` for details.
To use it in a playbook, specify: :code:`theforeman.foreman.auth_source_ldap`.
.. version_added
.. rst-class:: ansible-version-added
New in theforeman.foreman 1.0.0
.. contents::
:local:
:depth: 1
.. Deprecated
Synopsis
--------
.. Description
- Create, update, and delete LDAP authentication sources
.. Aliases
Aliases: foreman_auth_source_ldap
.. Requirements
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module_requirements:
Requirements
------------
The below requirements are needed on the host that executes this module.
- requests
.. Options
Parameters
----------
.. tabularcolumns:: \X{1}{3}\X{2}{3}
.. list-table::
:width: 100%
:widths: auto
:header-rows: 1
:class: longtable ansible-option-table
* - Parameter
- Comments
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-account:
.. rst-class:: ansible-option-title
**account**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Account name to use when accessing the LDAP server.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-account_password:
.. rst-class:: ansible-option-title
**account_password**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Account password to use when accessing the LDAP server.
Required when using :emphasis:`onthefly\_register`.
When this parameter is set, the module will not be idempotent.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_firstname:
.. rst-class:: ansible-option-title
**attr_firstname**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Attribute containing first name.
Required when using :emphasis:`onthefly\_register`.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_lastname:
.. rst-class:: ansible-option-title
**attr_lastname**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Attribute containing last name.
Required when using :emphasis:`onthefly\_register`.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_login:
.. rst-class:: ansible-option-title
**attr_login**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Attribute containing login ID.
Required when using :emphasis:`onthefly\_register`.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_mail:
.. rst-class:: ansible-option-title
**attr_mail**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Attribute containing email address.
Required when using :emphasis:`onthefly\_register`.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-attr_photo:
.. rst-class:: ansible-option-title
**attr_photo**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Attribute containing user photo
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-base_dn:
.. rst-class:: ansible-option-title
**base_dn**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
The base DN to use when searching.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-groups_base:
.. rst-class:: ansible-option-title
**groups_base**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Base DN where groups reside.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-host:
.. rst-class:: ansible-option-title
**host**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string` / :ansible-option-required:`required`
.. raw:: html
- .. raw:: html
The hostname of the LDAP server
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-ldap_filter:
.. rst-class:: ansible-option-title
**ldap_filter**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Filter to apply to LDAP searches
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-locations:
.. rst-class:: ansible-option-title
**locations**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`list` / :ansible-option-elements:`elements=string`
.. raw:: html
- .. raw:: html
List of locations the entity should be assigned to
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-name:
.. rst-class:: ansible-option-title
**name**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string` / :ansible-option-required:`required`
.. raw:: html
- .. raw:: html
The name of the LDAP authentication source
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-onthefly_register:
.. rst-class:: ansible-option-title
**onthefly_register**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`boolean`
.. raw:: html
- .. raw:: html
Whether or not to register users on the fly.
.. rst-class:: ansible-option-line
:ansible-option-choices:`Choices:`
- :ansible-option-choices-entry:`false`
- :ansible-option-choices-entry:`true`
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-organizations:
.. rst-class:: ansible-option-title
**organizations**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`list` / :ansible-option-elements:`elements=string`
.. raw:: html
- .. raw:: html
List of organizations the entity should be assigned to
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-password:
.. rst-class:: ansible-option-title
**password**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string` / :ansible-option-required:`required`
.. raw:: html
- .. raw:: html
Password of the user accessing the Foreman server.
If the value is not specified in the task, the value of environment variable :literal:`FOREMAN\_PASSWORD` will be used instead.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-port:
.. rst-class:: ansible-option-title
**port**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`integer`
.. raw:: html
- .. raw:: html
The port number of the LDAP server
.. rst-class:: ansible-option-line
:ansible-option-default-bold:`Default:` :ansible-option-default:`389`
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-server_type:
.. rst-class:: ansible-option-title
**server_type**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
Type of the LDAP server
.. rst-class:: ansible-option-line
:ansible-option-choices:`Choices:`
- :ansible-option-choices-entry:`"free\_ipa"`
- :ansible-option-choices-entry:`"active\_directory"`
- :ansible-option-choices-entry:`"posix"`
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-server_url:
.. rst-class:: ansible-option-title
**server_url**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string` / :ansible-option-required:`required`
.. raw:: html
- .. raw:: html
URL of the Foreman server.
If the value is not specified in the task, the value of environment variable :literal:`FOREMAN\_SERVER\_URL` will be used instead.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-state:
.. rst-class:: ansible-option-title
**state**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string`
.. raw:: html
- .. raw:: html
State of the entity
.. rst-class:: ansible-option-line
:ansible-option-choices:`Choices:`
- :ansible-option-choices-entry-default:`"present"` :ansible-option-choices-default-mark:`← (default)`
- :ansible-option-choices-entry:`"absent"`
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-tls:
.. rst-class:: ansible-option-title
**tls**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`boolean`
.. raw:: html
- .. raw:: html
Whether or not to use TLS when contacting the LDAP server.
