From 3750ac292e622a1f50fb2f3c135301bb11fbff00 Mon Sep 17 00:00:00 2001 From: Conor <93926445+cmcnally-r7@users.noreply.github.com> Date: Tue, 10 Oct 2023 14:13:08 +0100 Subject: [PATCH] [PLGN-341] AD LDAP - Rename disable and enable user (#2017) --- plugins/active_directory_ldap/.CHECKSUM | 36 +- plugins/active_directory_ldap/Dockerfile | 21 +- .../bin/komand_active_directory_ldap | 48 +- plugins/active_directory_ldap/help.md | 738 +++++++++--------- .../actions/__init__.py | 31 +- .../actions/add_user/__init__.py | 2 +- .../actions/add_user/schema.py | 26 +- .../actions/delete/__init__.py | 2 +- .../actions/delete/schema.py | 16 +- .../actions/disable_user/__init__.py | 2 +- .../actions/disable_user/schema.py | 16 +- .../actions/disable_users/__init__.py | 2 +- .../actions/disable_users/schema.py | 13 +- .../actions/enable_user/__init__.py | 2 +- .../actions/enable_user/schema.py | 16 +- .../actions/enable_users/__init__.py | 2 +- .../actions/enable_users/schema.py | 13 +- .../actions/force_password_reset/__init__.py | 2 +- .../actions/force_password_reset/schema.py | 16 +- .../actions/modify_groups/__init__.py | 2 +- .../actions/modify_groups/schema.py | 16 +- .../actions/modify_object/__init__.py | 2 +- .../actions/modify_object/schema.py | 16 +- .../actions/move_object/__init__.py | 2 +- .../actions/move_object/schema.py | 16 +- .../actions/query/__init__.py | 2 +- .../actions/query/schema.py | 15 +- .../query_group_membership/__init__.py | 2 +- .../actions/query_group_membership/schema.py | 255 +----- .../actions/reset_password/__init__.py | 2 +- .../actions/reset_password/schema.py | 26 +- .../actions/unlock_user/__init__.py | 2 +- .../actions/unlock_user/schema.py | 16 +- .../connection/__init__.py | 2 +- .../connection/schema.py | 22 +- .../tasks/__init__.py | 2 + .../triggers/__init__.py | 3 +- .../active_directory_ldap/plugin.spec.yaml | 18 +- plugins/active_directory_ldap/setup.py | 4 +- 39 files changed, 632 insertions(+), 797 deletions(-) create mode 100644 plugins/active_directory_ldap/komand_active_directory_ldap/tasks/__init__.py diff --git a/plugins/active_directory_ldap/.CHECKSUM b/plugins/active_directory_ldap/.CHECKSUM index 4defbcce17..9011fe1c85 100644 --- a/plugins/active_directory_ldap/.CHECKSUM +++ b/plugins/active_directory_ldap/.CHECKSUM @@ -1,67 +1,67 @@ { - "spec": "b708dde20801073ec6c88d4ea8f9b005", - "manifest": "a0f76ed1965bb6d1dc016498e95f3d9b", - "setup": "efe20ef0d6884b7d4d0c6014f18f8489", + "spec": "d5dfdb03974651b69e5a02256df71e03", + "manifest": "5d016144fec71b932d8182d5c1a7f81d", + "setup": "def3e06498eabadbc9aaa7270aff8be6", "schemas": [ { "identifier": "add_user/schema.py", - "hash": "33fdb96944e28df085a5c5bb7559f1b1" + "hash": "531c525fd832681685e2bb75274bcb36" }, { "identifier": "delete/schema.py", - "hash": "384eabbb2b07330f89eb2af252395c09" + "hash": "a203224c38992aaa6097c17e88f1a3fa" }, { "identifier": "disable_user/schema.py", - "hash": "b7f528b02e19959cfd46edc73094be59" + "hash": "bfdd8e9e5f9baa07298d3f3c36980036" }, { "identifier": "disable_users/schema.py", - "hash": "b4d1d4429d1c0299c30c65a141b6cc6d" + "hash": "8a07c9f105c7f7e94629ca7d3bca04dc" }, { "identifier": "enable_user/schema.py", - "hash": "25faca0d19911ec323613c143af8cd1c" + "hash": "fba48a15eddfb6e3270390a1aa106569" }, { "identifier": "enable_users/schema.py", - "hash": "c2729c798f17ff526d6cee062c0adce4" + "hash": "31af3ea7034551b317b1a7a9b4f54f01" }, { "identifier": "force_password_reset/schema.py", - "hash": "0ddf292d4d50da32ff2145174977be78" + "hash": "9c9d7cff588c7aa8e2a04a374b71203f" }, { "identifier": "modify_groups/schema.py", - "hash": "701ca94af58acf652658af61847b2ba3" + "hash": "c70a0d8227c9f837c7df6b297eeb1010" }, { "identifier": "modify_object/schema.py", - "hash": "1b32055ec467d01a1cf9665464c0b30a" + "hash": "49a5aebc2f4658812dc9999cdef54bd8" }, { "identifier": "move_object/schema.py", - "hash": "55ead46630a2d8eac580fc1ba0ec9b96" + "hash": "bc5788385d2c28b944b3e69e44db016e" }, { "identifier": "query/schema.py", - "hash": "e0ab1f6d91f2978190752ec15606cf9d" + "hash": "deab9b0f530f17c659f76bab4ae89a4f" }, { "identifier": "query_group_membership/schema.py", - "hash": "16791ced6e59d52c51f6138f4ab131a6" + "hash": "47a055bc7f7dbf143254a461ff323a95" }, { "identifier": "reset_password/schema.py", - "hash": "131278b80dd81061a21f1c980581a50f" + "hash": "f21d83aa58c5f20a176725c6fd358f7c" }, { "identifier": "unlock_user/schema.py", - "hash": "54677f2ee3aceb6b4cee3819091419e1" + "hash": "e808186d05fd10745dff1bc5d6b6fb52" }, { "identifier": "connection/schema.py", - "hash": "7771d949365aac89570c6dc01624834c" + "hash": "a9dea93ed1c5572129ece478059aea3e" } ] } \ No newline at end of file diff --git a/plugins/active_directory_ldap/Dockerfile b/plugins/active_directory_ldap/Dockerfile index e3db863231..9a0c6530db 100755 --- a/plugins/active_directory_ldap/Dockerfile +++ b/plugins/active_directory_ldap/Dockerfile @@ -1,27 +1,20 @@ -FROM rapid7/insightconnect-python-3-38-slim-plugin:4 -# Refer to the following documentation for available SDK parent images: https://docs.rapid7.com/insightconnect/sdk-guide/#sdk-guide +FROM rapid7/insightconnect-python-3-38-plugin:5 LABEL organization=rapid7 LABEL sdk=python -LABEL type=plugin -# Add any custom package dependencies here -# NOTE: Add pip packages to requirements.txt - -# End package dependencies - -# Add source code WORKDIR /python/src + ADD ./plugin.spec.yaml /plugin.spec.yaml -ADD . /python/src +ADD ./requirements.txt /python/src/requirements.txt -# Install pip dependencies RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi -# Install plugin -RUN python setup.py build && python setup.py install +ADD . /python/src + +RUN python setup.py build && python setup.py install -# User to run plugin code. The two supported users are: root, nobody +# User to run plugin code. The two supported users are: root, nobody USER nobody ENTRYPOINT ["/usr/local/bin/komand_active_directory_ldap"] diff --git a/plugins/active_directory_ldap/bin/komand_active_directory_ldap b/plugins/active_directory_ldap/bin/komand_active_directory_ldap index 74896672c2..c88bef873e 100755 --- a/plugins/active_directory_ldap/bin/komand_active_directory_ldap +++ b/plugins/active_directory_ldap/bin/komand_active_directory_ldap @@ -1,12 +1,12 @@ #!/usr/bin/env python -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import os import json from sys import argv Name = "Active Directory LDAP" Vendor = "rapid7" -Version = "8.0.0" +Version = "9.0.0" Description = "This plugin utilizes Microsoft's Active Directory service to create and manage domains, users, and objects within a network" @@ -23,7 +23,7 @@ def main(): monkey.patch_all() import insightconnect_plugin_runtime - from komand_active_directory_ldap import connection, actions, triggers + from komand_active_directory_ldap import connection, actions, triggers, tasks class ICONActiveDirectoryLdap(insightconnect_plugin_runtime.Plugin): def __init__(self): @@ -34,34 +34,34 @@ def main(): description=Description, connection=connection.Connection() ) - self.add_action(actions.AddUser()) - + self.add_action(actions.Query()) + self.add_action(actions.Delete()) - - self.add_action(actions.DisableUser()) - - self.add_action(actions.DisableUsers()) - + + self.add_action(actions.AddUser()) + self.add_action(actions.EnableUser()) - + self.add_action(actions.EnableUsers()) - - self.add_action(actions.ForcePasswordReset()) - + + self.add_action(actions.DisableUser()) + + self.add_action(actions.DisableUsers()) + self.add_action(actions.ModifyGroups()) - - self.add_action(actions.ModifyObject()) - + self.add_action(actions.MoveObject()) - - self.add_action(actions.Query()) - - self.add_action(actions.QueryGroupMembership()) - + self.add_action(actions.ResetPassword()) - + + self.add_action(actions.ModifyObject()) + + self.add_action(actions.ForcePasswordReset()) + + self.add_action(actions.QueryGroupMembership()) + self.add_action(actions.UnlockUser()) - + """Run plugin""" cli = insightconnect_plugin_runtime.CLI(ICONActiveDirectoryLdap()) diff --git a/plugins/active_directory_ldap/help.md b/plugins/active_directory_ldap/help.md index e0b1a5ac57..dbfc552746 100644 --- a/plugins/active_directory_ldap/help.md +++ b/plugins/active_directory_ldap/help.md @@ -18,23 +18,23 @@ * Please make sure you enter your credentials with the DOMAIN\username format. # Supported Product Versions - + * Azure Active Directory 2.0.89.0 # Documentation ## Setup - -The connection configuration accepts the following parameters: + +The connection configuration accepts the following parameters: |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | |chase_referrals|boolean|True|True|Allows the plugin to follow referrals from the specified Active Directory server to other Active Directory servers|None|True| |host|string|None|True|Server Host, e.g. example.com|None|example.com| |port|integer|389|True|Port, e.g. 389|None|389| |use_ssl|boolean|None|True|Use SSL?