/lib/ansible/modules/windows/win_user.py

https://github.com/debfx/ansible · Python · 194 lines · 182 code · 6 blank · 6 comment · 0 complexity · 01817cc7243455724a91f8d73921896f MD5 · raw file

  1. #!/usr/bin/python
  2. # -*- coding: utf-8 -*-
  3. # Copyright: (c) 2014, Matt Martz <matt@sivel.net>, and others
  4. # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
  5. # this is a windows documentation stub. actual code lives in the .ps1
  6. # file of the same name
  7. ANSIBLE_METADATA = {'metadata_version': '1.1',
  8. 'status': ['stableinterface'],
  9. 'supported_by': 'core'}
  10. DOCUMENTATION = r'''
  11. ---
  12. module: win_user
  13. version_added: "1.7"
  14. short_description: Manages local Windows user accounts
  15. description:
  16. - Manages local Windows user accounts.
  17. - For non-Windows targets, use the M(user) module instead.
  18. options:
  19. name:
  20. description:
  21. - Name of the user to create, remove or modify.
  22. type: str
  23. required: yes
  24. fullname:
  25. description:
  26. - Full name of the user.
  27. type: str
  28. version_added: "1.9"
  29. description:
  30. description:
  31. - Description of the user.
  32. type: str
  33. version_added: "1.9"
  34. password:
  35. description:
  36. - Optionally set the user's password to this (plain text) value.
  37. type: str
  38. update_password:
  39. description:
  40. - C(always) will update passwords if they differ. C(on_create) will
  41. only set the password for newly created users.
  42. type: str
  43. choices: [ always, on_create ]
  44. default: always
  45. version_added: "1.9"
  46. password_expired:
  47. description:
  48. - C(yes) will require the user to change their password at next login.
  49. - C(no) will clear the expired password flag.
  50. type: bool
  51. version_added: "1.9"
  52. password_never_expires:
  53. description:
  54. - C(yes) will set the password to never expire.
  55. - C(no) will allow the password to expire.
  56. type: bool
  57. version_added: "1.9"
  58. user_cannot_change_password:
  59. description:
  60. - C(yes) will prevent the user from changing their password.
  61. - C(no) will allow the user to change their password.
  62. type: bool
  63. version_added: "1.9"
  64. account_disabled:
  65. description:
  66. - C(yes) will disable the user account.
  67. - C(no) will clear the disabled flag.
  68. type: bool
  69. version_added: "1.9"
  70. account_locked:
  71. description:
  72. - C(no) will unlock the user account if locked.
  73. choices: [ 'no' ]
  74. version_added: "1.9"
  75. groups:
  76. description:
  77. - Adds or removes the user from this comma-separated lis of groups,
  78. depending on the value of I(groups_action).
  79. - When I(groups_action) is C(replace) and I(groups) is set to the empty
  80. string ('groups='), the user is removed from all groups.
  81. version_added: "1.9"
  82. groups_action:
  83. description:
  84. - If C(add), the user is added to each group in I(groups) where not
  85. already a member.
  86. - If C(replace), the user is added as a member of each group in
  87. I(groups) and removed from any other groups.
  88. - If C(remove), the user is removed from each group in I(groups).
  89. type: str
  90. choices: [ add, replace, remove ]
  91. default: replace
  92. version_added: "1.9"
  93. state:
  94. description:
  95. - When C(absent), removes the user account if it exists.
  96. - When C(present), creates or updates the user account.
  97. - When C(query) (new in 1.9), retrieves the user account details
  98. without making any changes.
  99. type: str
  100. choices: [ absent, present, query ]
  101. default: present
  102. seealso:
  103. - module: user
  104. - module: win_domain_membership
  105. - module: win_domain_user
  106. - module: win_group
  107. - module: win_group_membership
  108. - module: win_user_profile
  109. author:
  110. - Paul Durivage (@angstwad)
  111. - Chris Church (@cchurch)
  112. '''
  113. EXAMPLES = r'''
  114. - name: Ensure user bob is present
  115. win_user:
  116. name: bob
  117. password: B0bP4ssw0rd
  118. state: present
  119. groups:
  120. - Users
  121. - name: Ensure user bob is absent
  122. win_user:
  123. name: bob
  124. state: absent
  125. '''
  126. RETURN = r'''
  127. account_disabled:
  128. description: Whether the user is disabled.
  129. returned: user exists
  130. type: bool
  131. sample: false
  132. account_locked:
  133. description: Whether the user is locked.
  134. returned: user exists
  135. type: bool
  136. sample: false
  137. description:
  138. description: The description set for the user.
  139. returned: user exists
  140. type: str
  141. sample: Username for test
  142. fullname:
  143. description: The full name set for the user.
  144. returned: user exists
  145. type: str
  146. sample: Test Username
  147. groups:
  148. description: A list of groups and their ADSI path the user is a member of.
  149. returned: user exists
  150. type: list
  151. sample: [
  152. {
  153. "name": "Administrators",
  154. "path": "WinNT://WORKGROUP/USER-PC/Administrators"
  155. }
  156. ]
  157. name:
  158. description: The name of the user
  159. returned: always
  160. type: str
  161. sample: username
  162. password_expired:
  163. description: Whether the password is expired.
  164. returned: user exists
  165. type: bool
  166. sample: false
  167. password_never_expires:
  168. description: Whether the password is set to never expire.
  169. returned: user exists
  170. type: bool
  171. sample: true
  172. path:
  173. description: The ADSI path for the user.
  174. returned: user exists
  175. type: str
  176. sample: "WinNT://WORKGROUP/USER-PC/username"
  177. sid:
  178. description: The SID for the user.
  179. returned: user exists
  180. type: str
  181. sample: S-1-5-21-3322259488-2828151810-3939402796-1001
  182. user_cannot_change_password:
  183. description: Whether the user can change their own password.
  184. returned: user exists
  185. type: bool
  186. sample: false
  187. '''