diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/domainservices.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/domainservices.json index 30149f31ae03..921541f8e455 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/domainservices.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/domainservices.json @@ -51,6 +51,9 @@ "Get Operations": { "$ref": "./examples/GetOperations.json" } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } } }, @@ -83,7 +86,9 @@ "$ref": "./examples/ListDomainServicesBySubscription.json" } }, - "x-ms-pageable": {} + "x-ms-pageable": { + "nextLinkName": "nextLink" + } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.AAD/domainServices": { @@ -118,7 +123,9 @@ "$ref": "./examples/ListDomainServicesByResourceGroup.json" } }, - "x-ms-pageable": {} + "x-ms-pageable": { + "nextLinkName": "nextLink" + } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.AAD/domainServices/{domainServiceName}": { @@ -343,7 +350,8 @@ }, "location": { "type": "string", - "description": "Resource location" + "description": "Resource location", + "x-ms-mutability":["read", "create"] }, "tags": { "type": "object", @@ -385,6 +393,11 @@ "$ref": "#/definitions/DomainService" }, "description": "the list of domain services." + }, + "nextLink": { + "type": "string", + "description": "The continuation token for the next page of results.", + "readOnly": true } }, "description": "The response from the List Domain Services operation." @@ -414,6 +427,50 @@ "$ref": "#/definitions/LdapsSettings", "description": "Secure LDAP Settings" }, + "healthLastEvaluated": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "Last domain evaluation run DateTime" + }, + "healthMonitors": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/HealthMonitor", + "description": "Domain Health Monitors" + }, + "description": "List of Domain Health Monitors" + }, + "healthAlerts": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/HealthAlert", + "description": "Domain Health Alerts" + }, + "description": "List of Domain Health Alerts" + }, + "notificationSettings": { + "$ref": "#/definitions/NotificationSettings", + "description": "Notification Settings" + }, + "domainSecuritySettings": { + "$ref": "#/definitions/DomainSecuritySettings", + "description": "DomainSecurity Settings" + }, + "filteredSync": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Enabled or Disabled flag to turn on Group-based filtered sync", + "x-ms-enum": { + "name": "filteredSync", + "modelAsString": true + } + }, "domainControllerIpAddress": { "readOnly": true, "type": "array", @@ -441,6 +498,26 @@ "ldapsSettings": { "$ref": "#/definitions/LdapsSettings", "description": "Secure LDAP Settings" + }, + "notificationSettings": { + "$ref": "#/definitions/NotificationSettings", + "description": "Notification Settings" + }, + "domainSecuritySettings": { + "$ref": "#/definitions/DomainSecuritySettings", + "description": "DomainSecurity Settings" + }, + "filteredSync": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Enabled or Disabled flag to turn on Group-based filtered sync", + "x-ms-enum": { + "name": "filteredSync", + "modelAsString": true + } } } }, @@ -502,6 +579,146 @@ } } }, + "HealthMonitor": { + "description": "Health Monitor Description", + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Health Monitor Id" + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Health Monitor Name" + }, + "details": { + "readOnly": true, + "type": "string", + "description": "Health Monitor Details" + } + } + }, + "HealthAlert": { + "description": "Health Alert Description", + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Health Alert Id" + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Health Alert Name" + }, + "issue": { + "readOnly": true, + "type": "string", + "description": "Health Alert Issue" + }, + "severity": { + "readOnly": true, + "type": "string", + "description": "Health Alert Severity" + }, + "raised": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "Health Alert Raised DateTime" + }, + "lastDetected": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "Health Alert Last Detected DateTime" + }, + "resolutionUri": { + "readOnly": true, + "type": "string", + "description": "Health Alert TSG Link" + } + } + }, + "NotificationSettings": { + "description": "Settings for notification", + "properties": { + "notifyGlobalAdmins": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Should global admins be notified", + "x-ms-enum": { + "name": "notifyGlobalAdmins", + "modelAsString": true + } + }, + "notifyDcAdmins": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Should domain controller admins be notified", + "x-ms-enum": { + "name": "notifyDcAdmins", + "modelAsString": true + } + }, + "additionalRecipients": { + "type": "array", + "items": { + "type": "string", + "description": "Email address for additional recipient" + }, + "description": "The list of additional