Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ADUser: add SamAccountName parameter #660

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ For older change log history see the [historic changelog](HISTORIC_CHANGELOG.md)
- ADGroup
- Refactored Module.
- Refactored Unit and Integration Tests.
- ADUser
- Added SamAccountName property.

### Added

Expand Down
6 changes: 6 additions & 0 deletions source/DSCResources/MSFT_ADUser/MSFT_ADUser.PropertyMap.psd1
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,12 @@
UseCmdletParameter = $false
Array = $false
}
@{
Parameter = 'SamAccountName'
ADProperty = 'SamAccountName'
UseCmdletParameter = $true
Array = $false
}
@{
Parameter = 'Path'
ADProperty = 'distinguishedName'
Expand Down
31 changes: 25 additions & 6 deletions source/DSCResources/MSFT_ADUser/MSFT_ADUser.psm1
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@ $adPropertyMap = (Import-PowerShellDataFile -Path $adPropertyMapPath).Parameters
Name of the domain where the user account is located (only used if password is managed).

.PARAMETER UserName
Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName').
Specifies the account name of the user. (You can identify a user by its distinguished
name (DN), GUID, security identifier (SID) or Security Accounts Manager (SAM) account name.)

.PARAMETER DomainController
Specifies the Active Directory Domain Services instance to use to perform the task.
Expand Down Expand Up @@ -185,7 +186,8 @@ function Get-TargetResource
Name of the domain where the user account is located (only used if password is managed).

.PARAMETER UserName
Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName').
Specifies the account name of the user. (You can identify a user by its distinguished
name (DN), GUID, security identifier (SID), or Security Accounts Manager (SAM) account name.)

.PARAMETER Password
Specifies a new password value for the account.
Expand All @@ -203,6 +205,9 @@ function Get-TargetResource
.PARAMETER DisplayName
Specifies the display name of the object (ldapDisplayName 'displayName').

.PARAMETER SamAccountName
Specifies the SamAccountName of the object (ldapDisplayName 'SamAccountName').

.PARAMETER Path
Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created.

Expand Down Expand Up @@ -303,7 +308,7 @@ function Get-TargetResource
.PARAMETER LogonWorkstations
Specifies the computers that the user can access. To specify more than one computer, create a single
comma-separated list. You can identify a computer by using the Security Account Manager (SAM) account name
(sAMAccountName) or the DNS host name of the computer. The SAM account name is the same as the NetBIOS name of
(SamAccountName) or the DNS host name of the computer. The SAM account name is the same as the NetBIOS name of
the computer (ldapDisplayName 'userWorkStations').

.PARAMETER Organization
Expand Down Expand Up @@ -432,6 +437,11 @@ function Test-TargetResource
[System.String]
$DisplayName,

[Parameter()]
[ValidateNotNull()]
[System.String]
$SamAccountName,

[Parameter()]
[ValidateNotNull()]
[System.String]
Expand Down Expand Up @@ -869,7 +879,8 @@ function Test-TargetResource
Name of the domain where the user account is located (only used if password is managed).

.PARAMETER UserName
Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName').
Specifies the account name of the user. (You can identify a user by its distinguished
name (DN), GUID, security identifier (SID), or Security Accounts Manager (SAM) account name.)

.PARAMETER Password
Specifies a new password value for the account.
Expand All @@ -887,6 +898,9 @@ function Test-TargetResource
.PARAMETER DisplayName
Specifies the display name of the object (ldapDisplayName 'displayName').

.PARAMETER SamAccountName
Specifies the SamAccountName of the object (ldapDisplayName 'SamAccountName').

.PARAMETER Path
Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created.

Expand Down Expand Up @@ -987,7 +1001,7 @@ function Test-TargetResource
.PARAMETER LogonWorkstations
Specifies the computers that the user can access. To specify more than one computer, create a single
comma-separated list. You can identify a computer by using the Security Account Manager (SAM) account name
(sAMAccountName) or the DNS host name of the computer. The SAM account name is the same as the NetBIOS name of
(SamAccountName) or the DNS host name of the computer. The SAM account name is the same as the NetBIOS name of
the computer (ldapDisplayName 'userWorkStations').

