ansible / ansible.builtin / v2.7.10 / module / ldap_passwd Set passwords in LDAP. | "added in version" 2.6 of ansible.builtin" Authors: Keller Fuchs (@KellerFuchs) preview | supported by communityansible.builtin.ldap_passwd (v2.7.10) — module
pip
Install with pip install ansible==2.7.10
Set a password for an LDAP entry. This module only asserts that a given password is valid for a given entry. To assert the existence of an entry, see M(ldap_entry).
- name: Set a password for the admin user ldap_passwd: dn: cn=admin,dc=example,dc=com passwd: "{{ vault_secret }}"
- name: Setting passwords in bulk ldap_passwd: dn: "{{ item.key }}" passwd: "{{ item.value }}" with_dict: alice: alice123123 bob: "|30b!" admin: "{{ vault_secret }}"
dn: description: - The DN of the entry to add or remove. required: true type: str passwd: default: null description: - The (plaintext) password to be set for I(dn). required: true bind_dn: description: - A DN to bind with. If this is omitted, we'll try a SASL bind with the EXTERNAL mechanism as default. - If this is blank, we'll use an anonymous bind. type: str bind_pw: default: '' description: - The password to use with I(bind_dn). type: str ca_path: description: - Set the path to PEM file with CA certs. type: path version_added: 6.5.0 version_added_collection: community.general start_tls: default: false description: - If true, we'll use the START_TLS LDAP extension. type: bool sasl_class: choices: - external - gssapi default: external description: - The class to use for SASL authentication. - Possible choices are C(external), C(gssapi). type: str version_added: 2.0.0 version_added_collection: community.general server_uri: default: ldapi:/// description: - The I(server_uri) parameter may be a comma- or whitespace-separated list of URIs containing only the schema, the host, and the port fields. - The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location. - Note that when using multiple URIs you cannot determine to which URI your client gets connected. - For URIs containing additional fields, particularly when using commas, behavior is undefined. type: str validate_certs: default: true description: - If set to C(false), SSL certificates will not be validated. - This should only be used on sites using self-signed certificates. type: bool xorder_discovery: choices: - enable - auto - disable default: auto description: - Set the behavior on how to process Xordered DNs. - C(enable) will perform a C(ONELEVEL) search below the superior RDN to find the matching DN. - C(disable) will always use the DN unmodified (as passed by the I(dn) parameter). - C(auto) will only perform a search if the first RDN does not contain an index number (C({x})). - Possible choices are C(enable), C(auto), C(disable). type: str version_added: 6.4.0 version_added_collection: community.general referrals_chasing: choices: - disabled - anonymous default: anonymous description: - Set the referrals chasing behavior. - C(anonymous) follow referrals anonymously. This is the default behavior. - C(disabled) disable referrals chasing. This sets C(OPT_REFERRALS) to off. type: str version_added: 2.0.0 version_added_collection: community.general
modlist: description: list of modified parameters returned: success sample: '[[2, "olcRootDN", ["cn=root,dc=example,dc=com"]]]' type: list