recipients" + } + } + }, + "DomainSecuritySettings": { + "description": "Domain Security Settings", + "properties": { + "ntlmV1": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "A flag to determine whether or not NtlmV1 is enabled or disabled.", + "x-ms-enum": { + "name": "NtlmV1", + "modelAsString": true + } + }, + "tlsV1": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "A flag to determine whether or not TlsV1 is enabled or disabled.", + "x-ms-enum": { + "name": "TlsV1", + "modelAsString": true + } + }, + "syncNtlmPasswords": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "A flag to determine whether or not SyncNtlmPasswords is enabled or disabled.", + "x-ms-enum": { + "name": "SyncNtlmPasswords", + "modelAsString": true + } + } + } + }, "OperationEntityListResult": { "description": "The list of domain service operation response.", "type": "object", @@ -512,6 +729,11 @@ "items": { "$ref": "#/definitions/OperationEntity" } + }, + "nextLink": { + "type": "string", + "description": "The continuation token for the next page of results.", + "readOnly": true } } }, diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/CreateDomainService.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/CreateDomainService.json index 590992eeae7f..b20f42e912d9 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/CreateDomainService.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/CreateDomainService.json @@ -7,7 +7,24 @@ "location": "westus", "properties": { "domainName": "zdomain.zforest.com", - "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.ClassicNetwork/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1" + "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.ClassicNetwork/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", + "ldapsSettings": { + "ldaps": "Enabled", + "pfxCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", + "pfxCertificatePassword": "Password01", + "externalAccess": "Enabled" + } } }, "responses": { @@ -24,6 +41,25 @@ "domainName": "zdomain.zforest.com", "vnetSiteId": "99083198-a39c-469f-972d-59017e7f078c", "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.ClassicNetwork/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "ldapsSettings": { + "ldaps": "Enabled", + "publicCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", + "certificateThumbprint": "9154A390F0C387D679E0DD040701745CDFED67F3", + "certificateNotAfter": "2018-02-15T21:43:21Z", + "externalAccess": "Enabled", + "externalAccessIpAddress": "13.64.148.151" + }, + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" @@ -46,6 +82,25 @@ "domainName": "zdomain.zforest.com", "vnetSiteId": "99083198-a39c-469f-972d-59017e7f078c", "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.ClassicNetwork/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "ldapsSettings": { + "ldaps": "Enabled", + "publicCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", + "certificateThumbprint": "9154A390F0C387D679E0DD040701745CDFED67F3", + "certificateNotAfter": "2018-02-15T21:43:21Z", + "externalAccess": "Enabled", + "externalAccessIpAddress": "13.64.148.151" + }, + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" @@ -66,6 +121,21 @@ "properties": { "domainName": "zdomain.zforest.com", "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.ClassicNetwork/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "ldapsSettings": { + "ldaps": "Enabled", + "externalAccess": "Enabled" + }, + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "provisioningState": "Accepted" } } diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetDomainService.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetDomainService.json index 36606c8a3f88..0f24a45bb4c0 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetDomainService.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetDomainService.json @@ -30,6 +30,41 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, + "healthLastEvaluated": "2018-02-15T21:43:21Z", + "healthMonitors": [ + { + "id": "AADDS501", + "name": "Backup", + "details": "Last backed up on Tue, 18 Sep 2018 03:37:04 GMT" + }, + { + "id": "AADDS500", + "name": "Synchronization with Azure AD", + "details": "Synchronized on Tue, 18 Sep 2018 16:47:57 GMT." + } + ], + "healthAlerts": [ + { + "id": "AADDS104", + "name": "The managed domain is experiencing a network error", + "issue": "Microsoft is unable to reach the domain controllers for this managed domain. This may happen if a network security group (NSG) configured on your virtual network blocks access to the managed domain. Another possible reason is if there is a user defined route that blocks incoming traffic from the internet.", + "severity": "2", + "raised": "2018-09-18T01:55:40.7834289Z", + "lastDetected": "2018-09-18T17:46:39.2697888Z", + "resolutionUri": "https://aka.ms/aadds-neterr" + } + ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetOperations.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetOperations.json index 8794fcffa0c0..069295ce6c6a 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetOperations.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/GetOperations.json @@ -6,6 +6,26 @@ "200": { "body": { "value": [ + { + "name": "Microsoft.AAD/unregister/action", + "display": { + "provider": "Domain Services Resource Provider", + "resource": "Domain Service Type", + "operation": "Unregister Domain Service", + "description": "Unregisters Domain Services" + }, + "origin": "user,system" + }, + { + "name": "Microsoft.AAD/register/action", + "display": { + "provider": "Domain Services Resource Provider", + "resource": "Domain Service Type", + "operation": "Register Domain Service", + "description": "Registers Domain Services" + }, + "origin": "user,system" + }, { "name": "Microsoft.AAD/domainServices/read", "display": { diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesByResourceGroup.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesByResourceGroup.json index bfcb6d403f73..26dde59f81b6 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesByResourceGroup.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesByResourceGroup.json @@ -31,6 +31,41 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, + "healthLastEvaluated": "2018-02-15T21:43:21Z", + "healthMonitors": [ + { + "id": "AADDS501", + "name": "Backup", + "details": "Last backed up on Tue, 18 Sep 2018 03:37:04 GMT" + }, + { + "id": "AADDS500", + "name": "Synchronization with Azure AD", + "details": "Synchronized on Tue, 18 Sep 2018 16:47:57 GMT." + } + ], + "healthAlerts": [ + { + "id": "AADDS104", + "name": "The managed domain is experiencing a network error", + "issue": "Microsoft is unable to reach the domain controllers for this managed domain. This may happen if a network security group (NSG) configured on your virtual network blocks access to the managed domain. Another possible reason is if there is a user defined route that blocks incoming traffic from the internet.", + "severity": "2", + "raised": "2018-09-18T01:55:40.7834289Z", + "lastDetected": "2018-09-18T17:46:39.2697888Z", + "resolutionUri": "https://aka.ms/aadds-neterr" + } + ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesBySubscription.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesBySubscription.json index 6708edf59e18..34d7736bb318 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesBySubscription.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/ListDomainServicesBySubscription.json @@ -30,6 +30,41 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, + "healthLastEvaluated": "2018-02-15T21:43:21Z", + "healthMonitors": [ + { + "id": "AADDS501", + "name": "Backup", + "details": "Last backed up on Tue, 18 Sep 2018 03:37:04 GMT" + }, + { + "id": "AADDS500", + "name": "Synchronization with Azure AD", + "details": "Synchronized on Tue, 18 Sep 2018 16:47:57 GMT." + } + ], + "healthAlerts": [ + { + "id": "AADDS104", + "name": "The managed domain is experiencing a network error", + "issue": "Microsoft is unable to reach the domain controllers for this managed domain. This may happen if a network security group (NSG) configured on your virtual network blocks access to the managed domain. Another possible reason is if there is a user defined route that blocks incoming traffic from the internet.", + "severity": "2", + "raised": "2018-09-18T01:55:40.7834289Z", + "lastDetected": "2018-09-18T17:46:39.2697888Z", + "resolutionUri": "https://aka.ms/aadds-neterr" + } + ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/UpdateDomainService.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/UpdateDomainService.json index 2b5c384c95b7..80996d72a894 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/UpdateDomainService.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-01-01/examples/UpdateDomainService.json @@ -6,6 +6,17 @@ "domainServiceName": "zdomain.zforest.com", "location": "westus", "properties": { + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "ldapsSettings": { "ldaps": "Enabled", "pfxCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", @@ -39,10 +50,21 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, - "domainControllerIpAddress": [ - "10.0.0.5", - "10.0.0.8" - ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", + "domainControllerIpAddress": [ + "10.0.0.5", + "10.0.0.8" + ], "serviceStatus": "Running", "provisioningState": "Succeeded" } @@ -63,7 +85,18 @@ "pfxCertificatePassword": "Password01", "externalAccess": "Enabled" }, - "provisioningState": "Accepted" + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", + "provisioningState": "Accepted" } } } diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/domainservices.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/domainservices.json index 33096fee45af..a99ee09b1b70 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/domainservices.