ancestor: null releases: 1.0.0: changes: release_summary: This is the first release of the ``microsoft.ad`` Ansible collection which contains modules that can be used to managed a Microsoft Active Directory environment. fragments: - release-summary.yml release_date: '2023-02-15' 1.1.0: changes: bugfixes: - microsoft.ad.user - Fix setting ``password_expired`` when creating a new user - https://github.com/ansible-collections/microsoft.ad/issues/25 release_summary: 'This release includes the new ``microsoft.ad.ldap`` inventory plugin which can be used to generate an Ansible inventory from an LDAP/AD source. ' fragments: - release-1.1.0.yml - user-password-expired.yml modules: - description: Get host information for debugging LDAP connections name: debug_ldap_client namespace: '' plugins: filter: - description: Converts an LDAP value to a datetime string name: as_datetime namespace: null - description: Converts an LDAP value to a GUID string name: as_guid namespace: null - description: Converts an LDAP value to a Security Identifier string name: as_sid namespace: null inventory: - description: Inventory plugin for Active Directory name: ldap namespace: null release_date: '2023-05-02' 1.2.0: changes: bugfixes: - 'group - Fix idempotency check when ``scope: domainlocal`` is set - https://github.com/ansible-collections/microsoft.ad/issues/31' - microsoft.ad.group - ensure the ``scope`` and ``category`` values are checked as case insensitive to avoid changes when not needed - https://github.com/ansible-collections/microsoft.ad/issues/31 deprecated_features: - Deprecating support for Server 2012 and Server 2012 R2. These OS versions are reaching End of Life status from Microsoft and support for using them in Ansible are nearing its end. minor_changes: - microsoft.ad.debug_ldap_client - Add ``dpapi_ng`` to list of packages checked - microsoft.ad.ldap - Add support for decrypting LAPS encrypted password - microsoft.ad.ldap - Allow setting LDAP connection and authentication options through environment variables - https://github.com/ansible-collections/microsoft.ad/issues/34 release_summary: Release summary for v1.2.0 fragments: - group-case-sensitivity-check.yml - group-domainlocal-scopeinfo.yml - ldap-env-var.yml - ldap-laps-decryption.yml - release_summary.yml - server2012.yml release_date: '2023-06-14' 1.3.0: changes: bugfixes: - Added the missing dependency ``dpapi-ng`` to Ansible Execution Environments requirements file for LAPS decryption support - Ensure renaming and moving an object will be done with the ``domain_server`` and ``domain_username`` credentials specified - https://github.com/ansible-collections/microsoft.ad/issues/54 - Fix up ``protect_from_deletion`` when creating new AD objects - https://github.com/ansible-collections/microsoft.ad/issues/47 - Fix up date_time attribute comparisons to be idempotent - https://github.com/ansible-collections/microsoft.ad/issues/57 - microsoft.ad.user - Ensure the ``spn`` diff after key is ``spn`` and not ``kerberos_encryption_types`` - microsoft.ad.user - treat an expired account as a password that needs to be changed minor_changes: - AD objects will no longer be moved to the default AD path for their type if no ``path`` was specified. Use the value ``microsoft.ad.default_path`` to explicitly set the path to the default path if that behaviour is desired. - microsoft.ad.ldap - Added the option ``filter_without_computer`` to not add the AND clause ``objectClass=computer`` to the final filter used - https://github.com/ansible-collections/microsoft.ad/issues/55 release_summary: release summary for v1.3.0 fragments: - datetime-attributes.yml - default-path.yml - dpapi-req.yml - ldap-filter-raw.yml - move-adparams.yml - protect-from-deletion.yml - release-summary.yml - user-account-expired-password.yml - user-spn-diff.yml release_date: '2023-08-11' 1.4.0: changes: minor_changes: - Make ``name`` an optional parameter for the AD modules. Either ``name`` or ``identity`` needs to be set with their respective behaviours. If creating a new AD user and only ``identity`` is set, that will be the value used for the name of the object. - Set minimum supported Ansible version to 2.14 to align with the versions still supported by Ansible. - object_info - Add ActiveDirectory module import release_summary: Prepare for v1.4.0 release fragments: - 73-import-activedirectory-module.yml - ansible_support.yml - release_summary.yml - search-by-identity.yml release_date: '2023-11-16' 1.4.1: changes: bugfixes: - debug_ldap_client - handle failures when attempting to get the krb5 context and default CCache rather than fail with a traceback release_summary: Release summary for v1.4.1 fragments: - debug_ldap_client-failure.yml - release_summary.yml release_date: '2023-11-23' 1.5.0: changes: bugfixes: - microsoft.ad.group - Support membership lookup of groups that are longer than 20 characters long - microsoft.ad.membership - Add helpful hint when the failure was due to a missing/invalid ``domain_ou_path`` - https://github.com/ansible-collections/microsoft.ad/issues/88 minor_changes: - Added ``group/microsoft.ad.domain`` module defaults group for the ``computer``, ``group``, ``object_info``, ``object``, ``ou``, and ``user`` module. Users can use this defaults group to set common connection options for these modules such as the ``domain_server``, ``domain_username``, and ``domain_password`` options. - Added support for Jinja2 templating in ldap inventory. release_summary: Release summary for v1.5.0 fragments: - default_options.yml - group-support-long-group-names.yml - membership-invalid-ou.yml - release-summary.yml - templating_support.yml plugins: filter: - description: Escape an LDAP DistinguishedName value string. name: dn_escape namespace: null - description: Parses an LDAP DistinguishedName string into an object. name: parse_dn namespace: null release_date: '2024-03-20' 1.6.0: changes: bugfixes: - microsoft.ad.membership - Fix hostname check to work with hostnames longer than 15 characters long - https://github.com/ansible-collections/microsoft.ad/issues/113 - 'microsoft.ad.user - Fix issue when creating a new user account with ``account_locked: false`` - https://github.com/ansible-collections/microsoft.ad/issues/108' minor_changes: - microsoft.ad AD modules - Added ``domain_credentials`` as a common module option that can be used to specify credentials for specific AD servers. - microsoft.ad AD modules - Added ``lookup_failure_action`` on all modules that can specify a list of distinguishedName values to control what should happen if the lookup fails. - microsoft.ad.computer - Added the ability to lookup a distinguishedName on a specific domain server for ``delegates`` and ``managed_by``. - microsoft.ad.group - Added the ability to lookup a distinguishedName on a specific domain server for ``managed_by`` and ``members``. - microsoft.ad.ou - Added the ability to lookup a distinguishedName on a specific domain server for ``managed_by``. - microsoft.ad.user - Added the ability to lookup a distinguishedName on a specific domain server for ``delegates``. - microsoft.ad.user - Rename the option ``groups.missing_action`` to ``groups.lookup_failure_action`` to make the option more consistent with other modules. The ``missing_action`` option is still supported as an alias. - microsoft.ad.user - Support group member lookup on alternative server using the DN lookup syntax. This syntax uses a dictionary where ``name`` defined the group to lookup and ``server`` defines the server to lookup the group on. release_summary: Release summary for v1.6.0 fragments: - lookup-dn.yml - membership-long-name.yml - release-1.6.0.yml - user-account-locked.yml - user-groups.yml release_date: '2024-06-10'