Microsoft.NetApp activeDirectoryConfigs 2025-09-01-preview

Bicep resource definition

The activeDirectoryConfigs resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.NetApp/activeDirectoryConfigs resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.NetApp/activeDirectoryConfigs@2025-09-01-preview' = {
  scope: resourceSymbolicName or scope
  identity: {
    type: 'string'
    userAssignedIdentities: {
      {customized property}: {}
    }
  }
  location: 'string'
  name: 'string'
  properties: {
    administrators: [
      'string'
    ]
    backupOperators: [
      'string'
    ]
    dns: [
      'string'
    ]
    domain: 'string'
    organizationalUnit: 'string'
    secretPassword: {
      identity: {
        userAssignedIdentity: 'string'
      }
      keyVaultProperties: {
        keyVaultUri: 'string'
        secretName: 'string'
      }
    }
    securityOperators: [
      'string'
    ]
    site: 'string'
    smbServerName: 'string'
    userName: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}

Property Values

Microsoft.NetApp/activeDirectoryConfigs

Name	Description	Value
identity	The managed service identities assigned to this resource.	ManagedServiceIdentity
location	The geo-location where the resource lives	string (required)
name	The resource name	string Constraints: Min length = 1 Max length = 64 Pattern = `^[a-zA-Z][a-zA-Z0-9\-_]{0,63}$` (required)
properties	The resource-specific properties for this resource.	ActiveDirectoryConfigProperties
scope	Use when creating a resource at a scope that is different than the deployment scope.	Set this property to the symbolic name of a resource to apply the extension resource.
tags	Resource tags	Dictionary of tag names and values. See Tags in templates

ActiveDirectoryConfigProperties

Name	Description	Value
administrators	Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier	string[]
backupOperators	Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier	string[]
dns	An array of DNS server IP addresses(IPv4 only) for the Active Directory	string[]
domain	Name of the Active Directory domain	string Constraints: Max length = 255 (required)
organizationalUnit	The Organizational Unit (OU) within the Windows Active Directory	string Constraints: Max length = 255
secretPassword	Access password from Azure KeyVault Secrets to connect Active Directory	SecretPassword (required)
securityOperators	Domain Users in the Active directory to be given SecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier	string[]
site	The Active Directory site the service will limit Domain Controller discovery to	string Constraints: Max length = 63
smbServerName	NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes	string Constraints: Max length = 10
userName	A domain user account with permission to create machine accounts	string Constraints: Max length = 255

ManagedServiceIdentity

Name	Description	Value
type	Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).	'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required)
userAssignedIdentities	The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.	ManagedServiceIdentityUserAssignedIdentities

ManagedServiceIdentityUserAssignedIdentities

Name	Description	Value

SecretPassword

Name	Description	Value
identity	Identity used to authenticate to KeyVault. Applicable if keySource is 'Microsoft.KeyVault'.	SecretPasswordIdentity
keyVaultProperties	Properties provided by KeyVault.	SecretPasswordKeyVaultProperties

SecretPasswordIdentity

Name	Description	Value
userAssignedIdentity	The Azure resource identifier of the user assigned identity used to authenticate with key vault. Applicable if identity.type has 'UserAssigned'. It should match key of identity.userAssignedIdentities.	string

SecretPasswordKeyVaultProperties

Name	Description	Value
keyVaultUri	The Uri of KeyVault.	string Constraints: Max length = 255 (required)
secretName	The name of KeyVault password secret.	string Constraints: Max length = 127 (required)

TrackedResourceTags

Name	Description	Value

UserAssignedIdentity

Name	Description	Value

ARM template resource definition

The activeDirectoryConfigs resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.NetApp/activeDirectoryConfigs resource, add the following JSON to your template.

