Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update win_domain_group_membership.ps1 #56953

Closed
wants to merge 4 commits into from
Closed

Update win_domain_group_membership.ps1 #56953

wants to merge 4 commits into from

Conversation

AravindBalajiS
Copy link
Contributor

Bug fixes while Adding and Deleting a group from another group

SUMMARY

I was trying to add DEF group to ABC group after executing the ansible script I checked the members that are present in ABC groups, the DEF group was not added to it. As DEF group was not present in ABC group after executing the ansible script then I tried to add DEF group to ABC group using the ps1 script, after execution of the ps1 script I found that DEF is a universal group and ABC is a global group, as a global group cannot have a universal group as a member. So the ps1 script failed while executing. But while executing the ansible script it got passed, it didn't show any error while execting it.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

win_domain_group_membership

ADDITIONAL INFORMATION

STEPS TO REPRODUCE
This can be reproduced by running the following playbook

---
- hosts: nodes
  vars:
    domain_user_name: '************************'                                                           # Service Account Username
    domain_user_password: '********************'                                                           # Service Account Password                                                                         
    domain_name: '**********************'                                                                      # Zone of the DNS

  tasks:
  - name: Add a domain group to a domain group
    win_domain_group_membership:
      name: "ABC"
      members:
        - "DEF"
      domain_username: "{{ domain_user_name }}"
      domain_password: "{{ domain_user_password }}"
      domain_server: "{{ domain_name }}"
      state: present

EXPECTED RESULTS

TASK [Add a domain group to a domain group] *************************************************************************************************************************************************************************************************
task path: /home/test.yml:12
Using module file /usr/lib/python2.7/site-packages/ansible/modules/windows/win_domain_group_membership.ps1
<xx.xx.xx.xx> ESTABLISH WINRM CONNECTION FOR USER: test on PORT 5986 TO xx.xx.xx.xx
checking if winrm_host xx.xx.xx.xx is an IPv6 address
EXEC (via pipeline wrapper)
fatal: [xx.xx.xx.xx]: FAILED! => {
    "added": [],
    "changed": false,
    "msg": "Failed to add a group CN=DEF: A global group cannot have a universal group as a member",
    "removed": []
}

ACTUAL RESULTS

TASK [Add a domain group to a domain group] *************************************************************************************************************************************************************************************************
task path: /home/test.yml:12
Using module file /usr/lib/python2.7/site-packages/ansible/modules/windows/win_domain_group_membership.ps1
<xx.xx.xx.xx> ESTABLISH WINRM CONNECTION FOR USER: test on PORT 5986 TO xx.xx.xx.xx
checking if winrm_host xx.xx.xx.xx is an IPv6 address
EXEC (via pipeline wrapper)
changed: [xx.xx.xx.xx] => {
    "added": [
        "DEF"
    ],
    "changed": true,
    "members": [
        "XYZ"
    ],
    "removed": []
}

@AravindBalajiS
Update win_domain_group_membership.ps1
6d72d95 
Bug fixes while Adding and Deleting a group from another group
@AravindBalajiS
Update win_domain_group_membership.ps1
9db8842 
Bug fixes while Adding and Deleting a group from another group
@ansibot
Copy link
Contributor

ansibot commented May 25, 2019

cc @dagwieers @if-meaton @jborean93 @jhawkesworth @nitzmahone
click here for bot help

@ansibot ansibot added affects_2.9 This issue/PR affects Ansible v2.9 bug This issue/PR relates to a bug. core_review In order to be merged, this PR must follow the core review workflow. module This issue/PR relates to a module. needs_triage Needs a first human triage before being processed. support:core This issue/PR relates to code supported by the Ansible Engineering Team. windows Windows community labels May 25, 2019
@AravindBalajiS
Update win_domain_group_membership.ps1
c7558fe 
Bug fixes while Adding and Deleting a group from another group
@AravindBalajiS
Update win_domain_group_membership.ps1
5910f6b 
Bug fixes while Adding and Deleting a group from another group
@bcoca bcoca removed the needs_triage Needs a first human triage before being processed. label May 28, 2019
@bcoca bcoca requested a review from jborean93 May 28, 2019 15:21
@ansibot
Copy link
Contributor

ansibot commented May 28, 2019

cc @ShachafGoldstein
click here for bot help

@ShachafGoldstein
Copy link
Contributor

Please add a changelog fragment to document the bug fix.

