/lib/ansible/modules/windows/win_user.py
https://github.com/debfx/ansible · Python · 194 lines · 182 code · 6 blank · 6 comment · 0 complexity · 01817cc7243455724a91f8d73921896f MD5 · raw file
- #!/usr/bin/python
- # -*- coding: utf-8 -*-
- # Copyright: (c) 2014, Matt Martz <matt@sivel.net>, and others
- # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- # this is a windows documentation stub. actual code lives in the .ps1
- # file of the same name
- ANSIBLE_METADATA = {'metadata_version': '1.1',
- 'status': ['stableinterface'],
- 'supported_by': 'core'}
- DOCUMENTATION = r'''
- ---
- module: win_user
- version_added: "1.7"
- short_description: Manages local Windows user accounts
- description:
- - Manages local Windows user accounts.
- - For non-Windows targets, use the M(user) module instead.
- options:
- name:
- description:
- - Name of the user to create, remove or modify.
- type: str
- required: yes
- fullname:
- description:
- - Full name of the user.
- type: str
- version_added: "1.9"
- description:
- description:
- - Description of the user.
- type: str
- version_added: "1.9"
- password:
- description:
- - Optionally set the user's password to this (plain text) value.
- type: str
- update_password:
- description:
- - C(always) will update passwords if they differ. C(on_create) will
- only set the password for newly created users.
- type: str
- choices: [ always, on_create ]
- default: always
- version_added: "1.9"
- password_expired:
- description:
- - C(yes) will require the user to change their password at next login.
- - C(no) will clear the expired password flag.
- type: bool
- version_added: "1.9"
- password_never_expires:
- description:
- - C(yes) will set the password to never expire.
- - C(no) will allow the password to expire.
- type: bool
- version_added: "1.9"
- user_cannot_change_password:
- description:
- - C(yes) will prevent the user from changing their password.
- - C(no) will allow the user to change their password.
- type: bool
- version_added: "1.9"
- account_disabled:
- description:
- - C(yes) will disable the user account.
- - C(no) will clear the disabled flag.
- type: bool
- version_added: "1.9"
- account_locked:
- description:
- - C(no) will unlock the user account if locked.
- choices: [ 'no' ]
- version_added: "1.9"
- groups:
- description:
- - Adds or removes the user from this comma-separated lis of groups,
- depending on the value of I(groups_action).
- - When I(groups_action) is C(replace) and I(groups) is set to the empty
- string ('groups='), the user is removed from all groups.
- version_added: "1.9"
- groups_action:
- description:
- - If C(add), the user is added to each group in I(groups) where not
- already a member.
- - If C(replace), the user is added as a member of each group in
- I(groups) and removed from any other groups.
- - If C(remove), the user is removed from each group in I(groups).
- type: str
- choices: [ add, replace, remove ]
- default: replace
- version_added: "1.9"
- state:
- description:
- - When C(absent), removes the user account if it exists.
- - When C(present), creates or updates the user account.
- - When C(query) (new in 1.9), retrieves the user account details
- without making any changes.
- type: str
- choices: [ absent, present, query ]
- default: present
- seealso:
- - module: user
- - module: win_domain_membership
- - module: win_domain_user
- - module: win_group
- - module: win_group_membership
- - module: win_user_profile
- author:
- - Paul Durivage (@angstwad)
- - Chris Church (@cchurch)
- '''
- EXAMPLES = r'''
- - name: Ensure user bob is present
- win_user:
- name: bob
- password: B0bP4ssw0rd
- state: present
- groups:
- - Users
- - name: Ensure user bob is absent
- win_user:
- name: bob
- state: absent
- '''
- RETURN = r'''
- account_disabled:
- description: Whether the user is disabled.
- returned: user exists
- type: bool
- sample: false
- account_locked:
- description: Whether the user is locked.
- returned: user exists
- type: bool
- sample: false
- description:
- description: The description set for the user.
- returned: user exists
- type: str
- sample: Username for test
- fullname:
- description: The full name set for the user.
- returned: user exists
- type: str
- sample: Test Username
- groups:
- description: A list of groups and their ADSI path the user is a member of.
- returned: user exists
- type: list
- sample: [
- {
- "name": "Administrators",
- "path": "WinNT://WORKGROUP/USER-PC/Administrators"
- }
- ]
- name:
- description: The name of the user
- returned: always
- type: str
- sample: username
- password_expired:
- description: Whether the password is expired.
- returned: user exists
- type: bool
- sample: false
- password_never_expires:
- description: Whether the password is set to never expire.
- returned: user exists
- type: bool
- sample: true
- path:
- description: The ADSI path for the user.
- returned: user exists
- type: str
- sample: "WinNT://WORKGROUP/USER-PC/username"
- sid:
- description: The SID for the user.
- returned: user exists
- type: str
- sample: S-1-5-21-3322259488-2828151810-3939402796-1001
- user_cannot_change_password:
- description: Whether the user can change their own password.
- returned: user exists
- type: bool
- sample: false
- '''