Resource Type: dsc_xadmanagedserviceaccount

Defined in:
lib/puppet/type/dsc_xadmanagedserviceaccount.rb

Overview

The DSC xADManagedServiceAccount resource type. Automatically generated from version 3.0.0.0

Properties

  • dsc_accounttype

    The type of managed service account. Single will create a Single Managed Service Account (sMSA) and Group will create a Group Managed Service Account (gMSA). If not specified, this vaule defaults to Single.

  • dsc_accounttypeforce

    Specifies whether or not to remove the service account and recreate it when going from single MSA to group MSA and vice-versa. If not specified, this value defaults to False.

  • dsc_description

    Specifies a description of the object (ldapDisplayName ‘description’)

  • dsc_displayname

    Specifies the display name of the object (ldapDisplayName ‘displayName’)

  • dsc_distinguishedname

    Specifies the Distinguished Name of the Service Account. Cannot be specified in the resource. Returned by Get and Compare.

  • dsc_domaincontroller

    Specifies the Active Directory Domain Controller instance to use to perform the task. This is only required if not executing the task on a domain controller.

  • dsc_enabled

    Specifies whether the user account is enabled or disabled.

  • dsc_ensure

    Specifies whether the user account is created or deleted. If not specified, this value defaults to Present.

  • dsc_members

    Specifies the members of the object (ldapDisplayName ‘PrincipalsAllowedToRetrieveManagedPassword’). Only used when ‘Group’ is selected for ‘AccountType’

  • dsc_membershipattribute

    Active Directory attribute used to perform membership operations for Group Managed Service Accounts (gMSAs). If not specified, this value defaults to SamAccountName. Only used when ‘Group’ is selected for ‘AccountType’

  • dsc_path

    Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created. Specified as a Distinguished Name (DN).

Parameters

  • dsc_credential

    Specifies the user account credentials to use to perform this task. This is only required if not executing the task on a domain controller or using the -DomainController parameter.

  • dsc_psdscrunascredential
  • dsc_serviceaccountname (namevar)

    Specifies the Security Account Manager (SAM) account name of the managed service account (ldapDisplayName ‘sAMAccountName’). To be compatible with older operating systems, create a SAM account name that is 20 characters or less. Once created, the user’s SamAccountName and CN cannot be changed.

  • name (namevar)

    Description of the purpose for this resource declaration.

  • validation_mode (defaults to: property)

    Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).