|None|True| |username_password|credential_username_password|None|True|Username and password|None|{"username":"user1", "password":"mypassword"}| - + Example input: ``` @@ -44,8 +44,8 @@ Example input: "port": 389, "use_ssl": true, "username_password": { - "username": "user1", - "password": "mypassword" + "password": "mypassword", + "username": "user1" } } ``` @@ -54,30 +54,49 @@ Example input: ### Actions -#### Unlock User -This action is used to unlock an account. +#### Add User + +Adds the specified Active Directory user ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_name|string|None|True|The distinguished name of the user to unlock|None|CN=user,OU=domain_users,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|account_disabled|boolean|True|True|Set this to true to disable the user account at creation|None|True| +|additional_parameters|object|None|False|Add additional user parameters in JSON format|None|{"telephoneNumber":"(617)555-1234"}| +|domain_name|string|None|True|The domain name this user will belong to|None|example.com| +|first_name|string|None|True|User's first name|None|John| +|last_name|string|None|True|User's last name|None|Doe| +|logon_name|string|None|True|The logon name for the account|None|jdoe| +|password|password|None|True|The account's starting password|None|mypassword| +|user_ou|string|Users|True|The OU that the user account will be created in|None|Users| +|user_principal_name|string|None|True|The users principal name|None|user@example.com| + Example input: ``` { - "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com" + "account_disabled": true, + "additional_parameters": { + "telephoneNumber": "(617)555-1234" + }, + "domain_name": "example.com", + "first_name": "John", + "last_name": "Doe", + "logon_name": "jdoe", + "password": "mypassword", + "user_ou": "Users", + "user_principal_name": "user@example.com" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` @@ -86,115 +105,52 @@ Example output: } ``` -#### Query Group Membership - -This action is used to query group membership. +#### Delete + +Deletes the LDAP object specified ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|expand_nested_groups|boolean|None|False|Expand nested groups in results|None|True| -|group_name|string|None|True|Name of the group for which membership will be checked|None|Domain Users| -|include_groups|boolean|None|False|Include groups in results|None|True| -|search_base|string|None|True|The base of the search request|None|DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_name|string|None|True|The distinguished name of the object to delete|None|CN=user,OU=domain_users,DC=example,DC=com| + Example input: ``` { - "expand_nested_groups": true, - "group_name": "Domain Users", - "include_groups": true, - "search_base": "DC=example,DC=com" + "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| -|count|integer|False|Number of results|1| -|results|[]results|False|Results returned|[ { "attributes": { "accountExpires": "9999-12-31 23:59:59.999999+00:00", "adminCount": 0, "badPasswordTime": "1601-01-01 00:00:00+00:00", "badPwdCount": 0, "cn": "Example User", "codePage": 0, "countryCode": 0, "dSCorePropagationData": [ "2021-01-14 18:17:28+00:00", "2021-01-14 17:48:27+00:00", "1601-01-01 00:04:16+00:00" ], "description": [ "Example Account" ], "distinguishedName": "CN=Example User,CN=Users,DC=example,DC=com", "instanceType": 4, "isCriticalSystemObject": true, "lastLogoff": "1601-01-01 00:00:00+00:00", "lastLogon": "1601-01-01 00:00:00+00:00", "logonCount": 0, "memberOf": [ "CN=Domain Users,CN=Users,example,DC=com" ], "name": "Example User", "objectCategory": "CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com", "objectClass": [ "top", "person", "organizationalPerson", "user" ], "objectGUID": "{b45138aa-be39-47d9-ab57-3aee8f381f87}", "objectSid": "S-1-5-33-3456299977-1009817396-2685666617-303", "primaryGroupID": 513, "pwdLastSet": "2021-01-14 17:48:26.197384+00:00", "sAMAccountName": "Example User", "sAMAccountType": 489006322, "showInAdvancedViewOnly": true, "uSNChanged": 16419, "uSNCreated": 12324, "userAccountControl": 514, "whenChanged": "2021-01-14 18:17:28+00:00", "whenCreated": "2021-01-14 17:48:26+00:00" }, "dn": "CN=Example User,CN=Users,DC=example,DC=com" } ]| - +| :--- | :--- | :--- | :--- | :--- | +|success|boolean|False|Operation status|True| + Example output: ``` { - "count": 1, - "results": [ - { - "attributes": { - "accountExpires": "9999-12-31 23:59:59.999999+00:00", - "adminCount": 0, - "badPasswordTime": "1601-01-01 00:00:00+00:00", - "badPwdCount": 0, - "cn": "Example User", - "codePage": 0, - "countryCode": 0, - "dSCorePropagationData": [ - "2021-01-14 18:17:28+00:00", - "2021-01-14 17:48:27+00:00", - "1601-01-01 00:04:16+00:00" - ], - "description": [ - "Example Account" - ], - "distinguishedName": "CN=Example User,CN=Users,DC=example,DC=com", - "instanceType": 4, - "isCriticalSystemObject": true, - "lastLogoff": "1601-01-01 00:00:00+00:00", - "lastLogon": "1601-01-01 00:00:00+00:00", - "logonCount": 0, - "memberOf": [ - "CN=Domain Users,CN=Users,example,DC=com" - ], - "name": "Example User", - "objectCategory": "CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com", - "objectClass": [ - "top", - "person", - "organizationalPerson", - "user" - ], - "objectGUID": "{b45138aa-be39-47d9-ab57-3aee8f381f87}", - "objectSid": "S-1-5-33-3456299977-1009817396-2685666617-303", - "primaryGroupID": 513, - "pwdLastSet": "2021-01-14 17:48:26.197384+00:00", - "sAMAccountName": "Example User", - "sAMAccountType": 489006322, - "showInAdvancedViewOnly": true, - "uSNChanged": 16419, - "uSNCreated": 12324, - "userAccountControl": 514, - "whenChanged": "2021-01-14 18:17:28+00:00", - "whenCreated": "2021-01-14 17:48:26+00:00" - }, - "dn": "CN=Example User,CN=Users,DC=example,DC=com" - } - ] + "success": true } - ``` -#### Modify Object - -This action is used to modify the attributes of an Active Directory object. +#### Disable User + +Disable an account ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|attribute_to_modify|string|None|True|The name of the attribute to modify|None|postalCode| -|attribute_value|string|None|True|The value of the attribute|None|02114| -|distinguished_name|string|None|True|The distinguished name of the object to modify|None|CN=user,OU=domain_users,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_name|string|None|True|The distinguished name of the user to disable|None|CN=user,OU=domain_users,DC=example,DC=com| + Example input: ``` { - "attribute_to_modify": "postalCode", - "attribute_value": "02114", "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com" } ``` @@ -202,9 +158,9 @@ Example input: ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` @@ -213,81 +169,73 @@ Example output: } ``` -#### Add or Remove an Object from Group - -This action is used to add or remove an object from an Active Directory group. +#### Disable Users + +Disable multiple accounts ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|add_remove|string|None|True|Add or remove the group|['add', 'remove']|add| -|distinguished_name|string|None|True|The distinguished name of the object whose membership will be modified|None|CN=user,OU=domain_users,DC=mydomain,DC=com| -|group_dn|string|None|True|The Distinguished Name of the group to add or remove|None|CN=group_name,OU=domain_groups,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_names|[]string|None|True|The distinguished names of the users to disable|None|["CN=user,OU=domain_users,DC=example,DC=com"]| + Example input: ``` { - "add_remove": "add", - "distinguished_name": "CN=user,OU=domain_users,DC=mydomain,DC=com", - "group_dn": "CN=group_name,OU=domain_groups,DC=example,DC=com" + "distinguished_names": [ + "CN=user,OU=domain_users,DC=example,DC=com" + ] } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| -|success|boolean|False|Operation status|True| - +| :--- | :--- | :--- | :--- | :--- | +|completed|[]string|False|List of successfully disabled users|["CN=user,OU=domain_users,DC=example,DC=com"]| +|failed|[]modified_user_error|False|List of unsuccessfully disabled users|[ { "dn": "CN=user,OU=domain_users,DC=test,DC=com", "error": "The DN CN=empty_search,DC=example,DC=com was not found" } ]| + Example output: ``` { - "success": true + "completed": [ + "CN=user,OU=domain_users,DC=example,DC=com" + ], + "failed": [ + { + "dn": "CN=user,OU=domain_users,DC=test,DC=com", + "error": "The DN CN=empty_search,DC=example,DC=com was not found" + } + ] } ``` -#### Add User - -This action is used to add the specified Active Directory user. +#### Enable User + +Enable an account ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|account_disabled|boolean|True|True|Set this to true to disable the user account at creation|None|True| -|additional_parameters|object|None|False|Add additional user parameters in JSON format|None|{"telephoneNumber":"(617)555-1234"}| -|domain_name|string|None|True|The domain name this user will belong to|None|example.com| -|first_name|string|None|True|User's first name|None|John| -|last_name|string|None|True|User's last name|None|Doe| -|logon_name|string|None|True|The logon name for the account|None|jdoe| -|password|password|None|True|The account's starting password|None|mypassword| -|user_ou|string|Users|True|The OU that the user account will be created in|None|Users| -|user_principal_name|string|None|True|The users principal name|None|user@example.com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_name|string|None|True|The distinguished name of the user to enable|None|CN=user,OU=domain_users,DC=example,DC=com| + Example input: ``` { - "account_disabled": true, - "domain_name": "example.com", - "first_name": "John", - "last_name": "Doe", - "logon_name": "jdoe", - "password": "mypassword", - "user_ou": "Users", - "user_principal_name": "user@example.com" + "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` @@ -296,106 +244,59 @@ Example output: } ``` -#### Query - -This action is used to run an LDAP query. - -For more information on LDAP queries see https://ldap3.readthedocs.io/tutorial_searches.html +#### Enable Users + +Enable multiple accounts ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|attributes|[]string|None|False|Attributes to search. If empty return all attributes|None|["createTimestamp", "creatorsName"]| -|search_base|string|None|True|The base of the search request|None|DC=example,DC=com| -|search_filter|string|None|True|The filter of the search request. It must conform to the LDAP filter syntax specified in RFC4515|None|(sAMAccountName=joesmith)| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_names|[]string|None|True|The distinguished names of the users to enable|None|["CN=user,OU=domain_users,DC=example,DC=com"]| + Example input: ``` { - "attributes": [ - "createTimestamp", - "creatorsName" - ], - "search_base": "DC=example,DC=com", - "search_filter": "(sAMAccountName=joesmith)" + "distinguished_names": [ + "CN=user,OU=domain_users,DC=example,DC=com" + ] } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| -|count|integer|False|Number of results|1| -|results|[]result|False|Results returned|[ { "dn": string, "attributes": { "pwdLastSet": date, "objectClass": [ string, string, string, string ], "memberOf": [ string ], "sAMAccountType": int, "uSNChanged": int, "givenName": string, "userPrincipalName": string, "countryCode": int, "lastLogon": date, "sAMAccountName": string, "name": string, "primaryGroupID": int, "dSCorePropagationData": [ date ], "displayName": string, "logonCount": int, "cn": string, "objectSid": string, "codePage": int, "badPwdCount": int, "objectGUID": string, "distinguishedName": string, "whenChanged": date, "badPasswordTime": date, "instanceType": int, "uSNCreated": int, "sn": string, "whenCreated": date, "accountExpires": date, "userAccountControl": int, "lastLogoff": date, "objectCategory": "string" } } ]| - +| :--- | :--- | :--- | :--- | :--- | +|completed|[]string|False|List of successfully enabled users|["CN=user,OU=domain_users,DC=example,DC=com"]| +|failed|[]modified_user_error|False|List of unsuccessfully enabled users|[ { "dn": "CN=user,OU=domain_users,DC=test,DC=com", "error": "The DN CN=empty_search,DC=example,DC=com was not found" } ]| + Example output: ``` - { - "results": [ + "completed": [ + "CN=user,OU=domain_users,DC=example,DC=com" + ], + "failed": [ { - "dn": "string", - "attributes": { - "pwdLastSet": "date", - "objectClass": [ - "string", - "string", - "string", - "string" - ], - "memberOf": [ - "string" - ], - "sAMAccountType": "int", - "uSNChanged": "int", - "givenName": "string", - "userPrincipalName": "string", - "countryCode": "int", - "lastLogon": "date", - "sAMAccountName": "string", - "name": "string", - "primaryGroupID": "int", - "dSCorePropagationData": [ - "date" - ], - "displayName": "string", - "logonCount": "int", - "cn": "string", - "objectSid": "string", - "codePage": "int", - "badPwdCount": "int", - "objectGUID": "string", - "distinguishedName": "string", - "whenChanged": "date", - "badPasswordTime": "date", - "instanceType": "int", - "uSNCreated": "int", - "sn": "string", - "whenCreated": "date", - "accountExpires": "date", - "userAccountControl": "int", - "lastLogoff": "date", - "objectCategory": "string" - } + "dn": "CN=user,OU=domain_users,DC=test,DC=com", + "error": "The DN CN=empty_search,DC=example,DC=com was not found" } ] } - ``` -#### Enable - -This action is used to enable an account. +#### Force Password Reset + +Force a user to reset their password on next login ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_name|string|None|True|The distinguished name of the user to enable|None|CN=user,OU=domain_users,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_name|string|None|True|The distinguished name of the user who will be forced to reset|None|CN=user,OU=domain_users,DC=example,DC=com| + Example input: ``` @@ -407,259 +308,344 @@ Example input: ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` - { "success": true } - ``` -#### Enable Users - -This action is used to enable accounts. +#### Add or Remove an Object from Group + +Add or remove an object from an Active Directory group ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_names|[]string|None|True|The distinguished names of the users to enable|None|["CN=user,OU=domain_users,DC=example,DC=com"]| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|add_remove|string|None|True|Add or remove the group|['add', 'remove']|add| +|distinguished_name|string|None|True|The distinguished name of the object whose membership will be modified|None|CN=user,OU=domain_users,DC=mydomain,DC=com| +|group_dn|string|None|True|The Distinguished Name of the group to add or remove|None|CN=group_name,OU=domain_groups,DC=example,DC=com| + Example input: ``` { - "distinguished_names": [ - "CN=user,OU=domain_users,DC=example,DC=com" - ] + "add_remove": "add", + "distinguished_name": "CN=user,OU=domain_users,DC=mydomain,DC=com", + "group_dn": "CN=group_name,OU=domain_groups,DC=example,DC=com" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| -|completed|[]string|False|List of successfully enabled users|["CN=user,OU=domain_users,DC=example,DC=com"]| -|failed|[]modified_user_error|False|List of unsuccessfully enabled users|[ { "dn": "CN=user,OU=domain_users,DC=test,DC=com", "error": "The DN CN=empty_search,DC=example,DC=com was not found" } ]| - +| :--- | :--- | :--- | :--- | :--- | +|success|boolean|False|Operation status|True| + Example output: ``` - { - "completed": [ - "CN=user,OU=domain_users,DC=example,DC=com" - ], - "failed": [ - { - "dn": "CN=user,OU=domain_users,DC=test,DC=com", - "error": "The DN CN=empty_search,DC=example,DC=com was not found" - } - ] + "success": true } - ``` -#### Move Object - -This action is used to move an Active