.. Document meta

:orphan:

.. |antsibull-internal-nbsp| unicode:: 0xA0
    :trim:

.. role:: ansible-attribute-support-label
.. role:: ansible-attribute-support-property
.. role:: ansible-attribute-support-full
.. role:: ansible-attribute-support-partial
.. role:: ansible-attribute-support-none
.. role:: ansible-attribute-support-na
.. role:: ansible-option-type
.. role:: ansible-option-elements
.. role:: ansible-option-required
.. role:: ansible-option-versionadded
.. role:: ansible-option-aliases
.. role:: ansible-option-choices
.. role:: ansible-option-choices-entry
.. role:: ansible-option-default
.. role:: ansible-option-default-bold
.. role:: ansible-option-configuration
.. role:: ansible-option-returned-bold
.. role:: ansible-option-sample-bold

.. Anchors

.. _ansible_collections.theforeman.foreman.auth_source_ldap_module:

.. Anchors: short name for ansible.builtin

.. Anchors: aliases



.. Title

theforeman.foreman.auth_source_ldap -- Manage LDAP Authentication Sources
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

.. Collection note

.. note::
    This plugin is part of the `theforeman.foreman collection <https://galaxy.ansible.com/theforeman/foreman>`_ (version 3.1.0).

    You might already have this collection installed if you are using the ``ansible`` package.
    It is not included in ``ansible-core``.
    To check whether it is installed, run :code:`ansible-galaxy collection list`.

    To install it, use: :code:`ansible-galaxy collection install theforeman.foreman`.

    To use it in a playbook, specify: :code:`theforeman.foreman.auth_source_ldap`.

.. version_added

.. versionadded:: 1.0.0 of theforeman.foreman

.. contents::
   :local:
   :depth: 1

.. Deprecated


Synopsis
--------

.. Description

- Create, update, and delete LDAP authentication sources


.. Aliases


.. Requirements

Requirements
------------
The below requirements are needed on the host that executes this module.

- requests


.. Options

Parameters
----------

.. rst-class:: ansible-option-table

.. list-table::
  :width: 100%
  :widths: auto
  :header-rows: 1

  * - Parameter
    - Comments

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-account"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-account:

      .. rst-class:: ansible-option-title

      **account**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-account" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Account name to use when accessing the LDAP server.


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-account_password"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-account_password:

      .. rst-class:: ansible-option-title

      **account_password**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-account_password" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Account password to use when accessing the LDAP server.

      Required when using \ :emphasis:`onthefly\_register`\ .

      When this parameter is set, the module will not be idempotent.


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-attr_firstname"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_firstname:

      .. rst-class:: ansible-option-title

      **attr_firstname**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-attr_firstname" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Attribute containing first name.

      Required when using \ :emphasis:`onthefly\_register`\ .


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-attr_lastname"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_lastname:

      .. rst-class:: ansible-option-title

      **attr_lastname**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-attr_lastname" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Attribute containing last name.

      Required when using \ :emphasis:`onthefly\_register`\ .


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-attr_login"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_login:

      .. rst-class:: ansible-option-title

      **attr_login**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-attr_login" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Attribute containing login ID.

      Required when using \ :emphasis:`onthefly\_register`\ .


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-attr_mail"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_mail:

      .. rst-class:: ansible-option-title

      **attr_mail**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-attr_mail" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Attribute containing email address.

      Required when using \ :emphasis:`onthefly\_register`\ .


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-attr_photo"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_photo:

      .. rst-class:: ansible-option-title

      **attr_photo**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-attr_photo" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Attribute containing user photo


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-base_dn"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-base_dn:

      .. rst-class:: ansible-option-title

      **base_dn**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-base_dn" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      The base DN to use when searching.


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-groups_base"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-groups_base:

      .. rst-class:: ansible-option-title

      **groups_base**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-groups_base" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Base DN where groups reside.


