Resource Type: dsc_admanagedserviceaccount

Defined in:
lib/puppet/type/dsc_admanagedserviceaccount.rb

Overview

The DSC ADManagedServiceAccount resource type. Automatically generated from version 6.4.0

Properties

  • dsc_accounttype

    The type of managed service account. Standalone will create a Standalone Managed Service Account (sMSA) and Group will create a Group Managed Service Account (gMSA).

  • dsc_commonname

    Specifies the common name assigned to the managed service account (ldapDisplayName ‘cn’). If not specified the default value will be the same value provided in parameter ServiceAccountName.

  • dsc_description

    Specifies the description of the account (ldapDisplayName ‘description’).

  • dsc_displayname

    Specifies the display name of the account (ldapDisplayName ‘displayName’).

  • dsc_distinguishedname

    Returns the Distinguished Name of the Service Account.

  • dsc_domaincontroller

    Specifies the Active Directory Domain Controller instance to use to perform the task. This is only required if not executing the task on a domain controller.

  • dsc_enabled

    Returns whether the user account is enabled or disabled.

  • dsc_ensure

    Specifies whether the user account is created or deleted. If not specified, this value defaults to Present.

  • dsc_kerberosencryptiontype

    Specifies which Kerberos encryption types the account supports when creating service tickets. This value sets the encryption types supported flags of the Active Directory msDS-SupportedEncryptionTypes attribute.

  • dsc_managedpasswordprincipals

    Specifies the membership policy for systems which can use a group managed service account. (ldapDisplayName ‘msDS-GroupMSAMembership’). Only used when ‘Group’ is selected for ‘AccountType’.

  • dsc_membershipattribute

    Active Directory attribute used to perform membership operations for Group Managed Service Accounts (gMSA). If not specified, this value defaults to SamAccountName.

  • dsc_path

    Specifies the X.500 path of the Organizational Unit (OU) or container where the new account is created. Specified as a Distinguished Name (DN).

Parameters

  • dsc_credential

    Specifies the user account credentials to use to perform this task. This is only required if not executing the task on a domain controller or using the parameter DomainController.

  • dsc_psdscrunascredential
  • dsc_serviceaccountname (namevar)

    Specifies the Security Account Manager (SAM) account name of the managed service account (ldapDisplayName ‘sAMAccountName’). To be compatible with older operating systems, create a SAM account name that is 15 characters or less. Once created, the user’s SamAccountName cannot be changed.

  • name (namevar)

    Description of the purpose for this resource declaration.

  • validation_mode (defaults to: property)

    Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).