ansible / ansible.builtin / v2.4.0.0-1 / module / ipa_group Manage FreeIPA group | "added in version" 2.3 of ansible.builtin" Authors: Thomas Krahn (@Nosmoht) preview | supported by communityansible.builtin.ipa_group (v2.4.0.0-1) — module
pip
Install with pip install ansible==2.4.0.0.post1
Add, modify and delete group within IPA server
# Ensure group is present - ipa_group: name: oinstall gidnumber: 54321 state: present ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret
# Ensure that groups sysops and appops are assigned to ops but no other group - ipa_group: name: ops group: - sysops - appops ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret
# Ensure that users linus and larry are assign to the group, but no other user - ipa_group: name: sysops user: - linus - larry ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret
# Ensure group is absent - ipa_group: name: sysops state: absent ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret
cn: aliases: - name description: - Canonical name. - Can not be changed as it is the unique identifier. required: true user: description: - List of user names assigned to this group. - If an empty list is passed all users will be removed from this group. - If option is omitted assigned users will not be checked or changed. - Users that are already assigned but not passed will be removed. group: description: - List of group names assigned to this group. - If an empty list is passed all groups will be removed from this group. - If option is omitted assigned groups will not be checked or changed. - Groups that are already assigned but not passed will be removed. state: choices: - present - absent default: present description: - State to ensure required: false external: description: - Allow adding external non-IPA members from trusted domains. required: false ipa_host: default: ipa.example.com description: IP or hostname of IPA server required: false ipa_pass: description: Password of administrative user required: true ipa_port: default: 443 description: Port of IPA server required: false ipa_prot: choices: - http - https default: https description: Protocol used by IPA server required: false ipa_user: default: admin description: Administrative account used on IPA server required: false nonposix: description: - Create as a non-POSIX group. required: false gidnumber: description: - GID (use this option to set it manually). required: false validate_certs: default: true description: - This only applies if C(ipa_prot) is I(https). - If set to C(no), the SSL certificates will not be validated. - This should only set to C(no) used on personally controlled sites using self-signed certificates. required: false
group: description: Group as returned by IPA API returned: always type: dict