Skip to content

D09 Automation Docs

Disable gMSA

D09 Automation Docs

Disable gMSA

Go to Automation

View in GitLab

Description

This playbook disables a Group Managed Service Account (gMSA) in Active Directory. It sets the account's enabled property to false, effectively disabling the account without deleting it. The playbook requires domain credentials and supports a "what-if" mode for dry runs.

Credentials

sys_ansible_aapwin

Input

Variable	Description
`gmsa_identity`	Name of the gMSA to disable
`domain_user`	Domain username for authentication
`domain_password`	Domain password for authentication
`whatif`	Run in check mode (yes/no)

Output

None

Dependencies