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-host"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-host:

      .. rst-class:: ansible-option-title

      **host**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-host" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string` / :ansible-option-required:`required`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      The hostname of the LDAP server


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-ldap_filter"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-ldap_filter:

      .. rst-class:: ansible-option-title

      **ldap_filter**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-ldap_filter" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Filter to apply to LDAP searches


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-locations"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-locations:

      .. rst-class:: ansible-option-title

      **locations**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-locations" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`list` / :ansible-option-elements:`elements=string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      List of locations the entity should be assigned to


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-name"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-name:

      .. rst-class:: ansible-option-title

      **name**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-name" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string` / :ansible-option-required:`required`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      The name of the LDAP authentication source


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-onthefly_register"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-onthefly_register:

      .. rst-class:: ansible-option-title

      **onthefly_register**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-onthefly_register" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`boolean`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Whether or not to register users on the fly.


      .. rst-class:: ansible-option-line

      :ansible-option-choices:`Choices:`

      - :ansible-option-choices-entry:`no`
      - :ansible-option-choices-entry:`yes`

      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-organizations"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-organizations:

      .. rst-class:: ansible-option-title

      **organizations**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-organizations" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`list` / :ansible-option-elements:`elements=string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      List of organizations the entity should be assigned to


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-password"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-password:

      .. rst-class:: ansible-option-title

      **password**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-password" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string` / :ansible-option-required:`required`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Password of the user accessing the Foreman server.

      If the value is not specified in the task, the value of environment variable \ :literal:`FOREMAN\_PASSWORD`\  will be used instead.


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-port"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-port:

      .. rst-class:: ansible-option-title

      **port**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-port" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`integer`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      The port number of the LDAP server


      .. rst-class:: ansible-option-line

      :ansible-option-default-bold:`Default:` :ansible-option-default:`389`

      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-server_type"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-server_type:

      .. rst-class:: ansible-option-title

      **server_type**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-server_type" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Type of the LDAP server


      .. rst-class:: ansible-option-line

      :ansible-option-choices:`Choices:`

      - :ansible-option-choices-entry:`free\_ipa`
      - :ansible-option-choices-entry:`active\_directory`
      - :ansible-option-choices-entry:`posix`

      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-server_url"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-server_url:

      .. rst-class:: ansible-option-title

      **server_url**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-server_url" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string` / :ansible-option-required:`required`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      URL of the Foreman server.

      If the value is not specified in the task, the value of environment variable \ :literal:`FOREMAN\_SERVER\_URL`\  will be used instead.


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-state"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-state:

      .. rst-class:: ansible-option-title

      **state**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-state" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      State of the entity


      .. rst-class:: ansible-option-line

      :ansible-option-choices:`Choices:`

      - :ansible-option-default-bold:`present` :ansible-option-default:`← (default)`
      - :ansible-option-choices-entry:`absent`

      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-tls"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-tls:

      .. rst-class:: ansible-option-title

      **tls**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-tls" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`boolean`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Whether or not to use TLS when contacting the LDAP server.


      .. rst-class:: ansible-option-line

      :ansible-option-choices:`Choices:`

      - :ansible-option-choices-entry:`no`
      - :ansible-option-choices-entry:`yes`

      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-use_netgroups"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-use_netgroups:

      .. rst-class:: ansible-option-title

      **use_netgroups**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-use_netgroups" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`boolean`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Whether to use NIS netgroups instead of posix groups, not valid for \ :emphasis:`server\_type=active\_directory`\ 


      .. rst-class:: ansible-option-line

      :ansible-option-choices:`Choices:`

      - :ansible-option-choices-entry:`no`
      - :ansible-option-choices-entry:`yes`

      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-usergroup_sync"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-usergroup_sync:

      .. rst-class:: ansible-option-title

      **usergroup_sync**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-usergroup_sync" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`boolean`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Whether or not to sync external user groups on login


      .. rst-class:: ansible-option-line

      :ansible-option-choices:`Choices:`

      - :ansible-option-choices-entry:`no`
      - :ansible-option-choices-entry:`yes`

      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-username"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-username:

      .. rst-class:: ansible-option-title

      **username**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-username" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`string` / :ansible-option-required:`required`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Username accessing the Foreman server.

