community.windows.win_domain_ou (2.2.0) — module

Install collection

Install with ansible-galaxy collection install community.windows:==2.2.0

Add to requirements.yml

  collections:
    - name: community.windows
      version: 2.2.0

Description

Manage Active Directory Organizational Units

Adds, Removes and Modifies Active Directory Organizational Units

Task should be delegated to a Windows Active Directory Domain Controller

Requirements

• This module requires Windows Server 2012 or Newer
• Powershell ActiveDirectory Module

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

---
- name: Ensure OU is present & protected
  community.windows.win_domain_ou:
    name: AnsibleFest
    state: present

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Ensure OU is present & protected
  community.windows.win_domain_ou:
    name: EUC Users
    path: "DC=euc,DC=vmware,DC=lan"
    state: present
    protected: true
  delegate_to: win-ad1.euc.vmware.lab

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Ensure OU is absent
  community.windows.win_domain_ou:
    name: EUC Users
    path: "DC=euc,DC=vmware,DC=lan"
    state: absent
  delegate_to: win-ad1.euc.vmware.lab

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Ensure OU is present with specific properties
  community.windows.win_domain_ou:
    name: WS1Users
    path: "CN=EUC Users,DC=euc,DC=vmware,DC=lan"
    protected: true
    properties:
      city: Sandy Springs
      state: Georgia
      StreetAddress: 1155 Perimeter Center West
      country: US
      description: EUC Business Unit
      PostalCode: 30189
  delegate_to: win-ad1.euc.vmware.lab

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Ensure OU updated with new properties
  community.windows.win_domain_ou:
    name: WS1Users
    path: DC=euc,DC=vmware,DC=lan
    protected: false
    properties:
      city: Atlanta
      state: Georgia
      managedBy: jzollo@vmware.com
  delegate_to: win-ad1.euc.vmware.lab

Inputs

    
name:
    description:
    - The name of the Organizational Unit
    required: true
    type: str

path:
    description:
    - Specifies the X.500 path of the OU or container where the new object is created.
    - defaults to adding ou at base of domain connected to.
    required: false
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Specifies the desired state of the OU.
    - When I(state=present) the module will attempt to create the specified OU if it does
      not already exist.
    - When I(state=absent), the module will remove the specified OU.
    - When I(state=absent) and I(recursive=true), the module will remove all the OU and
      all child OU's.
    type: str

filter:
    default: '*'
    description: filter for lookup of ou.
    type: str

protected:
    default: false
    description:
    - Indicates whether to prevent the object from being deleted. When this I(protected=true),
      you cannot delete the corresponding object without changing the value of the property.
    type: bool

recursive:
    default: false
    description:
    - Removes the OU and any child items it contains.
    - You must specify this parameter to remove an OU that is not empty.
    type: bool

properties:
    description:
    - Free form dict of properties for the organizational unit. Follows LDAP property
      names, like C(StreetAddress) or C(PostalCode).
    type: dict

domain_server:
    description:
    - Specifies the Active Directory Domain Services instance to connect to.
    - Can be in the form of an FQDN or NetBIOS name.
    - If not specified then the value is based on the domain of the computer running PowerShell.
    type: str

domain_password:
    description:
    - The password for the domain you are accessing
    type: str

domain_username:
    description:
    - The username to use when interacting with AD.
    - If this is not set then the user Ansible used to log in with will be used instead
      when using CredSSP or Kerberos with credential delegation.
    type: str

Outputs

ou:
  description:
  - New/Updated organizational unit parameters
  returned: When I(state=present)
  sample:
    AddedProperties: []
    City: Sandy Springs
    Country: null
    DistinguishedName: OU=VMW Atlanta,DC=ansible,DC=test
    LinkedGroupPolicyObjects: []
    ManagedBy: null
    ModifiedProperties: []
    Name: VMW Atlanta
    ObjectClass: organizationalUnit
    ObjectGUID: 3e987e30-93ad-4229-8cd0-cff6a91275e4
    PostalCode: null
    PropertyCount: 11
    PropertyNames: City Country DistinguishedName LinkedGroupPolicyObjects ManagedBy
      Name ObjectClass ObjectGUID PostalCode State StreetAddress
    RemovedProperties: []
    State: Georgia
    StreetAddress: 1155 Perimeter Center West
  type: dict
path:
  description:
  - Base ou path used by module either when provided I(path=DC=Ansible,DC=Test) or
    derived by module.
  returned: always
  sample:
    path: DC=ansible,DC=test
  type: str