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/domainservices.json @@ -51,6 +51,9 @@ "Get Operations": { "$ref": "./examples/GetOperations.json" } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } } }, @@ -83,7 +86,9 @@ "$ref": "./examples/ListDomainServicesBySubscription.json" } }, - "x-ms-pageable": {} + "x-ms-pageable": { + "nextLinkName": "nextLink" + } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.AAD/domainServices": { @@ -118,7 +123,9 @@ "$ref": "./examples/ListDomainServicesByResourceGroup.json" } }, - "x-ms-pageable": {} + "x-ms-pageable": { + "nextLinkName": "nextLink" + } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.AAD/domainServices/{domainServiceName}": { @@ -344,7 +351,7 @@ "location": { "type": "string", "description": "Resource location", - "x-ms-mutability": ["create", "read"] + "x-ms-mutability":["read", "create"] }, "tags": { "type": "object", @@ -386,6 +393,11 @@ "$ref": "#/definitions/DomainService" }, "description": "the list of domain services." + }, + "nextLink": { + "type": "string", + "description": "The continuation token for the next page of results.", + "readOnly": true } }, "description": "The response from the List Domain Services operation." @@ -415,6 +427,50 @@ "$ref": "#/definitions/LdapsSettings", "description": "Secure LDAP Settings" }, + "healthLastEvaluated": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "Last domain evaluation run DateTime" + }, + "healthMonitors": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/HealthMonitor", + "description": "Domain Health Monitors" + }, + "description": "List of Domain Health Monitors" + }, + "healthAlerts": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/HealthAlert", + "description": "Domain Health Alerts" + }, + "description": "List of Domain Health Alerts" + }, + "notificationSettings": { + "$ref": "#/definitions/NotificationSettings", + "description": "Notification Settings" + }, + "domainSecuritySettings": { + "$ref": "#/definitions/DomainSecuritySettings", + "description": "DomainSecurity Settings" + }, + "filteredSync": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Enabled or Disabled flag to turn on Group-based filtered sync", + "x-ms-enum": { + "name": "filteredSync", + "modelAsString": true + } + }, "domainControllerIpAddress": { "readOnly": true, "type": "array", @@ -442,6 +498,26 @@ "ldapsSettings": { "$ref": "#/definitions/LdapsSettings", "description": "Secure LDAP Settings" + }, + "notificationSettings": { + "$ref": "#/definitions/NotificationSettings", + "description": "Notification Settings" + }, + "domainSecuritySettings": { + "$ref": "#/definitions/DomainSecuritySettings", + "description": "DomainSecurity Settings" + }, + "filteredSync": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Enabled or Disabled flag to turn on Group-based filtered sync", + "x-ms-enum": { + "name": "filteredSync", + "modelAsString": true + } } } }, @@ -503,6 +579,146 @@ } } }, + "HealthMonitor": { + "description": "Health Monitor Description", + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Health Monitor Id" + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Health Monitor Name" + }, + "details": { + "readOnly": true, + "type": "string", + "description": "Health Monitor Details" + } + } + }, + "HealthAlert": { + "description": "Health Alert Description", + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Health Alert Id" + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Health Alert Name" + }, + "issue": { + "readOnly": true, + "type": "string", + "description": "Health Alert Issue" + }, + "severity": { + "readOnly": true, + "type": "string", + "description": "Health Alert Severity" + }, + "raised": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "Health Alert Raised DateTime" + }, + "lastDetected": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "Health Alert Last Detected DateTime" + }, + "resolutionUri": { + "readOnly": true, + "type": "string", + "description": "Health Alert TSG Link" + } + } + }, + "NotificationSettings": { + "description": "Settings for notification", + "properties": { + "notifyGlobalAdmins": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Should global admins be notified", + "x-ms-enum": { + "name": "notifyGlobalAdmins", + "modelAsString": true + } + }, + "notifyDcAdmins": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "Should domain controller admins be notified", + "x-ms-enum": { + "name": "notifyDcAdmins", + "modelAsString": true + } + }, + "additionalRecipients": { + "type": "array", + "items": { + "type": "string", + "description": "Email address for additional recipient" + }, + "description": "The list of additional recipients" + } + } + }, + "DomainSecuritySettings": { + "description": "Domain Security Settings", + "properties": { + "ntlmV1": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "A flag to determine whether or not NtlmV1 is enabled or