Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"changed": false, "distinguished_name": null, "msg": "New-ADUser failed: The specified account already exists", "object_guid": null #74

Closed
ba31 opened this issue Oct 2, 2023 · 2 comments · Fixed by #75
Closed

"changed": false, "distinguished_name": null, "msg": "New-ADUser failed: The specified account already exists", "object_guid": null #74

ba31 opened this issue Oct 2, 2023 · 2 comments · Fixed by #75

Comments

@ba31
Copy link

ba31 commented Oct 2, 2023

SUMMARY

Unable to set password/change password of the user that already exist in domain.password can only be set at the time of user creation otherwise its generate error "Unable to set password expired to at the time user creation. password_expired can only be set once user is created. otherwise its generate error "FAILED! => {"changed": false, "distinguished_name": null, "msg": "New-ADUser failed: The specified account already exists", "object_guid": null}"

ISSUE TYPE

FAILED! => {"changed": false, "distinguished_name": null, "msg": "New-ADUser failed: The specified account already exists", "object_guid": null}

COMPONENT NAME

microsoft.ad.user

ANSIBLE VERSION
ansible [core 2.15.0]
  config file = None
  configured module search path = ['/home/demo/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/demo/.pyenv/versions/3.11.3/lib/python3.11/site-packages/ansible
  ansible collection location = /home/demo/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/demo/.pyenv/versions/3.11.3/bin/ansible
  python version = 3.11.3 (main, Jun  2 2023, 11:09:30) [GCC 11.3.0] (/home/demo/.pyenv/versions/3.11.3/bin/python3)
  jinja version = 3.1.2
  libyaml = True
COLLECTION VERSION
Collection        Version
----------------- -------
community.general 6.6.0
CONFIGURATION
    - name: prepare user for login
      microsoft.ad.user:
        name: test.pass
        password: password
        password_expired: true
       account_locked: false
OS / ENVIRONMENT
Linux  5.10.102.1-microsoft-standard-WSL2 #1 SMP Wed Mar 2 00:30:59 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
STEPS TO REPRODUCE
    - name: prepare user for login
      microsoft.ad.user:
        name: test.pass
        password: password
        password_expired: true
       account_locked: false

ansible-playbook -i hosts microsoft.ad.user.yaml
EXPECTED RESULTS

The account password should be reset

ACTUAL RESULTS
@jborean93
Copy link
Collaborator

Keep in mind that name is not the sAMAccountName it is the name of the LDAP user entry in the path specified (which defaults to whatever your AD is configured with). There is a request to allow using only the identity parameter without name to lookup the user by sAMAccountName rather than by the name and optional path that's currently needed.

@jborean93 jborean93 mentioned this issue Oct 2, 2023
Merged
@jborean93
Copy link
Collaborator

I have opened a draft PR #75 that implements the behaviour. I'll have to add more tests for this scenario before I merge it in though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Make name optional jborean93/microsoft.ad
2 participants
@jborean93 @ba31