{
  "type": "Microsoft.NetApp/activeDirectoryConfigs",
  "apiVersion": "2025-09-01-preview",
  "name": "string",
  "identity": {
    "type": "string",
    "userAssignedIdentities": {
      "{customized property}": {
      }
    }
  },
  "location": "string",
  "properties": {
    "administrators": [ "string" ],
    "backupOperators": [ "string" ],
    "dns": [ "string" ],
    "domain": "string",
    "organizationalUnit": "string",
    "secretPassword": {
      "identity": {
        "userAssignedIdentity": "string"
      },
      "keyVaultProperties": {
        "keyVaultUri": "string",
        "secretName": "string"
      }
    },
    "securityOperators": [ "string" ],
    "site": "string",
    "smbServerName": "string",
    "userName": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property Values

Microsoft.NetApp/activeDirectoryConfigs

Name	Description	Value
apiVersion	The api version	'2025-09-01-preview'
identity	The managed service identities assigned to this resource.	ManagedServiceIdentity
location	The geo-location where the resource lives	string (required)
name	The resource name	string Constraints: Min length = 1 Max length = 64 Pattern = `^[a-zA-Z][a-zA-Z0-9\-_]{0,63}$` (required)
properties	The resource-specific properties for this resource.	ActiveDirectoryConfigProperties
tags	Resource tags	Dictionary of tag names and values. See Tags in templates
type	The resource type	'Microsoft.NetApp/activeDirectoryConfigs'

ActiveDirectoryConfigProperties

Name	Description	Value
administrators	Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier	string[]
backupOperators	Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier	string[]
dns	An array of DNS server IP addresses(IPv4 only) for the Active Directory	string[]
domain	Name of the Active Directory domain	string Constraints: Max length = 255 (required)
organizationalUnit	The Organizational Unit (OU) within the Windows Active Directory	string Constraints: Max length = 255
secretPassword	Access password from Azure KeyVault Secrets to connect Active Directory	SecretPassword (required)
securityOperators	Domain Users in the Active directory to be given SecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier	string[]
site	The Active Directory site the service will limit Domain Controller discovery to	string Constraints: Max length = 63
smbServerName	NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes	string Constraints: Max length = 10
userName	A domain user account with permission to create machine accounts	string Constraints: Max length = 255

ManagedServiceIdentity

Name	Description	Value
type	Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).	'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required)
userAssignedIdentities	The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.	ManagedServiceIdentityUserAssignedIdentities

ManagedServiceIdentityUserAssignedIdentities

Name	Description	Value

SecretPassword

Name	Description	Value
identity	Identity used to authenticate to KeyVault. Applicable if keySource is 'Microsoft.KeyVault'.	SecretPasswordIdentity
keyVaultProperties	Properties provided by KeyVault.	SecretPasswordKeyVaultProperties

SecretPasswordIdentity

Name	Description	Value
userAssignedIdentity	The Azure resource identifier of the user assigned identity used to authenticate with key vault. Applicable if identity.type has 'UserAssigned'. It should match key of identity.userAssignedIdentities.	string

SecretPasswordKeyVaultProperties

Name	Description	Value
keyVaultUri	The Uri of KeyVault.	string Constraints: Max length = 255 (required)
secretName	The name of KeyVault password secret.	string Constraints: Max length = 127 (required)

TrackedResourceTags

Name	Description	Value

UserAssignedIdentity

Name	Description	Value

Usage Examples

Terraform (AzAPI provider) resource definition

The activeDirectoryConfigs resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.NetApp/activeDirectoryConfigs resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.NetApp/activeDirectoryConfigs@2025-09-01-preview"
  name = "string"
  parent_id = "string"
  identity {
    type = "string"
    identity_ids = [
      "string"
    ]
  }
  location = "string"
  tags = {
    {customized property} = "string"
  }
  body = {
    properties = {
      administrators = [
        "string"
      ]
      backupOperators = [
        "string"
      ]
      dns = [
        "string"
      ]
      domain = "string"
      organizationalUnit = "string"
      secretPassword = {
        identity = {
          userAssignedIdentity = "string"
        }
        keyVaultProperties = {
          keyVaultUri = "string"
          secretName = "string"
        }
      }
      securityOperators = [
        "string"
      ]
      site = "string"
      smbServerName = "string"
      userName = "string"
    }
  }
}