disabled.", + "x-ms-enum": { + "name": "NtlmV1", + "modelAsString": true + } + }, + "tlsV1": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "A flag to determine whether or not TlsV1 is enabled or disabled.", + "x-ms-enum": { + "name": "TlsV1", + "modelAsString": true + } + }, + "syncNtlmPasswords": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ], + "description": "A flag to determine whether or not SyncNtlmPasswords is enabled or disabled.", + "x-ms-enum": { + "name": "SyncNtlmPasswords", + "modelAsString": true + } + } + } + }, "OperationEntityListResult": { "description": "The list of domain service operation response.", "type": "object", @@ -513,6 +729,11 @@ "items": { "$ref": "#/definitions/OperationEntity" } + }, + "nextLink": { + "type": "string", + "description": "The continuation token for the next page of results.", + "readOnly": true } } }, diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/CreateDomainService.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/CreateDomainService.json index 131d7f1fba05..a733b630636a 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/CreateDomainService.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/CreateDomainService.json @@ -7,7 +7,24 @@ "location": "westus", "properties": { "domainName": "zdomain.zforest.com", - "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.Network/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1" + "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.Network/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", + "ldapsSettings": { + "ldaps": "Enabled", + "pfxCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", + "pfxCertificatePassword": "Password01", + "externalAccess": "Enabled" + } } }, "responses": { @@ -24,6 +41,25 @@ "domainName": "zdomain.zforest.com", "vnetSiteId": "99083198-a39c-469f-972d-59017e7f078c", "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.Network/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "ldapsSettings": { + "ldaps": "Enabled", + "publicCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", + "certificateThumbprint": "9154A390F0C387D679E0DD040701745CDFED67F3", + "certificateNotAfter": "2018-02-15T21:43:21Z", + "externalAccess": "Enabled", + "externalAccessIpAddress": "13.64.148.151" + }, + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" @@ -46,6 +82,25 @@ "domainName": "zdomain.zforest.com", "vnetSiteId": "99083198-a39c-469f-972d-59017e7f078c", "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.Network/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "ldapsSettings": { + "ldaps": "Enabled", + "publicCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", + "certificateThumbprint": "9154A390F0C387D679E0DD040701745CDFED67F3", + "certificateNotAfter": "2018-02-15T21:43:21Z", + "externalAccess": "Enabled", + "externalAccessIpAddress": "13.64.148.151" + }, + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" @@ -66,6 +121,21 @@ "properties": { "domainName": "zdomain.zforest.com", "subnetId": "/subscriptions/1639790a-76a2-4ac4-98d9-8562f5dfcb4d/resourceGroups/Default-Networking/providers/Microsoft.Network/virtualNetworks/DCIaasTmpWusNet/subnets/Subnet-1", + "ldapsSettings": { + "ldaps": "Enabled", + "externalAccess": "Enabled" + }, + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "provisioningState": "Accepted" } } diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetDomainService.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetDomainService.json index 851d28a69bf8..4ddf3f83e4e4 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetDomainService.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetDomainService.json @@ -30,6 +30,41 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, + "healthLastEvaluated": "2018-02-15T21:43:21Z", + "healthMonitors": [ + { + "id": "AADDS501", + "name": "Backup", + "details": "Last backed up on Tue, 18 Sep 2018 03:37:04 GMT" + }, + { + "id": "AADDS500", + "name": "Synchronization with Azure AD", + "details": "Synchronized on Tue, 18 Sep 2018 16:47:57 GMT." + } + ], + "healthAlerts": [ + { + "id": "AADDS104", + "name": "The managed domain is experiencing a network error", + "issue": "Microsoft is unable to reach the domain controllers for this managed domain. This may happen if a network security group (NSG) configured on your virtual network blocks access to the managed domain. Another possible reason is if there is a user defined route that blocks incoming traffic from the internet.", + "severity": "2", + "raised": "2018-09-18T01:55:40.7834289Z", + "lastDetected": "2018-09-18T17:46:39.2697888Z", + "resolutionUri": "https://aka.ms/aadds-neterr" + } + ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetOperations.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetOperations.json index 4c0a4159769b..85fe4edf4a99 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetOperations.