From c3e6d5967de9559407fee33a9ec9caac508bf5ab Mon Sep 17 00:00:00 2001 From: haiyuan_zhang Date: Fri, 7 May 2021 15:56:22 +0800 Subject: [PATCH 1/4] fixing update account_enabled bug in azure_rm_aduser.py (#524) --- plugins/modules/azure_rm_aduser.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/modules/azure_rm_aduser.py b/plugins/modules/azure_rm_aduser.py index 21808d6c2..28dd39bfd 100644 --- a/plugins/modules/azure_rm_aduser.py +++ b/plugins/modules/azure_rm_aduser.py @@ -310,7 +310,7 @@ def exec_module(self, **kwargs): should_update = True if should_update or self.user_type and ad_user.user_type != self.user_type: should_update = True - if should_update or self.account_enabled and ad_user.account_enabled != self.account_enabled: + if should_update or self.account_enabled is not None and ad_user.account_enabled != self.account_enabled: should_update = True if should_update or self.display_name and ad_user.display_name != self.display_name: should_update = True From 6fdfefe6270de2ad30c0ea9434907fe9a202e1bf Mon Sep 17 00:00:00 2001 From: haiyuan_zhang Date: Sat, 8 May 2021 03:03:55 +0800 Subject: [PATCH 2/4] fixing ad related auth issue when using service pricinpal. (#525) --- plugins/module_utils/azure_rm_common.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/plugins/module_utils/azure_rm_common.py b/plugins/module_utils/azure_rm_common.py index 95a823a4a..3c70d5294 100644 --- a/plugins/module_utils/azure_rm_common.py +++ b/plugins/module_utils/azure_rm_common.py @@ -1427,19 +1427,20 @@ def __init__(self, auth_source=None, profile=None, subscription_id=None, client_ else: self._adfs_authority_url = self.credentials.get('adfs_authority_url') - # get resource from cloud environment - self._resource = self._cloud_environment.endpoints.active_directory_resource_id - if self.credentials.get('credentials') is not None: # AzureCLI credentials self.azure_credentials = self.credentials['credentials'] elif self.credentials.get('client_id') is not None and \ self.credentials.get('secret') is not None and \ self.credentials.get('tenant') is not None: + + graph_resource = self._cloud_environment.endpoints.active_directory_graph_resource_id + rm_resource = self._cloud_environment.endpoints.resource_manager self.azure_credentials = ServicePrincipalCredentials(client_id=self.credentials['client_id'], secret=self.credentials['secret'], tenant=self.credentials['tenant'], cloud_environment=self._cloud_environment, + resource=graph_resource if self.is_ad_resource else rm_resource, verify=self._cert_validation_mode == 'validate') elif self.credentials.get('ad_user') is not None and \ @@ -1449,7 +1450,7 @@ def __init__(self, auth_source=None, profile=None, subscription_id=None, client_ self.azure_credentials = self.acquire_token_with_username_password( self._adfs_authority_url, - self._resource, + self._cloud_environment.endpoints.active_directory_resource_id, self.credentials['ad_user'], self.credentials['password'], self.credentials['client_id'], From 6c6eeaab3ba568a14e8dcaf48e328fac7596f501 Mon Sep 17 00:00:00 2001 From: haiyuazhang Date: Sun, 25 Apr 2021 05:52:04 +0800 Subject: [PATCH 3/4] class are worngly named. fixed. --- plugins/modules/azure_rm_aduser.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/modules/azure_rm_aduser.py b/plugins/modules/azure_rm_aduser.py index 28dd39bfd..ac583afce 100644 --- a/plugins/modules/azure_rm_aduser.py +++ b/plugins/modules/azure_rm_aduser.py @@ -220,7 +220,7 @@ pass -class AzureRMADUserInfo(AzureRMModuleBase): +class AzureRMADUser(AzureRMModuleBase): def __init__(self): self.module_arg_spec = dict( @@ -271,7 +271,7 @@ def __init__(self): required_together = [['attribute_name', 'attribute_value']] required_one_of = [['odata_filter', 'attribute_name', 'object_id', 'user_principal_name']] - super(AzureRMADUserInfo, self).__init__(derived_arg_spec=self.module_arg_spec, + super(AzureRMADUser, self).__init__(derived_arg_spec=self.module_arg_spec, supports_check_mode=False, supports_tags=False, mutually_exclusive=mutually_exclusive, @@ -416,7 +416,7 @@ def to_dict(self, object): def main(): - AzureRMADUserInfo() + AzureRMADUser() if __name__ == '__main__': From 76a1bf215fed83a323a6d87e77bb74ee24a7eb79 Mon Sep 17 00:00:00 2001 From: haiyuazhang Date: Sun, 25 Apr 2021 07:22:52 +0800 Subject: [PATCH 4/4] fixing sanity errors. --- plugins/modules/azure_rm_aduser.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/plugins/modules/azure_rm_aduser.py b/plugins/modules/azure_rm_aduser.py index ac583afce..599b79aed 100644 --- a/plugins/modules/azure_rm_aduser.py +++ b/plugins/modules/azure_rm_aduser.py @@ -272,12 +272,12 @@ def __init__(self): required_one_of = [['odata_filter', 'attribute_name', 'object_id', 'user_principal_name']] super(AzureRMADUser, self).__init__(derived_arg_spec=self.module_arg_spec, - supports_check_mode=False, - supports_tags=False, - mutually_exclusive=mutually_exclusive, - required_together=required_together, - required_one_of=required_one_of, - is_ad_resource=True) + supports_check_mode=False, + supports_tags=False, + mutually_exclusive=mutually_exclusive, + required_together=required_together, + required_one_of=required_one_of, + is_ad_resource=True) def exec_module(self, **kwargs):