foreman_auth_source_ldap – Manage Foreman LDAP authentication sources using Foreman API¶
Parameters¶
Parameter | Choices/Defaults | Comments |
---|---|---|
account
string
|
Account name to use when accessing the LDAP server.
|
|
account_password
string
|
Account password to use when accessing the LDAP server.
Required when using onthefly_register.
When this parameter is set, the module will not be idempotent.
|
|
attr_firstname
string
|
Attribute containing first name.
Required when using onthefly_register.
|
|
attr_lastname
string
|
Attribute containing last name.
Required when using onthefly_register.
|
|
attr_login
string
|
Attribute containing login ID.
Required when using onthefly_register.
|
|
attr_mail
string
|
Attribute containing email address.
Required when using onthefly_register.
|
|
attr_photo
string
|
Attribute containing user photo
|
|
base_dn
string
|
The base DN to use when searching.
|
|
groups_base
string
|
Base DN where groups reside.
|
|
host
string
/ required
|
The hostname of the LDAP server
|
|
ldap_filter
string
|
Filter to apply to LDAP searches
|
|
locations
list
/ elements=string
|
List of locations the entity should be assigned to
|
|
name
string
/ required
|
The name of the LDAP authentication source
|
|
onthefly_register
boolean
|
|
Whether or not to register users on the fly.
|
organizations
list
/ elements=string
|
List of organizations the entity should be assigned to
|
|
password
string
/ required
|
Password of the user accessing the Foreman server
|
|
port
integer
|
Default: 389
|
The port number of the LDAP server
|
server_type
string
|
|
Type of the LDAP server
|
server_url
string
/ required
|
URL of the Foreman server
|
|
state
string
|
|
State of the entity in Foreman
|
tls
boolean
|
|
Whether or not to use TLS when contacting the LDAP server.
|
use_netgroups
boolean
|
|
Whether to use NIS netgroups instead of posix groups, not valid for server_type=active_directory
|
usergroup_sync
boolean
|
|
Whether or not to sync external user groups on login
|
username
string
/ required
|
Username accessing the Foreman server
|
|
validate_certs
boolean
|
|
Whether or not to verify the TLS certificates of the Foreman server
aliases: verify_ssl |
Examples¶
- name: LDAP Authentication source
foreman_auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
server_url: "https://foreman.example.com"
locations:
- "Uppsala"
organizations:
- "Sweden"
username: "admin"
password: "secret"
state: present
- name: LDAP Authentication with automatic registration
foreman_auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
onthefly_register: True
account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com
account_password: secret
base_dn: dc=example,dc=com
groups_base: cn=groups,cn=accounts, dc=example,dc=com
server_type: free_ipa
attr_login: uid
attr_firstname: givenName
attr_lastname: sn
attr_mail: mail
attr_photo: jpegPhoto
server_url: "https://foreman.example.com"
username: "admin"
password: "secret"
state: present
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]
Authors¶
Christoffer Reijer (@ephracis) Basalt AB
Hint
If you notice any issues in this documentation, you can edit this document to improve it.