Property Values

Microsoft.NetApp/activeDirectoryConfigs

Name	Description	Value
identity	The managed service identities assigned to this resource.	ManagedServiceIdentity
location	The geo-location where the resource lives	string (required)
name	The resource name	string Constraints: Min length = 1 Max length = 64 Pattern = `^[a-zA-Z][a-zA-Z0-9\-_]{0,63}$` (required)
parent_id	The ID of the resource to apply this extension resource to.	string (required)
properties	The resource-specific properties for this resource.	ActiveDirectoryConfigProperties
tags	Resource tags	Dictionary of tag names and values.
type	The resource type	"Microsoft.NetApp/activeDirectoryConfigs@2025-09-01-preview"

ActiveDirectoryConfigProperties

Name	Description	Value
administrators	Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier	string[]
backupOperators	Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier	string[]
dns	An array of DNS server IP addresses(IPv4 only) for the Active Directory	string[]
domain	Name of the Active Directory domain	string Constraints: Max length = 255 (required)
organizationalUnit	The Organizational Unit (OU) within the Windows Active Directory	string Constraints: Max length = 255
secretPassword	Access password from Azure KeyVault Secrets to connect Active Directory	SecretPassword (required)
securityOperators	Domain Users in the Active directory to be given SecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier	string[]
site	The Active Directory site the service will limit Domain Controller discovery to	string Constraints: Max length = 63
smbServerName	NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes	string Constraints: Max length = 10
userName	A domain user account with permission to create machine accounts	string Constraints: Max length = 255

ManagedServiceIdentity

Name	Description	Value
type	Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).	'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required)
userAssignedIdentities	The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.	ManagedServiceIdentityUserAssignedIdentities

ManagedServiceIdentityUserAssignedIdentities

Name	Description	Value

SecretPassword

Name	Description	Value
identity	Identity used to authenticate to KeyVault. Applicable if keySource is 'Microsoft.KeyVault'.	SecretPasswordIdentity
keyVaultProperties	Properties provided by KeyVault.	SecretPasswordKeyVaultProperties

SecretPasswordIdentity

Name	Description	Value
userAssignedIdentity	The Azure resource identifier of the user assigned identity used to authenticate with key vault. Applicable if identity.type has 'UserAssigned'. It should match key of identity.userAssignedIdentities.	string

SecretPasswordKeyVaultProperties

Name	Description	Value
keyVaultUri	The Uri of KeyVault.	string Constraints: Max length = 255 (required)
secretName	The name of KeyVault password secret.	string Constraints: Max length = 127 (required)

TrackedResourceTags

Name	Description	Value

UserAssignedIdentity

Name	Description	Value

Feedback

Was this page helpful?

Last updated on 2025-12-01

Share via

Microsoft.NetApp activeDirectoryConfigs 2025-09-01-preview

Bicep resource definition

Resource format

Property Values

Microsoft.NetApp/activeDirectoryConfigs

ActiveDirectoryConfigProperties

ManagedServiceIdentity

ManagedServiceIdentityUserAssignedIdentities

SecretPassword

SecretPasswordIdentity

SecretPasswordKeyVaultProperties

TrackedResourceTags

UserAssignedIdentity

ARM template resource definition

Resource format

Property Values

Microsoft.NetApp/activeDirectoryConfigs

ActiveDirectoryConfigProperties

ManagedServiceIdentity

ManagedServiceIdentityUserAssignedIdentities

SecretPassword

SecretPasswordIdentity

SecretPasswordKeyVaultProperties

TrackedResourceTags

UserAssignedIdentity

Usage Examples

Terraform (AzAPI provider) resource definition

Resource format

Property Values

Microsoft.NetApp/activeDirectoryConfigs

ActiveDirectoryConfigProperties

ManagedServiceIdentity

ManagedServiceIdentityUserAssignedIdentities

SecretPassword

SecretPasswordIdentity

SecretPasswordKeyVaultProperties

TrackedResourceTags

UserAssignedIdentity

Feedback

Additional resources