@AravindBalajiS
Copy link
Contributor Author

AravindBalajiS commented May 29, 2019
edited

I have added the changelog fragment 57104 @ShachafGoldstein

@ansibot ansibot added the needs_repo This PR no longer has an associated branch as it was removed by the submitter. label May 29, 2019
@AravindBalajiS AravindBalajiS mentioned this pull request May 29, 2019
Closed
@ShachafGoldstein ShachafGoldstein mentioned this pull request Jun 5, 2019
Closed
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Jun 6, 2019
@AravindBalajiS
Copy link
Contributor Author

Hi @ShachafGoldstein
Any update?

ShachafGoldstein
ShachafGoldstein reviewed Jun 22, 2019
View reviewed changes
lib/ansible/modules/windows/win_domain_group_membership.ps1
try {
Add-ADGroupMember -Identity $name -Members $group_member -WhatIf:$check_mode @extra_args
} catch {
Fail-Json $result "Failed to add a group $($group_member): $($_.Exception.Message)"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A silly comment but probably should be Failed to add group $($group_member): $($_.Exception.Message) or Failed to add a group: $($group_member) - $($_.Exception.Message)

ShachafGoldstein
ShachafGoldstein reviewed Jun 22, 2019
View reviewed changes
lib/ansible/modules/windows/win_domain_group_membership.ps1
try {
Remove-ADGroupMember -Identity $name -Members $group_member -WhatIf:$check_mode @extra_args -Confirm:$False
} catch {
Fail-Json $result "Failed to remove a group $($group_member): $($_.Exception.Message)"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as the add comment

ShachafGoldstein
ShachafGoldstein reviewed Jun 22, 2019
View reviewed changes
lib/ansible/modules/windows/win_domain_group_membership.ps1
try {
Remove-ADGroupMember -Identity $name -Members $current_member -WhatIf:$check_mode @extra_args -Confirm:$False
} catch {
Fail-Json $result "Failed to remove a group $($group_member): $($_.Exception.Message)"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here as well, regarding the grammar/text

@ShachafGoldstein
Copy link
Contributor

Hi @ShachafGoldstein
Any update?

I can't really merge anything but if it is urgent for you, you can add it to the weekly meeting agenda and join the IRC to move it faster.

@jborean93
Copy link
Contributor

Personally I don’t see the point to this PR. A try/catch is only fired in the event of a terminating error which means the script would have stopped. Since 2.8 we should be giving better error message that will result in a lot better error output which removes the necessity of the Fail-Json for individual commands. We should only be using Fail-Json if we are manually throwing a failure or the error message doesn’t make sense in the context where it happens.

@AravindBalajiS
Copy link
Contributor Author

@ShachafGoldstein @jborean93
Thanks for comments

@ansibot
Copy link
Contributor

ansibot commented Jul 31, 2019

@AravindBalajiS Your branch does not contain a shippable.yml file. Please rebase your branch to trigger running of current tests.

click here for bot help

@ansibot ansibot added needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html needs_shippable This PR lacks a shippable.yml in its tree. Please rebase your branch to include the latest CI tests. and removed core_review In order to be merged, this PR must follow the core review workflow. labels Jul 31, 2019
@gundalow gundalow added pr_day Has been reviewed during a PR review Day candidate_to_close Think we can close this, though need to check with Core labels Sep 3, 2019
@gundalow
Copy link
Contributor

gundalow commented Sep 3, 2019

Given #56953 (comment) I think this can be closed.

@gundalow gundalow closed this Sep 3, 2019
@ansible ansible locked and limited conversation to collaborators Oct 1, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ShachafGoldstein ShachafGoldstein ShachafGoldstein left review comments

@jborean93 jborean93 Awaiting requested review from jborean93

Assignees
No one assigned
Labels
affects_2.9 This issue/PR affects Ansible v2.9 bug This issue/PR relates to a bug. candidate_to_close Think we can close this, though need to check with Core has_issue module This issue/PR relates to a module. needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html needs_repo This PR no longer has an associated branch as it was removed by the submitter. needs_shippable This PR lacks a shippable.yml in its tree. Please rebase your branch to include the latest CI tests. pr_day Has been reviewed during a PR review Day stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. support:core This issue/PR relates to code supported by the Ansible Engineering Team. windows Windows community
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@AravindBalajiS @ansibot @ShachafGoldstein @jborean93 @gundalow @bcoca