- Jul 24, 2023
-
-
Thomas Woerner authored
ci: Increase verbosity for Ansible playbook runs
-
- Jul 21, 2023
-
-
Rafael Guterres Jeffman authored
ansible_freeipa_module: Fix ipa_command_invalid_param_choices
-
Rafael Guterres Jeffman authored
Some test failures requires more information than just the playbook simple output. By increasing verbosity, the used parameters and the failed line will be visible in the test error report, making it easier to identify, reproduce and fix the issue.
-
Thomas Woerner authored
Fix ipa_command_invalid_param_choices for IPA 4.6 (RHEL-7) - krbprincipalauthind in host_add does not have choices defined - krbprincipalauthind in service_add does not have choices defined api.Command[command].params[name].cli_metavar returns "STR" and ast.literal_eval failes with a ValueError "malformed string". There is no way to verify that the given values are valid or not in this case. The check is done later on while applying the change with host_add, host_mod, service_add and service_mod.
-
- Jul 20, 2023
-
-
Thomas Woerner authored
ipauser: Support for External IdP attributes.
-
- Jul 19, 2023
-
-
Rafael Guterres Jeffman authored
Add support for 'idp' and 'idp_user_id' to ipauser plugin. FreeIPA 4.10.0 is required for both attributes.
-
Rafael Guterres Jeffman authored
Update authtypes authind readmes
-
Thomas Woerner authored
The parameter user_auth_type has been updated in FreeIPA. The choices pkinit, hardened and idp have been missing and are now added.
-
Thomas Woerner authored
The parameter auth_ind has been updated in FreeIPA. The choice idp have been missing and is now added.
-
Thomas Woerner authored
The parameter auth_ind has been updated in FreeIPA. The choice idp have been missing and is now added.
-
Thomas Woerner authored
The parameter user_auth_type has been updated in FreeIPA. The choices pkinit, hardened and idp have been missing and are now added.
-
Thomas Woerner authored
ipaserver: Update README with detailed Ubuntu support
-
Rafael Guterres Jeffman authored
Update authtypes authind
-
Thomas Woerner authored
ipaautomountmap: add support for indirect maps
-
Rafael Guterres Jeffman authored
Ubuntu does not have a FreeIPA server package since version 20.04. As versions 16.04 (Xenial Xerus) and 18.04 (Bionic Beaver) will be supported by Canonical until 2026 and 2028, repectively, we should keep existing support for both versions in the ipaserver, ipareplica and ipabackup roles until them. This patch changes documentation to reflect that only those versions are supported.
-
Rafael Guterres Jeffman authored
Indirect maps were not supported by ansible-freeipa ipaautomountmap. This patch adds support for adding indirect automount maps using the "parent" and "mount" parameters, if the map do not yet exist. An existing map cannot be modified. The "parent" parameter must match an existing automount map, and the "mount" parameter is required if "parent" is used. A new example playbook can be found at: playbooks/automount/automount-map-indirect-map.yml A new test playbook was added to test the feature: tests/automount/test_automountmap_indirect.yml
-
Thomas Woerner authored
The parameter user_auth_type has been updated in FreeIPA. The choices pkinit, hardened and idp have been missing and are now added. An additional check was added to verify that the values of the user_auth_type list are valid for the used IPA version.
-
Thomas Woerner authored
The parameter auth_ind has been updated in FreeIPA. The choice idp have been missing and is now added. An additional check was added to verify that the values of the auth_ind list are valid for the used IPA version.
-
Thomas Woerner authored
The parameter auth_ind has been updated in FreeIPA. The choice idp have been missing and is now added. An additional check was added to verify that the values of the auth_ind list are valid for the used IPA version.
-
Thomas Woerner authored
The parameter user_auth_type has been updated in FreeIPA. The choices pkinit, hardened and idp have been missing and are now added. An additional check was added to verify that the values of the user_auth_type list are valid for the used IPA version.
-
Thomas Woerner authored
New IPAAnsibleModule.ipa_command_invalid_param_choices method to return invalid parameter choices for an IPA command. This is needed to verify for example if userauthtype and authind are supporting the idp value.
