ansible / ansible.builtin / v2.3.2.0-1 / module / ipa_user Manage FreeIPA users | "added in version" 2.3 of ansible.builtin" Authors: Thomas Krahn (@Nosmoht) preview | supported by communityansible.builtin.ipa_user (v2.3.2.0-1) — module
pip
Install with pip install ansible==2.3.2.0.post1
Add, modify and delete user within IPA server
# Ensure pinky is present - ipa_user: name: pinky state: present givenname: Pinky sn: Acme mail: - pinky@acme.com telephonenumber: - '+555123456' sshpubkeyfp: - ssh-rsa .... - ssh-dsa .... ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret
# Ensure brain is absent - ipa_user: name: brain state: absent ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret
sn: description: Surname required: false uid: aliases: - name description: uid of the user required: true mail: description: - List of mail addresses assigned to the user. - If an empty list is passed all assigned email addresses will be deleted. - If None is passed email addresses will not be checked or changed. required: false state: choices: - present - absent - enabled - disabled default: present description: State to ensure required: false title: description: Title required: false ipa_host: default: ipa.example.com description: IP or hostname of IPA server required: false ipa_pass: description: Password of administrative user required: true ipa_port: default: 443 description: Port of IPA server required: false ipa_prot: choices: - http - https default: https description: Protocol used by IPA server required: false ipa_user: default: admin description: Administrative account used on IPA server required: false password: description: - Password required: false givenname: description: First name required: false sshpubkey: description: - List of public SSH key. - If an empty list is passed all assigned public keys will be deleted. - If None is passed SSH public keys will not be checked or changed. required: false loginshell: description: Login shell required: false displayname: description: Display name required: false validate_certs: default: true description: - This only applies if C(ipa_prot) is I(https). - If set to C(no), the SSL certificates will not be validated. - This should only set to C(no) used on personally controlled sites using self-signed certificates. required: false telephonenumber: description: - List of telephone numbers assigned to the user. - If an empty list is passed all assigned telephone numbers will be deleted. - If None is passed telephone numbers will not be checked or changed. required: false
user: description: User as returned by IPA API returned: always type: dict