Directory object from one organizational unit to another. +#### Modify Object + +Modify the attributes for an Active Directory object ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_name|string|None|True|The distinguished name of the user whose membership will be modified|None|CN=user,OU=domain_users,DC=example,DC=com| -|new_ou|string|None|True|The distinguished name of the OU to move the object to|None|OU=disabled_users,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|attribute_to_modify|string|None|True|The name of the attribute to modify|None|postalCode| +|attribute_value|string|None|True|The value of the attribute|None|02114| +|distinguished_name|string|None|True|The distinguished name of the object to modify|None|CN=user,OU=domain_users,DC=example,DC=com| + Example input: ``` { - "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com", - "new_ou": "OU=disabled_users,DC=example,DC=com" + "attribute_to_modify": "postalCode", + "attribute_value": "02114", + "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` - { "success": true } - ``` -#### Reset Password - -This action is used to reset a users password. +#### Move Object + +Move an Active Directory object from one organizational unit to another ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | |distinguished_name|string|None|True|The distinguished name of the user whose membership will be modified|None|CN=user,OU=domain_users,DC=example,DC=com| -|new_password|password|None|True|The new password|None|mypassword| - +|new_ou|string|None|True|The distinguished name of the OU to move the object to|None|OU=disabled_users,DC=example,DC=com| + Example input: ``` { "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com", - "new_password": "mypassword" + "new_ou": "OU=disabled_users,DC=example,DC=com" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` - { "success": true } ``` -#### Disable - -This action is used to disable an account. +#### Query + +Run an LDAP query ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_name|string|None|True|The distinguished name of the user to disable|None|CN=user,OU=domain_users,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|attributes|[]string|None|False|Attributes to search. If empty return all attributes|None|["createTimestamp", "creatorsName"]| +|search_base|string|None|True|The base of the search request|None|DC=example,DC=com| +|search_filter|string|None|True|The filter of the search request. It must conform to the LDAP filter syntax specified in RFC4515|None|(sAMAccountName=joesmith)| + Example input: ``` { - "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com" + "attributes": [ + "createTimestamp", + "creatorsName" + ], + "search_base": "DC=example,DC=com", + "search_filter": "(sAMAccountName=joesmith)" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| -|success|boolean|False|Operation status|True| - +| :--- | :--- | :--- | :--- | :--- | +|count|integer|False|Number of results|1| +|results|[]result|False|Results returned|[ { "dn": string, "attributes": { "pwdLastSet": date, "objectClass": [ string, string, string, string ], "memberOf": [ string ], "sAMAccountType": int, "uSNChanged": int, "givenName": string, "userPrincipalName": string, "countryCode": int, "lastLogon": date, "sAMAccountName": string, "name": string, "primaryGroupID": int, "dSCorePropagationData": [ date ], "displayName": string, "logonCount": int, "cn": string, "objectSid": string, "codePage": int, "badPwdCount": int, "objectGUID": string, "distinguishedName": string, "whenChanged": date, "badPasswordTime": date, "instanceType": int, "uSNCreated": int, "sn": string, "whenCreated": date, "accountExpires": date, "userAccountControl": int, "lastLogoff": date, "objectCategory": "string" } } ]| + Example output: ``` - { - "success": true + "count": 1, + "results": [ + { + "dn": "string", + "attributes": { + "pwdLastSet": "date", + "objectClass": [ + "string", + "string", + "string", + "string" + ], + "memberOf": [ + "string" + ], + "sAMAccountType": "int", + "uSNChanged": "int", + "givenName": "string", + "userPrincipalName": "string", + "countryCode": "int", + "lastLogon": "date", + "sAMAccountName": "string", + "name": "string", + "primaryGroupID": "int", + "dSCorePropagationData": [ + "date" + ], + "displayName": "string", + "logonCount": "int", + "cn": "string", + "objectSid": "string", + "codePage": "int", + "badPwdCount": "int", + "objectGUID": "string", + "distinguishedName": "string", + "whenChanged": "date", + "badPasswordTime": "date", + "instanceType": "int", + "uSNCreated": "int", + "sn": "string", + "whenCreated": "date", + "accountExpires": "date", + "userAccountControl": "int", + "lastLogoff": "date", + "objectCategory": "string" + } + } + ] } - ``` - -#### Disable Users - -This action is used to disable accounts. +#### Query Group Membership + +Return users and groups that belonging to the specific group ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_names|[]string|None|True|The distinguished names of the users to disable|None|["CN=user,OU=domain_users,DC=example,DC=com"]| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|expand_nested_groups|boolean|None|False|Expand nested groups in results|None|True| +|group_name|string|None|True|Name of the group for which membership will be checked|None|Domain Users| +|include_groups|boolean|None|False|Include groups in results|None|True| +|search_base|string|None|True|The base of the search request|None|DC=example,DC=com| + Example input: ``` { - "distinguished_names": [ - "CN=user,OU=domain_users,DC=example,DC=com" - ] + "expand_nested_groups": true, + "group_name": "Domain Users", + "include_groups": true, + "search_base": "DC=example,DC=com" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| -|completed|[]string|False|List of successfully disabled users|["CN=user,OU=domain_users,DC=example,DC=com"]| -|failed|[]modified_user_error|False|List of unsuccessfully disabled users|[ { "dn": "CN=user,OU=domain_users,DC=test,DC=com", "error": "The DN CN=empty_search,DC=example,DC=com was not found" } ]| - +| :--- | :--- | :--- | :--- | :--- | +|count|integer|False|Number of results|1| +|results|[]results|False|Results returned|[ { "attributes": { "accountExpires": "9999-12-31 23:59:59.999999+00:00", "adminCount": 0, "badPasswordTime": "1601-01-01 00:00:00+00:00", "badPwdCount": 0, "cn": "Example User", "codePage": 0, "countryCode": 0, "dSCorePropagationData": [ "2021-01-14 18:17:28+00:00", "2021-01-14 17:48:27+00:00", "1601-01-01 00:04:16+00:00" ], "description": [ "Example Account" ], "distinguishedName": "CN=Example User,CN=Users,DC=example,DC=com", "instanceType": 4, "isCriticalSystemObject": true, "lastLogoff": "1601-01-01 00:00:00+00:00", "lastLogon": "1601-01-01 00:00:00+00:00", "logonCount": 0, "memberOf": [ "CN=Domain Users,CN=Users,example,DC=com" ], "name": "Example User", "objectCategory": "CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com", "objectClass": [ "top", "person", "organizationalPerson", "user" ], "objectGUID": "{b45138aa-be39-47d9-ab57-3aee8f381f87}", "objectSid": "S-1-5-33-3456299977-1009817396-2685666617-303", "primaryGroupID": 513, "pwdLastSet": "2021-01-14 17:48:26.197384+00:00", "sAMAccountName": "Example User", "sAMAccountType": 489006322, "showInAdvancedViewOnly": true, "uSNChanged": 16419, "uSNCreated": 12324, "userAccountControl": 514, "whenChanged": "2021-01-14 18:17:28+00:00", "whenCreated": "2021-01-14 17:48:26+00:00" }, "dn": "CN=Example User,CN=Users,DC=example,DC=com" } ]| + Example output: ``` - { - "completed": [ - "CN=user,OU=domain_users,DC=example,DC=com" - ], - "failed": [ + "count": 1, + "results": [ { - "dn": "CN=user,OU=domain_users,DC=test,DC=com", - "error": "The DN CN=empty_search,DC=example,DC=com was not found" + "attributes": { + "accountExpires": "9999-12-31 23:59:59.999999+00:00", + "adminCount": 0, + "badPasswordTime": "1601-01-01 00:00:00+00:00", + "badPwdCount": 0, + "cn": "Example User", + "codePage": 0, + "countryCode": 0, + "dSCorePropagationData": [ + "2021-01-14 18:17:28+00:00", + "2021-01-14 17:48:27+00:00", + "1601-01-01 00:04:16+00:00" + ], + "description": [ + "Example Account" + ], + "distinguishedName": "CN=Example User,CN=Users,DC=example,DC=com", + "instanceType": 