powerscale_adsprovider (Data Source)

This datasource is used to query the existing ADS providers from PowerScale array. The information fetched from this datasource can be used for getting the details or for further processing in resource block. Joining your cluster to an AD domain allows you to perform user and group authentication.

Example Usage

/*
Copyright (c) 2023-2024 Dell Inc., or its subsidiaries. All Rights Reserved.

Licensed under the Mozilla Public License Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://mozilla.org/MPL/2.0/


Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

# This Terraform DataSource is used to query the details of existing ADS providers from PowerScale array.

# Returns a list of PowerScale ADS providers based on names and scope specified in the filter block.
data "powerscale_adsprovider" "test" {
  filter {
    names = ["PIE.LAB.EMC.COM"]
    scope = "effective"
  }
}

# Output value of above block by executing 'terraform output' command
# You can use the the fetched information by the variable data.powerscale_adsprovider.test
output "powerscale_adsprovider" {
  value = data.powerscale_adsprovider.test
}

# Returns all PowerScale ADS providers on PowerScale array
data "powerscale_adsprovider" "all" {
}

# Output value of above block by executing 'terraform output' command
# You can use the the fetched information by the variable data.powerscale_adsprovider.all
output "powerscale_adsprovider_data_all" {
  value = data.powerscale_adsprovider.all
}

Schema

Optional

Read-Only

  • ads_providers_details (Attributes List) List of AdsProviders. (see below for nested schema)
  • id (String) Unique identifier of the ads provider instance.

Nested Schema for filter

Optional:

  • names (Set of String) Filter ads providers by names.
  • scope (String) Filter ads providers by scope.

Nested Schema for ads_providers_details

Read-Only:

  • allocate_gids (Boolean) Allocates an ID for an unmapped Active Directory (ADS) group. ADS groups without GIDs can be proactively assigned a GID by the ID mapper. If the ID mapper option is disabled, GIDs are not proactively assigned, and when a primary group for a user does not include a GID, the system may allocate one.
  • allocate_uids (Boolean) Allocates a user ID for an unmapped Active Directory (ADS) user. ADS users without UIDs can be proactively assigned a UID by the ID mapper. IF the ID mapper option is disabled, UIDs are not proactively assigned, and when an identify for a user does not include a UID, the system may allocate one.
  • assume_default_domain (Boolean) Enables lookup of unqualified user names in the primary domain.
  • authentication (Boolean) Enables authentication and identity management through the authentication provider.
  • check_online_interval (Number) Specifies the time in seconds between provider online checks.
  • controller_time (Number) Specifies the current time for the domain controllers.
  • create_home_directory (Boolean) Automatically creates a home directory on the first login.
  • domain_offline_alerts (Boolean) Sends an alert if the domain goes offline.
  • dup_spns (List of String) Get duplicate SPNs in the provider domain.
  • extra_expected_spns (List of String) List of additional SPNs to expect beyond what automatic checking routines might find.
  • findable_groups (List of String) Sets list of groups that can be resolved.
  • findable_users (List of String) Sets list of users that can be resolved.
  • forest (String) Specifies the Active Directory forest.
  • groupnet (String) Groupnet identifier.
  • home_directory_template (String) Specifies the path to the home directory template.
  • hostname (String) Specifies the fully qualified hostname stored in the machine account.
  • id (String) Specifies the ID of the Active Directory provider instance.
  • ignore_all_trusts (Boolean) If set to true, ignores all trusted domains.
  • ignored_trusted_domains (List of String) Includes trusted domains when ‘ignore_all_trusts’ is set to false.
  • include_trusted_domains (List of String) Includes trusted domains when ‘ignore_all_trusts’ is set to true.
  • instance (String) Specifies Active Directory provider instance.
  • ldap_sign_and_seal (Boolean) Enables encryption and signing on LDAP requests.
  • login_shell (String) Specifies the login shell path.
  • lookup_domains (List of String) Limits user and group lookups to the specified domains.
  • lookup_groups (Boolean) Looks up AD groups in other providers before allocating a group ID.
  • lookup_normalize_groups (Boolean) Normalizes AD group names to lowercase before look up.
  • lookup_normalize_users (Boolean) Normalize AD user names to lowercase before look up.
  • lookup_users (Boolean) Looks up AD users in other providers before allocating a user ID.
  • machine_account (String) Specifies the machine account name when creating a SAM account with Active Directory.
  • machine_password_changes (Boolean) Enables periodic changes of the machine password for security.
  • machine_password_lifespan (Number) Sets maximum age of a password in seconds.
  • name (String) Specifies the Active Directory provider name.
  • netbios_domain (String) Specifies the NetBIOS domain name associated with the machine account.
  • node_dc_affinity (String) Specifies the domain controller for which the node has affinity.
  • node_dc_affinity_timeout (Number) Specifies the timeout for the domain controller for which the local node has affinity.
  • nss_enumeration (Boolean) Enables the Active Directory provider to respond to ‘getpwent’ and ‘getgrent’ requests.
  • primary_domain (String) Specifies the AD domain to which the provider is joined.
  • restrict_findable (Boolean) Check the provider for filtered lists of findable and unfindable users and groups.
  • rpc_call_timeout (Number) The maximum amount of time (in seconds) an RPC call to Active Directory is allowed to take.
  • server_retry_limit (Number) The number of retries attempted when a call to Active Directory fails due to network error.
  • sfu_support (String) Specifies whether to support RFC 2307 attributes on ADS domain controllers.
  • site (String) Specifies the site for the Active Directory.
  • status (String) Specifies the status of the provider.
  • store_sfu_mappings (Boolean) Stores SFU mappings permanently in the ID mapper.
  • system (Boolean) If set to true, indicates that this provider instance was created by OneFS and cannot be removed.
  • unfindable_groups (List of String) Specifies groups that cannot be resolved by the provider.
  • unfindable_users (List of String) Specifies users that cannot be resolved by the provider.
  • zone_name (String) Specifies the name of the access zone in which this provider was created.