.. rst-class:: ansible-option-line
:ansible-option-choices:`Choices:`
- :ansible-option-choices-entry:`false`
- :ansible-option-choices-entry:`true`
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-use_netgroups:
.. rst-class:: ansible-option-title
**use_netgroups**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`boolean`
.. raw:: html
- .. raw:: html
Whether to use NIS netgroups instead of posix groups, not valid for :emphasis:`server\_type=active\_directory`
.. rst-class:: ansible-option-line
:ansible-option-choices:`Choices:`
- :ansible-option-choices-entry:`false`
- :ansible-option-choices-entry:`true`
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-usergroup_sync:
.. rst-class:: ansible-option-title
**usergroup_sync**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`boolean`
.. raw:: html
- .. raw:: html
Whether or not to sync external user groups on login
.. rst-class:: ansible-option-line
:ansible-option-choices:`Choices:`
- :ansible-option-choices-entry:`false`
- :ansible-option-choices-entry:`true`
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-username:
.. rst-class:: ansible-option-title
**username**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`string` / :ansible-option-required:`required`
.. raw:: html
- .. raw:: html
Username accessing the Foreman server.
If the value is not specified in the task, the value of environment variable :literal:`FOREMAN\_USERNAME` will be used instead.
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__parameter-validate_certs:
.. rst-class:: ansible-option-title
**validate_certs**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`boolean`
.. raw:: html
- .. raw:: html
Whether or not to verify the TLS certificates of the Foreman server.
If the value is not specified in the task, the value of environment variable :literal:`FOREMAN\_VALIDATE\_CERTS` will be used instead.
.. rst-class:: ansible-option-line
:ansible-option-choices:`Choices:`
- :ansible-option-choices-entry:`false`
- :ansible-option-choices-entry-default:`true` :ansible-option-choices-default-mark:`← (default)`
.. raw:: html
.. Attributes
Attributes
----------
.. tabularcolumns:: \X{2}{10}\X{3}{10}\X{5}{10}
.. list-table::
:width: 100%
:widths: auto
:header-rows: 1
:class: longtable ansible-option-table
* - Attribute
- Support
- Description
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__attribute-check_mode:
.. rst-class:: ansible-option-title
**check_mode**
.. raw:: html
.. raw:: html
- .. raw:: html
:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-full:`full`
.. raw:: html
- .. raw:: html
Can run in check\_mode and return changed status prediction without modifying the entity
.. raw:: html
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__attribute-diff_mode:
.. rst-class:: ansible-option-title
**diff_mode**
.. raw:: html
.. raw:: html
- .. raw:: html
:ansible-attribute-support-label:`Support: \ `\ :ansible-attribute-support-full:`full`
.. raw:: html
- .. raw:: html
Will return details on what has changed (or possibly needs changing in check\_mode), when in diff mode
.. raw:: html
.. Notes
.. Seealso
.. Examples
Examples
--------
.. code-block:: yaml+jinja
- name: Simple FreeIPA authentication source
theforeman.foreman.auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
server_url: "https://foreman.example.com"
locations:
- "Uppsala"
organizations:
- "Sweden"
username: "admin"
password: "changeme"
state: present
- name: FreeIPA with automatic registration
theforeman.foreman.auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
onthefly_register: true
account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com
account_password: secret
base_dn: dc=example,dc=com
groups_base: cn=groups,cn=accounts, dc=example,dc=com
server_type: free_ipa
attr_login: uid
attr_firstname: givenName
attr_lastname: sn
attr_mail: mail
attr_photo: jpegPhoto
server_url: "https://foreman.example.com"
username: "admin"
password: "changeme"
state: present
- name: Active Directory with automatic registration
theforeman.foreman.auth_source_ldap:
name: "Example AD"
host: "ad.example.org"
onthefly_register: true
account: EXAMPLE\ansible
account_password: secret
base_dn: cn=Users,dc=example,dc=com
groups_base: cn=Users,dc=example,dc=com
server_type: active_directory
attr_login: sAMAccountName
attr_firstname: givenName
attr_lastname: sn
attr_mail: mail
ldap_filter: (memberOf=CN=Domain Users,CN=Users,DC=example,DC=com)
server_url: "https://foreman.example.com"
username: "admin"
password: "changeme"
state: present
.. Facts
.. Return values
Return Values
-------------
Common return values are documented :ref:`here `, the following are the fields unique to this module:
.. tabularcolumns:: \X{1}{3}\X{2}{3}
.. list-table::
:width: 100%
:widths: auto
:header-rows: 1
:class: longtable ansible-option-table
* - Key
- Description
* - .. raw:: html
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__return-entity:
.. rst-class:: ansible-option-title
**entity**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`dictionary`
.. raw:: html
- .. raw:: html
Final state of the affected entities grouped by their type.
.. rst-class:: ansible-option-line
:ansible-option-returned-bold:`Returned:` success
.. raw:: html
* - .. raw:: html
.. raw:: latex
\hspace{0.02\textwidth}\begin{minipage}[t]{0.3\textwidth}
.. _ansible_collections.theforeman.foreman.auth_source_ldap_module__return-entity/auth_source_ldaps:
.. rst-class:: ansible-option-title
**auth_source_ldaps**
.. raw:: html
.. ansible-option-type-line::
:ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary`
.. raw:: html
.. raw:: latex
\end{minipage}
- .. raw:: html
List of auth sources for LDAP.
.. rst-class:: ansible-option-line
:ansible-option-returned-bold:`Returned:` success
.. raw:: html
.. Status (Presently only deprecated)
.. Authors
Authors
~~~~~~~
- Christoffer Reijer (@ephracis) Basalt AB
.. Extra links
Collection links
~~~~~~~~~~~~~~~~
.. ansible-links::
- title: "Issue Tracker"
url: "https://github.com/theforeman/foreman-ansible-modules/issues"
external: true
- title: "Homepage"
url: "https://theforeman.org/"
external: true
- title: "Repository (Sources)"
url: "https://github.com/theforeman/foreman-ansible-modules"
external: true
.. Parsing errors