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/GetOperations.json @@ -6,6 +6,26 @@ "200": { "body": { "value": [ + { + "name": "Microsoft.AAD/unregister/action", + "display": { + "provider": "Domain Services Resource Provider", + "resource": "Domain Service Type", + "operation": "Unregister Domain Service", + "description": "Unregisters Domain Services" + }, + "origin": "user,system" + }, + { + "name": "Microsoft.AAD/register/action", + "display": { + "provider": "Domain Services Resource Provider", + "resource": "Domain Service Type", + "operation": "Register Domain Service", + "description": "Registers Domain Services" + }, + "origin": "user,system" + }, { "name": "Microsoft.AAD/domainServices/read", "display": { diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesByResourceGroup.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesByResourceGroup.json index 4313297f0a9f..cc23b381e7a9 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesByResourceGroup.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesByResourceGroup.json @@ -31,6 +31,41 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, + "healthLastEvaluated": "2018-02-15T21:43:21Z", + "healthMonitors": [ + { + "id": "AADDS501", + "name": "Backup", + "details": "Last backed up on Tue, 18 Sep 2018 03:37:04 GMT" + }, + { + "id": "AADDS500", + "name": "Synchronization with Azure AD", + "details": "Synchronized on Tue, 18 Sep 2018 16:47:57 GMT." + } + ], + "healthAlerts": [ + { + "id": "AADDS104", + "name": "The managed domain is experiencing a network error", + "issue": "Microsoft is unable to reach the domain controllers for this managed domain. This may happen if a network security group (NSG) configured on your virtual network blocks access to the managed domain. Another possible reason is if there is a user defined route that blocks incoming traffic from the internet.", + "severity": "2", + "raised": "2018-09-18T01:55:40.7834289Z", + "lastDetected": "2018-09-18T17:46:39.2697888Z", + "resolutionUri": "https://aka.ms/aadds-neterr" + } + ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesBySubscription.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesBySubscription.json index b3c9f69aeef7..b104614db5e7 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesBySubscription.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/ListDomainServicesBySubscription.json @@ -30,6 +30,41 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, + "healthLastEvaluated": "2018-02-15T21:43:21Z", + "healthMonitors": [ + { + "id": "AADDS501", + "name": "Backup", + "details": "Last backed up on Tue, 18 Sep 2018 03:37:04 GMT" + }, + { + "id": "AADDS500", + "name": "Synchronization with Azure AD", + "details": "Synchronized on Tue, 18 Sep 2018 16:47:57 GMT." + } + ], + "healthAlerts": [ + { + "id": "AADDS104", + "name": "The managed domain is experiencing a network error", + "issue": "Microsoft is unable to reach the domain controllers for this managed domain. This may happen if a network security group (NSG) configured on your virtual network blocks access to the managed domain. Another possible reason is if there is a user defined route that blocks incoming traffic from the internet.", + "severity": "2", + "raised": "2018-09-18T01:55:40.7834289Z", + "lastDetected": "2018-09-18T17:46:39.2697888Z", + "resolutionUri": "https://aka.ms/aadds-neterr" + } + ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "domainControllerIpAddress": [ "10.0.0.5", "10.0.0.8" diff --git a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/UpdateDomainService.json b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/UpdateDomainService.json index d3546b84778e..5d1d78faff69 100644 --- a/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/UpdateDomainService.json +++ b/specification/domainservices/resource-manager/Microsoft.AAD/stable/2017-06-01/examples/UpdateDomainService.json @@ -6,6 +6,17 @@ "domainServiceName": "zdomain.zforest.com", "location": "westus", "properties": { + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", "ldapsSettings": { "ldaps": "Enabled", "pfxCertificate": "MIIDPDCCAiSgAwIBAgIQQUI9P6tq2p9OFIJa7DLNvTANBgkqhkiG9w0BAQsFADAgMR4w...", @@ -39,10 +50,21 @@ "externalAccess": "Enabled", "externalAccessIpAddress": "13.64.148.151" }, - "domainControllerIpAddress": [ - "10.0.0.5", - "10.0.0.8" - ], + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", + "domainControllerIpAddress": [ + "10.0.0.5", + "10.0.0.8" + ], "serviceStatus": "Running", "provisioningState": "Succeeded" } @@ -63,7 +85,18 @@ "pfxCertificatePassword": "Password01", "externalAccess": "Enabled" }, - "provisioningState": "Accepted" + "domainSecuritySettings": { + "ntlmV1": "Enabled", + "tlsV1": "Disabled", + "syncNtlmPasswords": "Enabled" + }, + "notificationSettings": { + "notifyGlobalAdmins": "Enabled", + "notifyDcAdmins": "Enabled", + "additionalRecipients": [ "jicha@microsoft.com", "caalmont@microsoft.com" ] + }, + "filteredSync": "Enabled", + "provisioningState": "Accepted" } } }