ansible_collections/microsoft/ad/changelogs/changelog.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191

ancestor: null
releases:
  1.0.0:
    changes:
      release_summary: This is the first release of the ``microsoft.ad`` Ansible collection
        which contains modules that can be used to managed a Microsoft Active Directory
        environment.
    fragments:
    - release-summary.yml
    release_date: '2023-02-15'
  1.1.0:
    changes:
      bugfixes:
      - microsoft.ad.user - Fix setting ``password_expired`` when creating a new user
        - https://github.com/ansible-collections/microsoft.ad/issues/25
      release_summary: 'This release includes the new ``microsoft.ad.ldap`` inventory
        plugin which can be used to generate an Ansible

        inventory from an LDAP/AD source.

        '
    fragments:
    - release-1.1.0.yml
    - user-password-expired.yml
    modules:
    - description: Get host information for debugging LDAP connections
      name: debug_ldap_client
      namespace: ''
    plugins:
      filter:
      - description: Converts an LDAP value to a datetime string
        name: as_datetime
        namespace: null
      - description: Converts an LDAP value to a GUID string
        name: as_guid
        namespace: null
      - description: Converts an LDAP value to a Security Identifier string
        name: as_sid
        namespace: null
      inventory:
      - description: Inventory plugin for Active Directory
        name: ldap
        namespace: null
    release_date: '2023-05-02'
  1.2.0:
    changes:
      bugfixes:
      - 'group - Fix idempotency check when ``scope: domainlocal`` is set - https://github.com/ansible-collections/microsoft.ad/issues/31'
      - microsoft.ad.group - ensure the ``scope`` and ``category`` values are checked
        as case insensitive to avoid changes when not needed - https://github.com/ansible-collections/microsoft.ad/issues/31
      deprecated_features:
      - Deprecating support for Server 2012 and Server 2012 R2. These OS versions
        are reaching End of Life status from Microsoft and support for using them
        in Ansible are nearing its end.
      minor_changes:
      - microsoft.ad.debug_ldap_client - Add ``dpapi_ng`` to list of packages checked
      - microsoft.ad.ldap - Add support for decrypting LAPS encrypted password
      - microsoft.ad.ldap - Allow setting LDAP connection and authentication options
        through environment variables - https://github.com/ansible-collections/microsoft.ad/issues/34
      release_summary: Release summary for v1.2.0
    fragments:
    - group-case-sensitivity-check.yml
    - group-domainlocal-scopeinfo.yml
    - ldap-env-var.yml
    - ldap-laps-decryption.yml
    - release_summary.yml
    - server2012.yml
    release_date: '2023-06-14'
  1.3.0:
    changes:
      bugfixes:
      - Added the missing dependency ``dpapi-ng`` to Ansible Execution Environments
        requirements file for LAPS decryption support
      - Ensure renaming and moving an object will be done with the ``domain_server``
        and ``domain_username`` credentials specified - https://github.com/ansible-collections/microsoft.ad/issues/54
      - Fix up ``protect_from_deletion`` when creating new AD objects - https://github.com/ansible-collections/microsoft.ad/issues/47
      - Fix up date_time attribute comparisons to be idempotent - https://github.com/ansible-collections/microsoft.ad/issues/57
      - microsoft.ad.user - Ensure the ``spn`` diff after key is ``spn`` and not ``kerberos_encryption_types``
      - microsoft.ad.user - treat an expired account as a password that needs to be
        changed
      minor_changes:
      - AD objects will no longer be moved to the default AD path for their type if
        no ``path`` was specified. Use the value ``microsoft.ad.default_path`` to
        explicitly set the path to the default path if that behaviour is desired.
      - microsoft.ad.ldap - Added the option ``filter_without_computer`` to not add
        the AND clause ``objectClass=computer`` to the final filter used - https://github.com/ansible-collections/microsoft.ad/issues/55
      release_summary: release summary for v1.3.0
    fragments:
    - datetime-attributes.yml
    - default-path.yml
    - dpapi-req.yml
    - ldap-filter-raw.yml
    - move-adparams.yml
    - protect-from-deletion.yml
    - release-summary.yml
    - user-account-expired-password.yml
    - user-spn-diff.yml