4, + "isCriticalSystemObject": true, + "lastLogoff": "1601-01-01 00:00:00+00:00", + "lastLogon": "1601-01-01 00:00:00+00:00", + "logonCount": 0, + "memberOf": [ + "CN=Domain Users,CN=Users,example,DC=com" + ], + "name": "Example User", + "objectCategory": "CN=Person,CN=Schema,CN=Configuration,DC=example,DC=com", + "objectClass": [ + "top", + "person", + "organizationalPerson", + "user" + ], + "objectGUID": "{b45138aa-be39-47d9-ab57-3aee8f381f87}", + "objectSid": "S-1-5-33-3456299977-1009817396-2685666617-303", + "primaryGroupID": 513, + "pwdLastSet": "2021-01-14 17:48:26.197384+00:00", + "sAMAccountName": "Example User", + "sAMAccountType": 489006322, + "showInAdvancedViewOnly": true, + "uSNChanged": 16419, + "uSNCreated": 12324, + "userAccountControl": 514, + "whenChanged": "2021-01-14 18:17:28+00:00", + "whenCreated": "2021-01-14 17:48:26+00:00" + }, + "dn": "CN=Example User,CN=Users,DC=example,DC=com" } ] } - ``` -#### Delete - -This action is used to delete the LDAP object specified. +#### Reset Password + +Reset a users password ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_name|string|None|True|The distinguished name of the object to delete|None|CN=user,OU=domain_users,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_name|string|None|True|The distinguished name of the user whose membership will be modified|None|CN=user,OU=domain_users,DC=example,DC=com| +|new_password|password|None|True|The new password|None|mypassword| + Example input: ``` { - "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com" + "distinguished_name": "CN=user,OU=domain_users,DC=example,DC=com", + "new_password": "mypassword" } ``` ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` - { "success": true } - ``` -#### Force Password Reset - -This action is used to force a user to reset their password on next login. +#### Unlock User + +Unlock an account ##### Input |Name|Type|Default|Required|Description|Enum|Example| -|----|----|-------|--------|-----------|----|-------| -|distinguished_name|string|None|True|The distinguished name of the user who will be forced to reset|None|CN=user,OU=domain_users,DC=example,DC=com| - +| :--- | :--- | :--- | :--- | :--- | :--- | :--- | +|distinguished_name|string|None|True|The distinguished name of the user to unlock|None|CN=user,OU=domain_users,DC=example,DC=com| + Example input: ``` @@ -671,9 +657,9 @@ Example input: ##### Output |Name|Type|Required|Description|Example| -|----|----|--------|-----------|-------| +| :--- | :--- | :--- | :--- | :--- | |success|boolean|False|Operation status|True| - + Example output: ``` @@ -683,67 +669,72 @@ Example output: ``` ### Triggers + +*This plugin does not contain any triggers.* + +### Tasks + +*This plugin does not contain any tasks.* + +### Custom Types + +**attributes** + +|Name|Type|Default|Required|Description|Example| +| :--- | :--- | :--- | :--- | :--- | :--- | +|Account Expires|string|None|False|Account expires|None| +|Admin Count|integer|None|False|Admin count|None| +|Bad Password Time|string|None|False|Bad password time|None| +|Bad PWD Count|integer|None|False|Bad PWD count|None| +|CN|string|None|False|CN|None| +|Code Page|integer|None|False|Code page|None| +|Country Code|integer|None|False|Country code|None| +|DS Core Propagation Data|[]string|None|False|DS core propagation data|None| +|Description|[]string|None|False|Description|None| +|Distinguished Name|string|None|False|Distinguished name|None| +|Instance Type|integer|None|False|Instance type|None| +|Is Critical System Object|boolean|None|False|Is critical system object|None| +|Last Log Off|string|None|False|Last log off|None| +|Last Log On|string|None|False|Last log on|None| +|Last Log On Timestamp|string|None|False|Last log on timestamp|None| +|Log On Count|integer|None|False|Log on count|None| +|Member Of|[]string|None|False|Member of|None| +|Name|string|None|False|Name|None| +|Object Category|string|None|False|Object category|None| +|Object Class|[]string|None|False|Object class|None| +|Object GUID|string|None|False|Object GUID|None| +|Object SID|string|None|False|Object SID|None| +|Primary Group ID|integer|None|False|Primary group ID|None| +|PWD Last Set|string|None|False|PWD last set|None| +|SAM Account Name|string|None|False|SAM account name|None| +|SAM Account Type|integer|None|False|SAM account type|None| +|USN changed|integer|None|False|USN changed|None| +|USN created|integer|None|False|USN created|None| +|User Account Control|integer|None|False|User account control|None| +|When Changed|string|None|False|When changed|None| +|When Created|string|None|False|When created|None| + +**results** + +|Name|Type|Default|Required|Description|Example| +| :--- | :--- | :--- | :--- | :--- | :--- | +|Attributes|attributes|None|False|Attributes|None| +|DN|string|None|False|DN|None| + +**result** + +|Name|Type|Default|Required|Description|Example| +| :--- | :--- | :--- | :--- | :--- | :--- | +|Attributes|object|None|None|None|None| +|DN|string|None|None|None|None| + +**modified_user_error** + +|Name|Type|Default|Required|Description|Example| +| :--- | :--- | :--- | :--- | :--- | :--- | +|DN|string|None|False|DN|None| +|Error|string|None|False|Error|None| -_This plugin does not contain any triggers._ - -### Custom Output Types - -#### attributes - -|Name|Type|Required|Description| -|----|----|--------|-----------| -|Account Expires|string|False|Account expires| -|Admin Count|integer|False|Admin count| -|Bad Password Time|string|False|Bad password time| -|Bad PWD Count|integer|False|Bad PWD count| -|CN|string|False|CN| -|Code Page|integer|False|Code page| -|Country Code|integer|False|Country code| -|DS Core Propagation Data|[]string|False|DS core propagation data| -|Description|[]string|False|Description| -|Distinguished Name|string|False|Distinguished name| -|Instance Type|integer|False|Instance type| -|Is Critical System Object|boolean|False|Is critical system object| -|Last Log Off|string|False|Last log off| -|Last Log On|string|False|Last log on| -|Last Log On Timestamp|string|False|Last log on timestamp| -|Log On Count|integer|False|Log on count| -|Member Of|[]string|False|Member of| -|Name|string|False|Name| -|Object Category|string|False|Object category| -|Object Class|[]string|False|Object class| -|Object GUID|string|False|Object GUID| -|Object SID|string|False|Object SID| -|Primary Group ID|integer|False|Primary group ID| -|PWD Last Set|string|False|PWD last set| -|SAM Account Name|string|False|SAM account name| -|SAM Account Type|integer|False|SAM account type| -|USN changed|integer|False|USN changed| -|USN created|integer|False|USN created| -|User Account Control|integer|False|User account control| -|When Changed|string|False|When changed| -|When Created|string|False|When created| - -#### result - -|Name|Type|Required|Description| -|----|----|--------|-----------| -|Attributes|object|False|None| -|Dn|string|False|None| - -#### results - -|Name|Type|Required|Description| -|----|----|--------|-----------| -|Attributes|attributes|False|Attributes| -|DN|string|False|DN| - -#### modified_user_error - -|Name|Type|Required|Description| -|----|----|--------|-----------| -|Error|string|False|Error| -|DN|string|False|DN| ## Troubleshooting @@ -771,6 +762,7 @@ the query results, and then using the variable step $item.dn # Version History +* 9.0.0 - Action: `Disable User` & `Enable User` - Rename title of actions from `Disable` & `Enable` to `Disable Users` & `Enable Users` on the front-end. * 8.0.0 - Update actions Enable Users and Enable Users to add outputs Completed and Failed and remove output All Operations Succeeded * 7.0.0 - Update actions Enable Users and Enable Users to replace output Success with All Operations Succeeded True/False * 6.0.0 - Add actions Enable Users and Disable users allowing for the bulk enablement/disablement of users diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/__init__.py index 64f0240019..b63769fa92 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/__init__.py @@ -1,15 +1,30 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT -from .add_user.action import AddUser +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT + +from .query.action import Query + from .delete.action import Delete -from .disable_user.action