-
Rafael Guterres Jeffman authored
As ansible-freeipa roles do not support version 2.8 anymore, change the minimum supported version to 2.13, which is the currently minimum available and supported Ansible version. This patch fixes documentation on all plugin READMEs, spec file and module templates.
Rafael Guterres Jeffman authoredAs ansible-freeipa roles do not support version 2.8 anymore, change the minimum supported version to 2.13, which is the currently minimum available and supported Ansible version. This patch fixes documentation on all plugin READMEs, spec file and module templates.
README-selfservice.md 3.47 KiB
Selfservice module
Description
The selfservice module allows to ensure presence, absence of selfservices and selfservice attributes.
Features
- Selfservice management
Supported FreeIPA Versions
FreeIPA versions 4.4.0 and up are supported by the ipaselfservice module.
Requirements
Controller
- Ansible version: 2.13+
Node
- Supported FreeIPA version (see above)
Usage
Example inventory file
[ipaserver]
ipaserver.test.localExample playbook to make sure selfservice "Users can manage their own name details" is present:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
permission: read
attribute:
- title
- initialsExample playbook to make sure selfservice "Users can manage their own name details" is absent:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
state: absentExample playbook to make sure "Users can manage their own name details" member attribute initials is present:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- initials
action: memberExample playbook to make sure "Users can manage their own name details" member attribute initials is absent:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
attribute:
- initials
action: member
state: absentExample playbook to make sure selfservice "Users can manage their own name details" is absent:
---
- name: Playbook to manage IPA selfservice.
hosts: ipaserver
become: yes
tasks:
- ipaselfservice:
ipaadmin_password: SomeADMINpassword
name: "Users can manage their own name details"
state: absentVariables
| Variable | Description | Required |
|---|---|---|
ipaadmin_principal |
The admin principal is a string and defaults to admin
|
no |
ipaadmin_password |
The admin password is a string and is required if there is no admin ticket available on the node | no |
ipaapi_context |
The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. Valid values are server and client. |
no |
ipaapi_ldap_cache |
Use LDAP cache for IPA connection. The bool setting defaults to yes. (bool) | no |
name | aciname
|
The list of selfservice name strings. | yes |
permission | permissions
|
The permission to grant read, read,write, write]. Default is write. |
no |
attribute | attrs
|
The attribute list to which the selfservice applies. | no |
action |
Work on selfservice or member level. It can be on of member or selfservice and defaults to selfservice. |
no |
state |
The state to ensure. It can be one of present, absent, default: present. |
no |
Authors
Thomas Woerner