ansible / ansible.builtin / v2.5.6 / module / udm_user Manage posix users on a univention corporate server | "added in version" 2.2 of ansible.builtin" Authors: Tobias Rueetschi (@2-B) preview | supported by communityansible.builtin.udm_user (v2.5.6) — module
pip
Install with pip install ansible==2.5.6
This module allows to manage posix users on a univention corporate server (UCS). It uses the python API of the UCS to create a new object or edit it.
# Create a user on a UCS - udm_user: name: FooBar password: secure_password firstname: Foo lastname: Bar
# Create a user with the DN # C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com) - udm_user: name: foo password: secure_password firstname: Foo lastname: Bar ou: school subpath: 'cn=teachers,cn=users'
# or define the position - udm_user: name: foo password: secure_password firstname: Foo lastname: Bar position: 'cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com'
ou: default: '' description: - Organizational Unit inside the LDAP Base DN, e.g. C(school) for LDAP OU C(ou=school,dc=example,dc=com). required: false city: default: None description: - City of users business address. required: false email: default: - '' description: - A list of e-mail addresses. required: false gecos: default: None description: - GECOS required: false phone: default: [] description: - List of telephone numbers. required: false shell: default: /bin/bash description: - Login shell required: false state: choices: - present - absent default: present description: - Whether the user is present or not. required: false title: default: None description: - Title, e.g. C(Prof.). required: false groups: default: [] description: - 'POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: C((&(objectClass=posixGroup)(cn=$GROUP))).' required: false street: default: None description: - Street of users business address. required: false country: default: None description: - Country of users business address. required: false subpath: default: cn=users description: - LDAP subpath inside the organizational unit, e.g. C(cn=teachers,cn=users) for LDAP container C(cn=teachers,cn=users,dc=example,dc=com). required: false birthday: default: None description: - Birthday required: false lastname: description: - Last name. Required if C(state=present). required: false password: default: None description: - Password. Required if C(state=present). required: false position: default: '' description: - Define the whole position of users object inside the LDAP tree, e.g. C(cn=employee,cn=users,ou=school,dc=example,dc=com). required: false postcode: default: None description: - Postal code of users business address. required: false unixhome: default: /home/$USERNAME description: - Unix home directory required: false username: aliases: - name description: - User name required: true firstname: description: - First name. Required if C(state=present). required: false homedrive: default: None description: - Windows home drive, e.g. C("H:"). required: false sambahome: default: None description: - Windows home path, e.g. C('\\$FQDN\$USERNAME'). required: false secretary: default: [] description: - A list of superiors as LDAP DNs. required: false home_share: aliases: - homeShare default: None description: - Home NFS share. Must be a LDAP DN, e.g. C(cn=home,cn=shares,ou=school,dc=example,dc=com). required: false scriptpath: default: None description: - Windows logon script. required: false userexpiry: default: Today + 1 year description: - Account expiry date, e.g. C(1999-12-31). required: false description: default: None description: - Description (not gecos) required: false profilepath: default: None description: - Windows profile directory required: false room_number: aliases: - roomNumber default: None description: - Room number of users business address. required: false display_name: aliases: - displayName default: None description: - Display name (not gecos) required: false organisation: default: None description: - Organisation required: false employee_type: aliases: - employeeType default: None description: - Employee type required: false primary_group: aliases: - primaryGroup default: cn=Domain Users,cn=groups,$LDAP_BASE_DN description: - Primary group. This must be the group LDAP DN. required: false employee_number: aliases: - employeeNumber default: None description: - Employee number required: false home_share_path: aliases: - homeSharePath default: None description: - Path to home NFS share, inside the homeShare. required: false serviceprovider: default: - '' description: - Enable user for the following service providers. required: false update_password: default: always description: - C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users. required: false version_added: '2.3' version_added_collection: ansible.builtin mail_home_server: aliases: - mailHomeServer default: None description: - FQDN of mail server required: false samba_privileges: aliases: - sambaPrivileges default: [] description: - Samba privilege, like allow printer administration, do domain join. required: false department_number: aliases: - departmentNumber default: None description: - Department number of users business address. required: false override_pw_length: aliases: - overridePWLength default: false description: - Override password check required: false override_pw_history: aliases: - overridePWHistory default: false description: - Override password history required: false mail_primary_address: aliases: - mailPrimaryAddress default: None description: - Primary e-mail address required: false home_telephone_number: aliases: - homeTelephoneNumber default: [] description: - List of private telephone numbers. required: false pager_telephonenumber: aliases: - pagerTelephonenumber default: [] description: - List of pager telephone numbers. required: false pwd_change_next_login: aliases: - pwdChangeNextLogin choices: - '0' - '1' default: None description: - Change password on next login. required: false mobile_telephone_number: aliases: - mobileTelephoneNumber default: [] description: - Mobile phone number required: false samba_user_workstations: aliases: - sambaUserWorkstations default: [] description: - Allow the authentication only on this Microsoft Windows host. required: false mail_alternative_address: aliases: - mailAlternativeAddress default: [] description: - List of alternative e-mail addresses. required: false