import DisableUser -from .disable_users.action import DisableUsers + +from .add_user.action import AddUser + from .enable_user.action import EnableUser + from .enable_users.action import EnableUsers -from .force_password_reset.action import ForcePasswordReset + +from .disable_user.action import DisableUser + +from .disable_users.action import DisableUsers + from .modify_groups.action import ModifyGroups -from .modify_object.action import ModifyObject + from .move_object.action import MoveObject -from .query.action import Query -from .query_group_membership.action import QueryGroupMembership + from .reset_password.action import ResetPassword + +from .modify_object.action import ModifyObject + +from .force_password_reset.action import ForcePasswordReset + +from .query_group_membership.action import QueryGroupMembership + from .unlock_user.action import UnlockUser + diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/__init__.py index 6f4a96041f..d39dbf4dc0 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import AddUser diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/schema.py index 72b1dbd7e0..5bef768b85 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/add_user/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -17,14 +17,14 @@ class Input: PASSWORD = "password" USER_OU = "user_ou" USER_PRINCIPAL_NAME = "user_principal_name" - + class Output: SUCCESS = "success" - + class AddUserInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -67,11 +67,9 @@ class AddUserInput(insightconnect_plugin_runtime.Input): "order": 2 }, "password": { - "type": "string", + "$ref": "#/definitions/password", "title": "Password", - "displayType": "password", "description": "The account's starting password", - "format": "password", "order": 6 }, "user_ou": { @@ -97,7 +95,14 @@ class AddUserInput(insightconnect_plugin_runtime.Input): "password", "user_ou", "user_principal_name" - ] + ], + "definitions": { + "password": { + "type": "string", + "format": "password", + "displayType": "password" + } + } } """) @@ -106,7 +111,7 @@ def __init__(self): class AddUserOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -117,7 +122,8 @@ class AddUserOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/__init__.py index 414f7280cd..1a89540f13 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import Delete diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/schema.py index 958dcabb36..8d22f0cfac 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/delete/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,14 +9,14 @@ class Component: class Input: DISTINGUISHED_NAME = "distinguished_name" - + class Output: SUCCESS = "success" - + class DeleteInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -30,7 +30,8 @@ class DeleteInput(insightconnect_plugin_runtime.Input): }, "required": [ "distinguished_name" - ] + ], + "definitions": {} } """) @@ -39,7 +40,7 @@ def __init__(self): class DeleteOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -50,7 +51,8 @@ class DeleteOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/__init__.py index d67665a0cd..11a23d70ea 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import DisableUser diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/schema.py index 411292605d..76c61a8312 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_user/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,14 +9,14 @@ class Component: class Input: DISTINGUISHED_NAME = "distinguished_name" - + class Output: SUCCESS = "success" - + class DisableUserInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -30,7 +30,8 @@ class DisableUserInput(insightconnect_plugin_runtime.Input): }, "required": [ "distinguished_name" - ] + ], + "definitions": {} } """) @@ -39,7 +40,7 @@ def __init__(self): class DisableUserOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -50,7 +51,8 @@ class DisableUserOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/__init__.py index 9aff586a1a..1b9ff76681 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import DisableUsers diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/schema.py index 07a51b790a..9aa47a22e5 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/disable_users/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,15 +9,15 @@ class Component: class Input: DISTINGUISHED_NAMES = "distinguished_names" - + class Output: COMPLETED = "completed" FAILED = "failed" - + class DisableUsersInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -34,7 +34,8 @@ class DisableUsersInput(insightconnect_plugin_runtime.Input): }, "required": [ "distinguished_names" - ] + ], + "definitions": {} } """) @@ -43,7 +44,7 @@ def __init__(self): class DisableUsersOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/__init__.py index 8362dbda2a..d81d1a4fab 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import EnableUser diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/schema.py index f3377ce275..82cac79935 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_user/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,14 +9,14 @@ class Component: class Input: DISTINGUISHED_NAME = "distinguished_name" - + class Output: SUCCESS = "success" - + class EnableUserInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -30,7 +30,8 @@ class EnableUserInput(insightconnect_plugin_runtime.Input): }, "required": [ "distinguished_name" - ] + ], + "definitions": {} } """) @@ -39,7 +40,7 @@ def __init__(self): class EnableUserOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -50,7 +51,8 @@ class EnableUserOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/__init__.py index a57878cb85..f2c6f1ead1 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import EnableUsers diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/schema.py index 9adb246da7..68d559c127 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/enable_users/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,15 +9,15 @@ class Component: class Input: DISTINGUISHED_NAMES = "distinguished_names" - + class Output: COMPLETED = "completed" FAILED = "failed" - + class EnableUsersInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -34,7 +34,8 @@ class EnableUsersInput(insightconnect_plugin_runtime.Input): }, "required": [ "distinguished_names" - ] + ], + "definitions": {} } """) @@ -43,7 +44,7 @@ def __init__(self): class EnableUsersOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/__init__.py index f8ab31f137..64d638f186 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import ForcePasswordReset diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/schema.py index 241b707312..418ace4a9c 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/force_password_reset/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,14 +9,14 @@ class Component: class Input: DISTINGUISHED_NAME = "distinguished_name" - + class Output: SUCCESS = "success" - + class ForcePasswordResetInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -30,7 +30,8 @@ class ForcePasswordResetInput(insightconnect_plugin_runtime.Input): }, "required": [ "distinguished_name" - ] + ], + "definitions": {} } """) @@ -39,7 +40,7 @@ def __init__(self): class ForcePasswordResetOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -50,7 +51,8 @@ class ForcePasswordResetOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/__init__.py index 4425c2325b..7ff1c15c01 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import ModifyGroups diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/schema.py index c8d31799f7..bcddadd5f1 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_groups/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -11,14 +11,14 @@ class Input: ADD_REMOVE = "add_remove" DISTINGUISHED_NAME = "distinguished_name" GROUP_DN = "group_dn" - + class Output: SUCCESS = "success" - + class ModifyGroupsInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -50,7 +50,8 @@ class ModifyGroupsInput(insightconnect_plugin_runtime.Input): "add_remove", "distinguished_name", "group_dn" - ] + ], + "definitions": {} } """) @@ -59,7 +60,7 @@ def __init__(self): class ModifyGroupsOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -70,7 +71,8 @@ class ModifyGroupsOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/__init__.py