to ('Group', 'Standalone') - Standalone is the correct terminology (issue #515).
  - BREAKING CHANGE: AccountType parameter default of Single removed. - Enforce positive choice of account type.
  - BREAKING CHANGE: MembershipAttribute parameter ValidateSet member SID changed to ObjectSid to match result property of Get-AdObject. Previous code does not work if SID is specified.
  - BREAKING CHANGE: AccountTypeForce parameter removed - unnecessary complication.
  - BREAKING CHANGE: Members parameter renamed to ManagedPasswordPrincipals - to closer match Get-AdServiceAccount result property PrincipalsAllowedToRetrieveManagedPassword. This is so that a DelegateToAccountPrincipals parameter can be added later.
  - Common Compare-ResourcePropertyState function used to replace function specific Compare-TargetResourceState and code refactored (issue #512).
  - Resource unit tests refactored to use nested contexts and follow the logic of the module.
  - Resource Integration tests added.
@johlju johlju removed the in progress The issue is being actively worked on by someone. label Nov 2, 2019
X-Guardian added a commit that referenced this issue Jan 10, 2020
@X-Guardian
BREAKING CHANGE: ADManagedServiceAccount: Add KerberosEncryptionType …
a1526c2 
…Property and Refactor (#517)

- Changes to ADManagedServiceAccount
  - KerberosEncryptionType property added (issue #511).
  - BREAKING CHANGE: AccountType parameter ValidateSet changed from ('Group', 'Single') to ('Group', 'Standalone') - Standalone is the correct terminology (issue #515).
  - BREAKING CHANGE: AccountType parameter default of Single removed. - Enforce positive choice of account type.
  - BREAKING CHANGE: MembershipAttribute parameter ValidateSet member SID changed to ObjectSid to match result property of Get-AdObject. Previous code does not work if SID is specified.
  - BREAKING CHANGE: AccountTypeForce parameter removed - unnecessary complication.
  - BREAKING CHANGE: Members parameter renamed to ManagedPasswordPrincipals - to closer match Get-AdServiceAccount result property PrincipalsAllowedToRetrieveManagedPassword. This is so that a DelegateToAccountPrincipals parameter can be added later.
  - Common Compare-ResourcePropertyState function used to replace function specific Compare-TargetResourceState and code refactored (issue #512).
  - Resource unit tests refactored to use nested contexts and follow the logic of the module.
  - Resource Integration tests added.
johlju pushed a commit to johlju/ActiveDirectoryDsc that referenced this issue Jan 10, 2020
@X-Guardian @johlju
BREAKING CHANGE: ADManagedServiceAccount: Add KerberosEncryptionType …
4ab6e1b 
…Property and Refactor (dsccommunity#517)

- Changes to ADManagedServiceAccount
  - KerberosEncryptionType property added (issue dsccommunity#511).
  - BREAKING CHANGE: AccountType parameter ValidateSet changed from ('Group', 'Single') to ('Group', 'Standalone') - Standalone is the correct terminology (issue dsccommunity#515).
  - BREAKING CHANGE: AccountType parameter default of Single removed. - Enforce positive choice of account type.
  - BREAKING CHANGE: MembershipAttribute parameter ValidateSet member SID changed to ObjectSid to match result property of Get-AdObject. Previous code does not work if SID is specified.
  - BREAKING CHANGE: AccountTypeForce parameter removed - unnecessary complication.
  - BREAKING CHANGE: Members parameter renamed to ManagedPasswordPrincipals - to closer match Get-AdServiceAccount result property PrincipalsAllowedToRetrieveManagedPassword. This is so that a DelegateToAccountPrincipals parameter can be added later.
  - Common Compare-ResourcePropertyState function used to replace function specific Compare-TargetResourceState and code refactored (issue dsccommunity#512).
  - Resource unit tests refactored to use nested contexts and follow the logic of the module.
  - Resource Integration tests added.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement The issue is an enhancement request. good first issue The issue should be easier to fix and can be taken up by a beginner to learn to contribute on GitHub
Projects
None yet
Milestone
No milestone
2 participants
@johlju @X-Guardian