Select Git revision
README-user.md
-
Rafael Guterres Jeffman authored
Attributes 'first' and 'last' are required if user does not exist, but current documentation doesn't make it clear. This patch adds a note on both attributes to make clear the cases where the attribute is required
Rafael Guterres Jeffman authoredAttributes 'first' and 'last' are required if user does not exist, but current documentation doesn't make it clear. This patch adds a note on both attributes to make clear the cases where the attribute is required
README-user.md 12.28 KiB
User module
Description
The user module allows to ensure presence, absence, disablement, unlocking and undeletion of users.
The user module is as compatible as possible to the Ansible upstream ipa_user module, but additionally offers to preserve delete, enable, disable, unlock and undelete users.
Features
- User management
Supported FreeIPA Versions
FreeIPA versions 4.4.0 and up are supported by the ipauser module.
Requirements
Controller
- Ansible version: 2.8+
Node
- Supported FreeIPA version (see above)
Usage
Example inventory file
[ipaserver]
ipaserver.test.localExample playbook to ensure a user is present:
---
- name: Playbook to handle users
hosts: ipaserver
become: true
tasks:
# Ensure user pinky is present
- ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
first: pinky
last: Acme
uid: 10001
gid: 100
phone: "+555123457"
email: pinky@acme.com
passwordexpiration: "2023-01-19 23:59:59"
password: "no-brain"
update_password: on_create
# Ensure user brain is present
- ipauser:
ipaadmin_password: SomeADMINpassword
name: brain
first: brain
last: Acmeupdate_password controls if a password for a user will be set in present state only on creation or every time (always).
These two ipauser module calls can be combined into one with the users variable: