Gather information an Active Directory object
- Gather information about multiple Active Directory object(s).
Note
- The
sAMAccountType_AnsibleFlags
anduserAccountControl_AnsibleFlags
return property is something set by the module itself as an easy way to view what those flags represent. These properties cannot be used as part of the filter or ldap_filter and are automatically added if those properties were requested.
- name: Get all properties for the specified account using its DistinguishedName
community.windows.win_domain_object_info:
identity: CN=Username,CN=Users,DC=domain,DC=com
properties: '*'
- name: Get the SID for all user accounts as a filter
community.windows.win_domain_object_info:
filter: ObjectClass -eq 'user' -and objectCategory -eq 'Person'
properties:
- objectSid
- name: Get the SID for all user accounts as a LDAP filter
community.windows.win_domain_object_info:
ldap_filter: (&(objectClass=user)(objectCategory=Person))
properties:
- objectSid
- name: Search all computer accounts in a specific path that were added after February 1st
community.windows.win_domain_object_info:
filter: objectClass -eq 'computer' -and whenCreated -gt '20200201000000.0Z'
properties: '*'
search_scope: one_level
search_base: CN=Computers,DC=domain,DC=com
Common return values are documented here, the following are the fields unique to this module:
- Jordan Borean (@jborean93)