1#!/usr/local/bin/python3.8 2# -*- coding: utf-8 -*- 3 4# Copyright: (c) 2020, sky-joker 5# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) 6 7from __future__ import absolute_import, division, print_function 8__metaclass__ = type 9 10DOCUMENTATION = r''' 11module: vcenter_domain_user_group_info 12short_description: Gather user or group information of a domain 13author: 14 - sky-joker (@sky-joker) 15description: 16 - This module can be used to gather information about user or group of a domain. 17requirements: 18 - python >= 2.7 19 - PyVmomi 20options: 21 domain: 22 description: 23 - The I(domain) to be specified searching. 24 type: str 25 default: vsphere.local 26 search_string: 27 description: 28 - The I(search_string) is a string to be specified searching. 29 - Specify the domain user or group name to be searched. 30 type: str 31 required: True 32 belongs_to_group: 33 description: 34 - If a group existing, returned contains only users or groups that directly belong to the specified group. 35 type: str 36 belongs_to_user: 37 description: 38 - If a user existing, returned contains only groups that directly contain the specified user. 39 type: str 40 exact_match: 41 description: 42 - If I(exact_match) is C(True), it indicates the I(search_string) passed should match a user or group name exactly. 43 type: bool 44 default: False 45 find_users: 46 description: 47 - If I(find_users) is C(True), domain users will be included in the result. 48 type: bool 49 default: True 50 find_groups: 51 description: 52 - If I(find_groups) is C(True), domain groups will be included in the result. 53 type: bool 54 default: True 55version_added: '1.6.0' 56extends_documentation_fragment: 57 - community.vmware.vmware.documentation 58''' 59 60EXAMPLES = r''' 61- name: Gather all domain user and group of vsphere.local 62 community.vmware.vcenter_domain_user_group_info: 63 hostname: "{{ vcenter_hostname }}" 64 username: "{{ vcenter_username }}" 65 password: "{{ vcenter_password }}" 66 validate_certs: false 67 domain: vsphere.local 68 search_string: '' 69 register: gather_all_domain_user_group_result 70 71- name: Gather all domain user and group included the administrator string 72 community.vmware.vcenter_domain_user_group_info: 73 hostname: "{{ vcenter_hostname }}" 74 username: "{{ vcenter_username }}" 75 password: "{{ vcenter_password }}" 76 validate_certs: false 77 domain: vsphere.local 78 search_string: administrator 79 register: gather_domain_user_group_result 80 81- name: Gather all domain user of vsphere.local 82 community.vmware.vcenter_domain_user_group_info: 83 hostname: "{{ vcenter_hostname }}" 84 username: "{{ vcenter_username }}" 85 password: "{{ vcenter_password }}" 86 validate_certs: false 87 domain: vsphere.local 88 search_string: '' 89 find_users: true 90 find_groups: false 91 register: gather_all_domain_user_result 92 93- name: Gather administrator user by exact match condition 94 community.vmware.vcenter_domain_user_group_info: 95 hostname: "{{ vcenter_hostname }}" 96 username: "{{ vcenter_username }}" 97 password: "{{ vcenter_password }}" 98 validate_certs: false 99 domain: vsphere.local 100 search_string: "vsphere.local\\administrator" 101 exact_match: true 102 register: gather_administrator_user_exact_match_result 103''' 104 105RETURN = r''' 106domain_user_groups: 107 description: list of domain user and group information 108 returned: success 109 type: list 110 sample: >- 111 [ 112 { 113 "fullName": "Administrator vsphere.local", 114 "group": false, 115 "principal": "Administrator" 116 } 117 ] 118''' 119 120try: 121 from pyVmomi import vim 122except ImportError: 123 pass 124 125from ansible.module_utils.basic import AnsibleModule 126from ansible.module_utils._text import to_native 127from ansible_collections.community.vmware.plugins.module_utils.vmware import PyVmomi, vmware_argument_spec 128 129 130class VcenterDomainUserGroupInfo(PyVmomi): 131 def __init__(self, module): 132 super(VcenterDomainUserGroupInfo, self).__init__(module) 133 self.domain = self.params['domain'] 134 self.search_string = self.params['search_string'] 135 self.belongs_to_group = self.params['belongs_to_group'] 136 self.belongs_to_user = self.params['belongs_to_user'] 137 self.exact_match = self.params['exact_match'] 138 self.find_users = self.params['find_users'] 139 self.find_groups = self.params['find_groups'] 140 141 def execute(self): 142 user_directory_manager = self.content.userDirectory 143 144 if not self.domain.upper() in user_directory_manager.domainList: 145 self.module.fail_json(msg="domain not found: %s" % self.domain) 146 147 try: 148 user_search_result = user_directory_manager.RetrieveUserGroups( 149 domain=self.domain, 150 searchStr=self.search_string, 151 belongsToGroup=self.belongs_to_group, 152 belongsToUser=self.belongs_to_user, 153 exactMatch=self.exact_match, 154 findUsers=self.find_users, 155 findGroups=self.find_groups 156 ) 157 except vim.fault.NotFound as e: 158 self.module.fail_json(msg="%s" % to_native(e.msg)) 159 except Exception as e: 160 self.module.fail_json(msg="Couldn't gather domain user or group information: %s" % to_native(e)) 161 162 user_search_result_normalization = [] 163 if user_search_result: 164 for object in user_search_result: 165 user_search_result_normalization.append({ 166 'fullName': object.fullName, 167 'principal': object.principal, 168 'group': object.group 169 }) 170 171 self.module.exit_json(changed=False, domain_user_groups=user_search_result_normalization) 172 173 174def main(): 175 argument_spec = vmware_argument_spec() 176 argument_spec.update( 177 domain=dict(type='str', default='vsphere.local'), 178 search_string=dict(type='str', required=True), 179 belongs_to_group=dict(type='str', default=None), 180 belongs_to_user=dict(type='str', default=None), 181 exact_match=dict(type='bool', default=False), 182 find_users=dict(type='bool', default=True), 183 find_groups=dict(type='bool', default=True) 184 ) 185 186 module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) 187 188 vcenter_domain_user_info = VcenterDomainUserGroupInfo(module) 189 vcenter_domain_user_info.execute() 190 191 192if __name__ == "__main__": 193 main() 194