-
- Jul 17, 2023
-
-
Thomas Woerner authored
utils/run-tests.sh: Install Ansible collections on virtual environment
-
Thomas Woerner authored
ipauser: Add support for SMB attributes.
-
- Jul 15, 2023
-
-
Rafael Guterres Jeffman authored
When runing tests using 'utils/run-tests.sh' from inside an existing Python virtual environment the Ansible collections are not installed due to the order of execution of the script. On a machine that does not have the 'containers.*' collection the test fails as there is no container connector available. This patch moves the section that installs Ansible collections to run after the virtual environment is configured, and then install the collections (usually, only 'containers.podman'), allowing the tests to be executed.
-
- Jul 14, 2023
-
-
Rafael Guterres Jeffman authored
Since FreeIPA version 4.8.0 ipauser has support for smb-logon-script, smb-profile-path, smb-home-dir, and smb-home-drive drive attributes. On FreeIPA, these attributes are only available when modifying a user, so if the user defined in the playbook does not exist, two calls to IPA API are executed, a 'user_add' followed by a 'user_mod'. (see https://github.com/freeipa/freeipa/blob/master/doc/designs/adtrust/samba-domain-controller.md A new example playbook can be found at: playbooks/user/smb-attributes.yml A new test playbook can be found at: tests/user/test_user_smb_attrs.yml
-
Thomas Woerner authored
doc: Differentiate location meaning between host and server
-
Rafael Guterres Jeffman authored
Host location and server location have very different meanings in IPA. ipahost uses 'location' as an optional hint to where the host may be physically located, ipaserever uses location to identify which DNS location the server is part of. This change updates documentation to make attribute description more clear. Surrounding text have been changed to match text style as used in other plugins. This patch is related to: https://github.com/freeipa/freeipa/pull/6840
-
Thomas Woerner authored
Fix handling of ipapwpolicy attributes usercheck and dictcheck
-
Thomas Woerner authored
upstream CI: Update ansible-core version
-
Thomas Woerner authored
Remove dependency on 'virtualenv'
-
- Jul 13, 2023
-
-
Rafael Guterres Jeffman authored
'virtualenv' is an external dependency with the same purpose of Python's 'venv' module. This patch removes the external dependency in favor of the readily available package.
-
- Jul 12, 2023
-
-
Thomas Woerner authored
ipauser: Add support for parameter "street"
-
Rafael Guterres Jeffman authored
ipauser plugin was missing user parameter "street". Tests were updated to reflect the new parameter.
-
Thomas Woerner authored
ipauser: Add support to modify GECOS field.
-
- Jul 11, 2023
-
-
Rafael Guterres Jeffman authored
Most of ipapwpolicy parameters can be set to an empty string ("") so that the policy is not applied to pwpolicy. This was not refelected on the documentation. This change adds 'or ""' to all the fields that can be disabled by setting it to an empty string. Also, `data types were reviewed and fixed.
-
Rafael Guterres Jeffman authored
Modified handling of boolean values by using Ansible's 'boolean()' check function so that a string can be used and either a bool value is accepted or an empty string. As the error message was changed to use the same Ansible message, tests were also updated.
-
Rafael Guterres Jeffman authored
Export Ansible's 'boolean' parsing function so it can be used to verify if a string can be handled as a truthy value, allowing module parameters to use strings instead of bools, as strings can be cleared by using empty strings.
-
- Jul 10, 2023
-
-
Rafael Guterres Jeffman authored
This patch adds a new parameter to ipauser, 'gecos', which can be used to set the 'gecos' field of an IPA user. The default behavior of automatically set the GECOS field to "<first> <last>" is not modified, it is only possible to change the field to a custom value. No validation on the value provided is done, as it is with FreeIPA.
-
- Jun 15, 2023
-
-
Rafael Guterres Jeffman authored
Singular to plural on random serial numbers setting
-
Renich Bon Ciric authored
The setting was in singular in the example while being documented in plural form.
-