      If the value is not specified in the task, the value of environment variable \ :literal:`FOREMAN\_USERNAME`\  will be used instead.


      .. raw:: html

        </div>

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="parameter-validate_certs"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-validate_certs:

      .. rst-class:: ansible-option-title

      **validate_certs**

      .. raw:: html

        <a class="ansibleOptionLink" href="#parameter-validate_certs" title="Permalink to this option"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`boolean`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Whether or not to verify the TLS certificates of the Foreman server.

      If the value is not specified in the task, the value of environment variable \ :literal:`FOREMAN\_VALIDATE\_CERTS`\  will be used instead.


      .. rst-class:: ansible-option-line

      :ansible-option-choices:`Choices:`

      - :ansible-option-choices-entry:`no`
      - :ansible-option-default-bold:`yes` :ansible-option-default:`← (default)`

      .. raw:: html

        </div>


.. Attributes


.. Notes


.. Seealso


.. Examples

Examples
--------

.. code-block:: yaml+jinja

    
    - name: LDAP Authentication source
      theforeman.foreman.auth_source_ldap:
        name: "Example LDAP"
        host: "ldap.example.org"
        server_url: "https://foreman.example.com"
        locations:
          - "Uppsala"
        organizations:
          - "Sweden"
        username: "admin"
        password: "changeme"
        state: present

    - name: LDAP Authentication with automatic registration
      theforeman.foreman.auth_source_ldap:
        name: "Example LDAP"
        host: "ldap.example.org"
        onthefly_register: True
        account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com
        account_password: secret
        base_dn: dc=example,dc=com
        groups_base: cn=groups,cn=accounts, dc=example,dc=com
        server_type: free_ipa
        attr_login: uid
        attr_firstname: givenName
        attr_lastname: sn
        attr_mail: mail
        attr_photo: jpegPhoto
        server_url: "https://foreman.example.com"
        username: "admin"
        password: "changeme"
        state: present




.. Facts


.. Return values

Return Values
-------------
Common return values are documented :ref:`here <common_return_values>`, the following are the fields unique to this module:

.. rst-class:: ansible-option-table

.. list-table::
  :width: 100%
  :widths: auto
  :header-rows: 1

  * - Key
    - Description

  * - .. raw:: html

        <div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="return-entity"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__return-entity:

      .. rst-class:: ansible-option-title

      **entity**

      .. raw:: html

        <a class="ansibleOptionLink" href="#return-entity" title="Permalink to this return value"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`dictionary`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-cell">

      Final state of the affected entities grouped by their type.


      .. rst-class:: ansible-option-line

      :ansible-option-returned-bold:`Returned:` success


      .. raw:: html

        </div>

    
  * - .. raw:: html

        <div class="ansible-option-indent"></div><div class="ansible-option-cell">
        <div class="ansibleOptionAnchor" id="return-entity/auth_source_ldaps"></div>

      .. _ansible_collections.theforeman.foreman.auth_source_ldap_module__return-entity/auth_source_ldaps:

      .. rst-class:: ansible-option-title

      **auth_source_ldaps**

      .. raw:: html

        <a class="ansibleOptionLink" href="#return-entity/auth_source_ldaps" title="Permalink to this return value"></a>

      .. rst-class:: ansible-option-type-line

      :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary`

      .. raw:: html

        </div>

    - .. raw:: html

        <div class="ansible-option-indent-desc"></div><div class="ansible-option-cell">

      List of auth sources for LDAP.


      .. rst-class:: ansible-option-line

      :ansible-option-returned-bold:`Returned:` success


      .. raw:: html

        </div>




..  Status (Presently only deprecated)


.. Authors

Authors
~~~~~~~

- Christoffer Reijer (@ephracis) Basalt AB



.. Parsing errors