    release_date: '2023-08-11'
  1.4.0:
    changes:
      minor_changes:
      - Make ``name`` an optional parameter for the AD modules. Either ``name`` or
        ``identity`` needs to be set with their respective behaviours. If creating
        a new AD user and only ``identity`` is set, that will be the value used for
        the name of the object.
      - Set minimum supported Ansible version to 2.14 to align with the versions still
        supported by Ansible.
      - object_info - Add ActiveDirectory module import
      release_summary: Prepare for v1.4.0 release
    fragments:
    - 73-import-activedirectory-module.yml
    - ansible_support.yml
    - release_summary.yml
    - search-by-identity.yml
    release_date: '2023-11-16'
  1.4.1:
    changes:
      bugfixes:
      - debug_ldap_client - handle failures when attempting to get the krb5 context
        and default CCache rather than fail with a traceback
      release_summary: Release summary for v1.4.1
    fragments:
    - debug_ldap_client-failure.yml
    - release_summary.yml
    release_date: '2023-11-23'
  1.5.0:
    changes:
      bugfixes:
      - microsoft.ad.group - Support membership lookup of groups that are longer than
        20 characters long
      - microsoft.ad.membership - Add helpful hint when the failure was due to a missing/invalid
        ``domain_ou_path`` - https://github.com/ansible-collections/microsoft.ad/issues/88
      minor_changes:
      - Added ``group/microsoft.ad.domain`` module defaults group for the ``computer``,
        ``group``, ``object_info``, ``object``, ``ou``, and ``user`` module. Users
        can use this defaults group to set common connection options for these modules
        such as the ``domain_server``, ``domain_username``, and ``domain_password``
        options.
      - Added support for Jinja2 templating in ldap inventory.
      release_summary: Release summary for v1.5.0
    fragments:
    - default_options.yml
    - group-support-long-group-names.yml
    - membership-invalid-ou.yml
    - release-summary.yml
    - templating_support.yml
    plugins:
      filter:
      - description: Escape an LDAP DistinguishedName value string.
        name: dn_escape
        namespace: null
      - description: Parses an LDAP DistinguishedName string into an object.
        name: parse_dn
        namespace: null
    release_date: '2024-03-20'
  1.6.0:
    changes:
      bugfixes:
      - microsoft.ad.membership - Fix hostname check to work with hostnames longer
        than 15 characters long - https://github.com/ansible-collections/microsoft.ad/issues/113
      - 'microsoft.ad.user - Fix issue when creating a new user account with ``account_locked:
        false`` - https://github.com/ansible-collections/microsoft.ad/issues/108'
      minor_changes:
      - microsoft.ad AD modules - Added ``domain_credentials`` as a common module
        option that can be used to specify credentials for specific AD servers.
      - microsoft.ad AD modules - Added ``lookup_failure_action`` on all modules that
        can specify a list of distinguishedName values to control what should happen
        if the lookup fails.
      - microsoft.ad.computer - Added the ability to lookup a distinguishedName on
        a specific domain server for ``delegates`` and ``managed_by``.
      - microsoft.ad.group - Added the ability to lookup a distinguishedName on a
        specific domain server for ``managed_by`` and ``members``.
      - microsoft.ad.ou - Added the ability to lookup a distinguishedName on a specific
        domain server for ``managed_by``.
      - microsoft.ad.user - Added the ability to lookup a distinguishedName on a specific
        domain server for ``delegates``.
      - microsoft.ad.user - Rename the option ``groups.missing_action`` to ``groups.lookup_failure_action``
        to make the option more consistent with other modules. The ``missing_action``
        option is still supported as an alias.
      - microsoft.ad.user - Support group member lookup on alternative server using
        the DN lookup syntax. This syntax uses a dictionary where ``name`` defined
        the group to lookup and ``server`` defines the server to lookup the group
        on.
      release_summary: Release summary for v1.6.0
    fragments:
    - lookup-dn.yml
    - membership-long-name.yml
    - release-1.6.0.yml
    - user-account-locked.yml
    - user-groups.yml
    release_date: '2024-06-10'