index 99ffc910e8..5df0e037be 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import ModifyObject diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/schema.py index 81d1a40747..d918f23d19 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/modify_object/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -11,14 +11,14 @@ class Input: ATTRIBUTE_TO_MODIFY = "attribute_to_modify" ATTRIBUTE_VALUE = "attribute_value" DISTINGUISHED_NAME = "distinguished_name" - + class Output: SUCCESS = "success" - + class ModifyObjectInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -46,7 +46,8 @@ class ModifyObjectInput(insightconnect_plugin_runtime.Input): "attribute_to_modify", "attribute_value", "distinguished_name" - ] + ], + "definitions": {} } """) @@ -55,7 +56,7 @@ def __init__(self): class ModifyObjectOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -66,7 +67,8 @@ class ModifyObjectOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/__init__.py index b73660e5d6..4cb762b3da 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import MoveObject diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/schema.py index 233e0f7223..bc8236dc0c 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/move_object/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -10,14 +10,14 @@ class Component: class Input: DISTINGUISHED_NAME = "distinguished_name" NEW_OU = "new_ou" - + class Output: SUCCESS = "success" - + class MoveObjectInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -38,7 +38,8 @@ class MoveObjectInput(insightconnect_plugin_runtime.Input): "required": [ "distinguished_name", "new_ou" - ] + ], + "definitions": {} } """) @@ -47,7 +48,7 @@ def __init__(self): class MoveObjectOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -58,7 +59,8 @@ class MoveObjectOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/__init__.py index bcfe78f14b..ee089134a0 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import Query diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/schema.py index 300ee2af34..9529a1d408 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -11,15 +11,15 @@ class Input: ATTRIBUTES = "attributes" SEARCH_BASE = "search_base" SEARCH_FILTER = "search_filter" - + class Output: COUNT = "count" RESULTS = "results" - + class QueryInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -49,7 +49,8 @@ class QueryInput(insightconnect_plugin_runtime.Input): "required": [ "search_base", "search_filter" - ] + ], + "definitions": {} } """) @@ -58,7 +59,7 @@ def __init__(self): class QueryOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -91,7 +92,7 @@ class QueryOutput(insightconnect_plugin_runtime.Output): }, "dn": { "type": "string", - "title": "Dn", + "title": "DN", "order": 2 } } diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/__init__.py index f8297668a1..f61737f2a4 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import QueryGroupMembership diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/schema.py index f252da7002..79e5f78e47 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/query_group_membership/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -12,15 +12,15 @@ class Input: GROUP_NAME = "group_name" INCLUDE_GROUPS = "include_groups" SEARCH_BASE = "search_base" - + class Output: COUNT = "count" RESULTS = "results" - + class QueryGroupMembershipInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -53,7 +53,8 @@ class QueryGroupMembershipInput(insightconnect_plugin_runtime.Input): "required": [ "group_name", "search_base" - ] + ], + "definitions": {} } """) @@ -62,7 +63,7 @@ def __init__(self): class QueryGroupMembershipOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -84,6 +85,24 @@ class QueryGroupMembershipOutput(insightconnect_plugin_runtime.Output): } }, "definitions": { + "results": { + "type": "object", + "title": "results", + "properties": { + "attributes": { + "$ref": "#/definitions/attributes", + "title": "Attributes", + "description": "Attributes", + "order": 1 + }, + "dn": { + "type": "string", + "title": "DN", + "description": "DN", + "order": 2 + } + } + }, "attributes": { "type": "object", "title": "attributes", @@ -287,230 +306,6 @@ class QueryGroupMembershipOutput(insightconnect_plugin_runtime.Output): "order": 31 } } - }, - "results": { - "type": "object", - "title": "results", - "properties": { - "attributes": { - "$ref": "#/definitions/attributes", - "title": "Attributes", - "description": "Attributes", - "order": 1 - }, - "dn": { - "type": "string", - "title": "DN", - "description": "DN", - "order": 2 - } - }, - "definitions": { - "attributes": { - "type": "object", - "title": "attributes", - "properties": { - "accountExpires": { - "type": "string", - "title": "Account Expires", - "description": "Account expires", - "order": 1 - }, - "adminCount": { - "type": "integer", - "title": "Admin Count", - "description": "Admin count", - "order": 2 - }, - "badPasswordTime": { - "type": "string", - "title": "Bad Password Time", - "description": "Bad password time", - "order": 3 - }, - "badPwdCount": { - "type": "integer", - "title": "Bad PWD Count", - "description": "Bad PWD count", - "order": 4 - }, - "cn": { - "type": "string", - "title": "CN", - "description": "CN", - "order": 5 - }, - "codePage": { - "type": "integer", - "title": "Code Page", - "description": "Code page", - "order": 6 - }, - "countryCode": { - "type": "integer", - "title": "Country Code", - "description": "Country code", - "order": 7 - }, - "dSCorePropagationData": { - "type": "array", - "title": "DS Core Propagation Data", - "description": "DS core propagation data", - "items": { - "type": "string" - }, - "order": 8 - }, - "description": { - "type": "array", - "title": "Description", - "description": "Description", - "items": { - "type": "string" - }, - "order": 9 - }, - "distinguishedName": { - "type": "string", - "title": "Distinguished Name", - "description": "Distinguished name", - "order": 10 - }, - "instanceType": { - "type": "integer", - "title": "Instance Type", - "description": "Instance type", - "order": 11 - }, - "isCriticalSystemObject": { - "type": "boolean", - "title": "Is Critical System Object", - "description": "Is critical system object", - "order": 12 - }, - "lastLogoff": { - "type": "string", - "title": "Last Log Off", - "description": "Last log off", - "order": 13 - }, - "lastLogon": { - "type": "string", - "title": "Last Log On", - "description": "Last log on", - "order": 14 - }, - "lastLogonTimestamp": { - "type": "string", - "title": "Last Log On Timestamp", - "description": "Last log on timestamp", - "order": 15 - }, - "logonCount": { - "type": "integer", - "title": "Log On Count", - "description": "Log on count", - "order": 16 - }, - "memberOf": { - "type": "array", - "title": "Member Of", - "description": "Member of", - "items": { - "type": "string" - }, - "order": 17 - }, - "name": { - "type": "string", - "title": "Name", - "description": "Name", - "order": 18 - }, - "objectCategory": { - "type": "string", - "title": "Object Category", - "description": "Object category", - "order": 19 - }, - "objectClass": { - "type": "array", - "title": "Object Class", - "description": "Object class", - "items": { - "type": "string" - }, - "order": 20 - }, - "objectGUID": { - "type": "string", - "title": "Object GUID", - "description": "Object GUID", - "order": 21 - }, - "objectSid": { - "type": "string", - "title": "Object SID", - "description": "Object SID", - "order": 22 - }, - "primaryGroupID": { - "type": "integer", - "title": "Primary Group ID", - "description": "Primary group ID", - "order": 23 - }, - "pwdLastSet": { - "type": "string", - "title": "PWD Last Set", - "description": "PWD last set", - "order": 24 - }, - "sAMAccountName": { - "type": "string", - "title": "SAM Account Name", - "description": "SAM account name", - "order": 25 - }, - "sAMAccountType": { - "type": "integer", - "title": "SAM Account Type", - "description": "SAM account type", - "order": 26 - }, - "uSNChanged": { - "type": "integer", - "title": "USN changed", - "description": "USN changed", - "order": 27 - }, - "uSNCreated": { - "type": "integer", - "title": "USN created", - "description": "USN created", - "order": 28 - }, - "userAccountControl": { - "type": "integer", - "title": "User Account Control", - "description": "User account control", - "order": 29 - }, - "whenChanged": { - "type": "string", - "title": "When Changed", - "description": "When changed", - "order": 30 - }, - "whenCreated": { - "type": "string", - "title": "When Created", - "description": "When created", - "order": 31 - } - } - } - } } } } diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/__init__.py index 513f122917..583e3cbaf7 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import ResetPassword diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/schema.py index dd27470b84..16a3581ce5 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/reset_password/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -10,14 +10,14 @@ class Component: class Input: DISTINGUISHED_NAME = "distinguished_name" NEW_PASSWORD = "new_password" - + class Output: SUCCESS = "success" - + class ResetPasswordInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -29,18 +29,23 @@ class ResetPasswordInput(insightconnect_plugin_runtime.Input): "order": 1 }, "new_password": { - "type": "string", + "$ref": "#/definitions/password", "title": "New Password", - "displayType": "password", "description": "The new password", - "format": "password", "order": 2 } }, "required": [ "distinguished_name", "new_password" - ] + ], + "definitions": { + "password": { + "type": "string", + "format": "password", + "displayType": "password" + } + } } """) @@ -49,7 +54,7 @@ def __init__(self): class ResetPasswordOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -60,7 +65,8 @@ class ResetPasswordOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/__init__.py index 5b2ee328e3..cb4f90025a 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .action import UnlockUser diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/schema.py index 0a8c7426b4..949c1ac0cf 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/actions/unlock_user/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,14 +9,14 @@ class Component: class Input: DISTINGUISHED_NAME = "distinguished_name" - + class Output: SUCCESS = "success" - + class UnlockUserInput(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -30,7 +30,8 @@ class UnlockUserInput(insightconnect_plugin_runtime.Input): }, "required": [ "distinguished_name" - ] + ], + "definitions": {} } """) @@ -39,7 +40,7 @@ def __init__(self): class UnlockUserOutput(insightconnect_plugin_runtime.Output): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -50,7 +51,8 @@ class UnlockUserOutput(insightconnect_plugin_runtime.Output): "description": "Operation status", "order": 1 } - } + }, + "definitions": {} } """) diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/connection/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/connection/__init__.py index a515dcf6b0..c78d3356be 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/connection/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/connection/__init__.py @@ -1,2 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from .connection import Connection diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/connection/schema.py b/plugins/active_directory_ldap/komand_active_directory_ldap/connection/schema.py index 9b99decb37..8961740a93 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/connection/schema.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/connection/schema.py @@ -1,4 +1,4 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import insightconnect_plugin_runtime import json @@ -9,10 +9,10 @@ class Input: PORT = "port" USE_SSL = "use_ssl" USERNAME_PASSWORD = "username_password" - + class ConnectionSchema(insightconnect_plugin_runtime.Input): - schema = json.loads(""" + schema = json.loads(r""" { "type": "object", "title": "Variables", @@ -60,23 +60,23 @@ class ConnectionSchema(insightconnect_plugin_runtime.Input): "definitions": { "credential_username_password": { "id": "credential_username_password", - "type": "object", "title": "Credential: Username and Password", "description": "A username and password combination", + "type": "object", "properties": { + "username": { + "type": "string", + "title": "Username", + "description": "The username to log in with", + "order": 1 + }, "password": { "type": "string", "title": "Password", - "displayType": "password", "description": "The password", "format": "password", + "displayType": "password", "order": 2 - }, - "username": { - "type": "string", - "title": "Username", - "description": "The username to log in with", - "order": 1 } }, "required": [ diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/tasks/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/tasks/__init__.py new file mode 100644 index 0000000000..7020c9a4ad --- /dev/null +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/tasks/__init__.py @@ -0,0 +1,2 @@ +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT + diff --git a/plugins/active_directory_ldap/komand_active_directory_ldap/triggers/__init__.py b/plugins/active_directory_ldap/komand_active_directory_ldap/triggers/__init__.py index bace8db897..7020c9a4ad 100755 --- a/plugins/active_directory_ldap/komand_active_directory_ldap/triggers/__init__.py +++ b/plugins/active_directory_ldap/komand_active_directory_ldap/triggers/__init__.py @@ -1 +1,2 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT + diff --git a/plugins/active_directory_ldap/plugin.spec.yaml b/plugins/active_directory_ldap/plugin.spec.yaml index 583b30543f..6c06915a68 100644 --- a/plugins/active_directory_ldap/plugin.spec.yaml +++ b/plugins/active_directory_ldap/plugin.spec.yaml @@ -4,7 +4,7 @@ products: [insightconnect] name: active_directory_ldap title: Active Directory LDAP description: "This plugin utilizes Microsoft's Active Directory service to create and manage domains, users, and objects within a network" -version: 8.0.0 +version: 9.0.0 supported_versions: ["Azure Active Directory 2.0.89.0"] vendor: rapid7 support: rapid7 @@ -21,6 +21,10 @@ hub_tags: use_cases: [user_management, credential_management, application_management, threat_detection_and_response] keywords: [ldap, microsoft] features: [] +sdk: + type: full + version: 5 + user: nobody types: attributes: accountExpires: @@ -191,8 +195,10 @@ types: required: false result: attributes: + title: Attributes type: object dn: + title: DN type: string modified_user_error: dn: @@ -261,7 +267,7 @@ actions: description: Attributes to search. If empty return all attributes required: false type: '[]string' - example: ["createTimestamp", "creatorsName"] + example: '["createTimestamp", "creatorsName"]' output: results: title: Results @@ -360,7 +366,7 @@ actions: required: false example: true enable_user: - title: Enable + title: Enable User description: Enable an account input: distinguished_name: @@ -385,7 +391,7 @@ actions: type: "[]string" description: The distinguished names of the users to enable required: true - example: ["CN=user,OU=domain_users,DC=example,DC=com"] + example: '["CN=user,OU=domain_users,DC=example,DC=com"]' output: completed: title: Completed @@ -400,7 +406,7 @@ actions: required: false example: '[ { "dn": "CN=user,OU=domain_users,DC=test,DC=com", "error": "The DN CN=empty_search,DC=example,DC=com was not found" } ]' disable_user: - title: Disable + title: Disable User description: Disable an account input: distinguished_name: @@ -425,7 +431,7 @@ actions: type: "[]string" description: The distinguished names of the users to disable required: true - example: ["CN=user,OU=domain_users,DC=example,DC=com"] + example: '["CN=user,OU=domain_users,DC=example,DC=com"]' output: completed: title: Completed diff --git a/plugins/active_directory_ldap/setup.py b/plugins/active_directory_ldap/setup.py index fb2bf64270..f1c7b7bc76 100755 --- a/plugins/active_directory_ldap/setup.py +++ b/plugins/active_directory_ldap/setup.py @@ -1,9 +1,9 @@ -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT from setuptools import setup, find_packages setup(name="active_directory_ldap-rapid7-plugin", - version="8.0.0", + version="9.0.0", description="This plugin utilizes Microsoft's Active Directory service to create and manage domains, users, and objects within a network", author="rapid7", author_email="",