theforeman.foreman.auth_source_ldap module – Manage LDAP Authentication Sources
Note
This module is part of the theforeman.foreman collection (version 4.2.0).
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install theforeman.foreman
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: theforeman.foreman.auth_source_ldap
.
New in theforeman.foreman 1.0.0
Synopsis
Create, update, and delete LDAP authentication sources
Aliases: foreman_auth_source_ldap
Requirements
The below requirements are needed on the host that executes this module.
requests
Parameters
Parameter |
Comments |
---|---|
Account name to use when accessing the LDAP server. |
|
Account password to use when accessing the LDAP server. Required when using onthefly_register. When this parameter is set, the module will not be idempotent. |
|
Attribute containing first name. Required when using onthefly_register. |
|
Attribute containing last name. Required when using onthefly_register. |
|
Attribute containing login ID. Required when using onthefly_register. |
|
Attribute containing email address. Required when using onthefly_register. |
|
Attribute containing user photo |
|
The base DN to use when searching. |
|
Base DN where groups reside. |
|
The hostname of the LDAP server |
|
Filter to apply to LDAP searches |
|
List of locations the entity should be assigned to |
|
The name of the LDAP authentication source |
|
Whether or not to register users on the fly. Choices:
|
|
List of organizations the entity should be assigned to |
|
Password of the user accessing the Foreman server. If the value is not specified in the task, the value of environment variable |
|
The port number of the LDAP server Default: |
|
Type of the LDAP server Choices:
|
|
URL of the Foreman server. If the value is not specified in the task, the value of environment variable |
|
State of the entity Choices:
|
|
Whether or not to use TLS when contacting the LDAP server. Choices:
|
|
Whether to use NIS netgroups instead of posix groups, not valid for server_type=active_directory Choices:
|
|
Whether or not to sync external user groups on login Choices:
|
|
Username accessing the Foreman server. If the value is not specified in the task, the value of environment variable |
|
Whether or not to verify the TLS certificates of the Foreman server. If the value is not specified in the task, the value of environment variable Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: full |
Can run in check_mode and return changed status prediction without modifying the entity |
|
Support: full |
Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode |
Examples
- name: Simple FreeIPA authentication source
theforeman.foreman.auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
server_url: "https://foreman.example.com"
locations:
- "Uppsala"
organizations:
- "Sweden"
username: "admin"
password: "changeme"
state: present
- name: FreeIPA with automatic registration
theforeman.foreman.auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
onthefly_register: true
account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com
account_password: secret
base_dn: dc=example,dc=com
groups_base: cn=groups,cn=accounts, dc=example,dc=com
server_type: free_ipa
attr_login: uid
attr_firstname: givenName
attr_lastname: sn
attr_mail: mail
attr_photo: jpegPhoto
server_url: "https://foreman.example.com"
username: "admin"
password: "changeme"
state: present
- name: Active Directory with automatic registration
theforeman.foreman.auth_source_ldap:
name: "Example AD"
host: "ad.example.org"
onthefly_register: true
account: EXAMPLE\ansible
account_password: secret
base_dn: cn=Users,dc=example,dc=com
groups_base: cn=Users,dc=example,dc=com
server_type: active_directory
attr_login: sAMAccountName
attr_firstname: givenName
attr_lastname: sn
attr_mail: mail
ldap_filter: (memberOf=CN=Domain Users,CN=Users,DC=example,DC=com)
server_url: "https://foreman.example.com"
username: "admin"
password: "changeme"
state: present
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Final state of the affected entities grouped by their type. Returned: success |
|
List of auth sources for LDAP. Returned: success |