theforeman.foreman.auth_source_ldap – Manage LDAP Authentication Sources

From Get docs
Ansible/docs/2.10/collections/theforeman/foreman/auth source ldap module


theforeman.foreman.auth_source_ldap – Manage LDAP Authentication Sources

Note

This plugin is part of the theforeman.foreman collection (version 1.5.1).

To install it use: ansible-galaxy collection install theforeman.foreman.

To use it in a playbook, specify: theforeman.foreman.auth_source_ldap.


New in version 1.0.0: of theforeman.foreman


Synopsis

  • Create, update, and delete LDAP authentication sources

Requirements

The below requirements are needed on the host that executes this module.

  • requests

Parameters

Parameter Choices/Defaults Comments

account

string

Account name to use when accessing the LDAP server.

account_password

string

Account password to use when accessing the LDAP server.

Required when using onthefly_register.

When this parameter is set, the module will not be idempotent.

attr_firstname

string

Attribute containing first name.

Required when using onthefly_register.

attr_lastname

string

Attribute containing last name.

Required when using onthefly_register.

attr_login

string

Attribute containing login ID.

Required when using onthefly_register.

attr_mail

string

Attribute containing email address.

Required when using onthefly_register.

attr_photo

string

Attribute containing user photo

base_dn

string

The base DN to use when searching.

groups_base

string

Base DN where groups reside.

host

string / required

The hostname of the LDAP server

ldap_filter

string

Filter to apply to LDAP searches

locations

list / elements=string

List of locations the entity should be assigned to

name

string / required

The name of the LDAP authentication source

onthefly_register

boolean

  • no
  • yes

Whether or not to register users on the fly.

organizations

list / elements=string

List of organizations the entity should be assigned to

password

string / required

Password of the user accessing the Foreman server.

If the value is not specified in the task, the value of environment variable FOREMAN_PASSWORD will be used instead.

port

integer

Default:

389

The port number of the LDAP server

server_type

string

  • free_ipa
  • active_directory
  • posix

Type of the LDAP server

server_url

string / required

URL of the Foreman server.

If the value is not specified in the task, the value of environment variable FOREMAN_SERVER_URL will be used instead.

state

string

  • present

  • absent

State of the entity

tls

boolean

  • no
  • yes

Whether or not to use TLS when contacting the LDAP server.

use_netgroups

boolean

  • no
  • yes

Whether to use NIS netgroups instead of posix groups, not valid for server_type=active_directory

usergroup_sync

boolean

  • no
  • yes

Whether or not to sync external user groups on login

username

string / required

Username accessing the Foreman server.

If the value is not specified in the task, the value of environment variable FOREMAN_USERNAME will be used instead.

validate_certs

boolean

  • no
  • yes

Whether or not to verify the TLS certificates of the Foreman server.

If the value is not specified in the task, the value of environment variable FOREMAN_VALIDATE_CERTS will be used instead.



Examples

- name: LDAP Authentication source
  theforeman.foreman.auth_source_ldap:
    name: "Example LDAP"
    host: "ldap.example.org"
    server_url: "https://foreman.example.com"
    locations:
      - "Uppsala"
    organizations:
      - "Sweden"
    username: "admin"
    password: "changeme"
    state: present

- name: LDAP Authentication with automatic registration
  theforeman.foreman.auth_source_ldap:
    name: "Example LDAP"
    host: "ldap.example.org"
    onthefly_register: True
    account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com
    account_password: secret
    base_dn: dc=example,dc=com
    groups_base: cn=groups,cn=accounts, dc=example,dc=com
    server_type: free_ipa
    attr_login: uid
    attr_firstname: givenName
    attr_lastname: sn
    attr_mail: mail
    attr_photo: jpegPhoto
    server_url: "https://foreman.example.com"
    username: "admin"
    password: "changeme"
    state: present

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

entity

dictionary

success

Final state of the affected entities grouped by their type.


auth_source_ldaps

list / elements=dictionary

success

List of auth sources for LDAP.





Authors

  • Christoffer Reijer (@ephracis) Basalt AB

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/theforeman/foreman/auth_source_ldap_module.html