.PARAMETER Organization
Expand Down Expand Up @@ -1125,6 +1139,11 @@ function Set-TargetResource
[System.String]
$DisplayName,

[Parameter()]
[ValidateNotNull()]
[System.String]
$SamAccountName,

[Parameter()]
[ValidateNotNull()]
[System.String]
Expand Down Expand Up @@ -1506,7 +1525,7 @@ function Set-TargetResource

Write-Debug -Message ('New-ADUser Parameters:' + ($newADUserParams | Out-String))

$newADUser = New-ADUser @newADUserParams -SamAccountName $UserName -Passthru
$newADUser = New-ADUser @newADUserParams -Name $UserName -Passthru

if ($updateCnRequired)
{
Expand Down
5 changes: 3 additions & 2 deletions source/DSCResources/MSFT_ADUser/MSFT_ADUser.schema.mof
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,13 @@
class MSFT_ADUser : OMI_BaseResource
{
[Key, Description("Name of the domain where the user account is located (only used if password is managed).")] String DomainName;
[Key, Description("Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName').")] String UserName;
[Key, Description("Specifies the account name of the user. (You can identify a user by its distinguished name (DN), GUID, security identifier (SID), or Security Accounts Manager (SAM) account name.)")] String UserName;
[Write, Description("Specifies a new password value for the account."), EmbeddedInstance("MSFT_Credential")] String Password;
[Write, Description("Specifies whether the user account should be present or absent. Default value is 'Present'."), ValueMap{"Present", "Absent"},Values{"Present", "Absent"}] String Ensure;
[Write, Description("Specifies the common name assigned to the user account (ldapDisplayName 'cn'). If not specified the default value will be the same value provided in parameter UserName.")] String CommonName;
[Write, Description("Specifies the User Principal Name (UPN) assigned to the user account (ldapDisplayName 'userPrincipalName').")] String UserPrincipalName;
[Write, Description("Specifies the display name of the object (ldapDisplayName 'displayName').")] String DisplayName;
[Write, Description("Specifies the SamAccountName of the object (ldapDisplayName 'SamAccountName').")] String SamAccountName;
[Write, Description("Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created.")] String Path;
[Write, Description("Specifies the user's given name (ldapDisplayName 'givenName').")] String GivenName;
[Write, Description("Specifies the initials that represent part of a user's name (ldapDisplayName 'initials').")] String Initials;
Expand Down Expand Up @@ -40,7 +41,7 @@ class MSFT_ADUser : OMI_BaseResource
[Write, Description("Specifies the user's pager number (ldapDisplayName 'pager').")] String Pager;
[Write, Description("Specifies the user's IP telephony phone number (ldapDisplayName 'ipPhone').")] String IPPhone;
[Write, Description("Specifies the user's manager specified as a Distinguished Name (ldapDisplayName 'manager').")] String Manager;
[Write, Description("Specifies the computers that the user can access. To specify more than one computer, create a single comma-separated list. You can identify a computer by using the Security Account Manager (SAM) account name (sAMAccountName) or the DNS host name of the computer. The SAM account name is the same as the NetBIOS name of the computer. The LDAP display name (ldapDisplayName) for this property is userWorkStations.")] String LogonWorkstations;
[Write, Description("Specifies the computers that the user can access. To specify more than one computer, create a single comma-separated list. You can identify a computer by using the Security Account Manager (SAM) account name (SamAccountName) or the DNS host name of the computer. The SAM account name is the same as the NetBIOS name of the computer. The LDAP display name (ldapDisplayName) for this property is userWorkStations.")] String LogonWorkstations;
[Write, Description("Specifies the user's organization. This parameter sets the Organization property of a user object. The LDAP display name (ldapDisplayName) of this property is 'o'.")] String Organization;
[Write, Description("Specifies a name in addition to a user's given name and surname, such as the user's middle name. This parameter sets the OtherName property of a user object. The LDAP display name (ldapDisplayName) of this property is 'middleName'.")] String OtherName;
[Write, Description("Specifies if the account is enabled. Default value is $true.")] Boolean Enabled;
Expand Down
6 changes: 4 additions & 2 deletions tests/Unit/MSFT_ADUser.Tests.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ try
Path = $mockPath
DistinguishedName = "CN=$UserName,$mockPath"
DisplayName = 'Test User'
SamAccountName = $UserName
Initials = 'T'
Enabled = $true
GivenName = 'Test'
Expand Down Expand Up @@ -114,7 +115,7 @@ try

$mockAbsentResource = @{
DomainName = 'contoso.com'
UserName = 'TestUser'
UserName = $UserName
Path = $null
DistinguishedName = $null
DisplayName = $null
Expand Down Expand Up @@ -175,6 +176,7 @@ try
$mockChangedResource = @{
Path = 'OU=Staff,DC=contoso,DC=com'
DisplayName = 'Test User Changed'
SamAccountName = 'TestUserChanged'
Initials = 'S'
Enabled = $false
GivenName = 'Test Changed'
Expand Down Expand Up @@ -226,7 +228,7 @@ try
}

$mockGetADUserResult = @{
samAccountName = $mockResource.UserName
samAccountName = $mockResource.SamAccountName
cn = $mockResource.CommonName
UserPrincipalName = $mockResource.UserPrincipalName
DisplayName = $mockResource.DisplayName
Expand Down