Table of Content
Overview
This is a community-driven Terraform provider for Microsoft Active Directory. The following Active Directory object types are currently supported:
- computer
- organizational unit
More Active Directory resources are planned. Please feel free to contribute.
Using the Provider
To instead use a custom-built provider in your Terraform environment (e.g. the provider binary from the build instructions below), follow the instructions to install it as a plugin. After placing it into your plugins directory, run terraform init to initialize it.
The Terraform Active Directory Provider is used to interact with Microsoft Active Directory. Thus, the provider needs to be configured with the proper credentials before it can be used.
Example
# Configure the AD Provider
provider "activedirectory" {
host = "ad.example.org"
domain = "example.org"
use_tls = false
user = "admin"
password = "password"
}
# Add computer to Active Directory
resource "activedirectory_computer" "test_computer" {
name = "TerraformComputer" # update will force destroy and new
ou = "CN=Computers,DC=example,DC=org" # can be updated
description = "terraform sample server" # can be updated
}
# Add ou to Active Directory
resource "activedirectory_ou" "test_ou" {
name = "TerraformOU" # can be updated
base_ou = "OU=Test,CN=Computers,DC=example,DC=org" # can be updated
description = "terraform sample ou" # can be updated
}
Provider Development
If you wish to work on the provider, you’ll first need Go installed on your machine (please check the requirements before proceeding).
Note: This project uses Go Modules making it safe to work with it outside of your existing GOPATH. The instructions that follow assume a directory in your home directory outside of the standard GOPATH (i.e $HOME/development/terraform-providers/).
Requirements
Environment
Clone repository to: $HOME/development/terraform-providers/
$ mkdir -p $HOME/development/terraform-providers/; cd $HOME/development/terraform-providers/
$ git clone git@github.com:ParagonIaC/terraform-provider-activedirectory
...
Enter the provider directory and run make tools. This will install the needed tools for the provider.
$ make tools
To compile the provider, run make build. This will build the provider and put the provider binary in the $GOPATH/bin directory.
$ make build
...
$ $GOPATH/bin/terraform-provider-activedirectory
...
Testing the Provider
In order to test the provider, you can run make test. This will run so-called unit tests.
$ make test
In order to run the full suite of Acceptance tests, run make testacc. Please make sure that a working Domain Controller is reachable and you have the needed permissions
Note: Acceptance tests create real resources! Please read Running an Acceptance Test in the contribution guidelines for more information on usage.
$ make testacc
For make testacc you have to set the following environment variables:
| Variable | Description | Example | Default | Required |
|---|---|---|---|---|
| AD_HOST | Domain Controller | dc.example.org | - | yes |
| AD_PORT | LDAP Port | 389 | 389 | no |
| AD_DOMAIN | Domain | eample.org | - | yes |
| AD_USE_TLS | Use secure connection | false | true | no |
| AD_USER | Admin user name or DN | admin | - | yes |
| AD_PASSWORD | Password of the admin user | secret | - | yes |
| AD_TEST_BASE_OU | OU for the test cases | ou=Tests,dc=example,dc=org | - | yes (tests only) |
Contributing
Terraform is the work of thousands of contributors. We appreciate your help!
To contribute, please read the contribution guidelines: Contributing to Terraform - Active Directory Provider
Issues on GitHub are intended to be related to bugs or feature requests with provider codebase. See https://www.terraform.io/docs/extend/community/index.html for a list of community resources to ask questions about Terraform.