community / community.general / 3.8.10 / module / udm_user Manage posix users on a univention corporate server Authors: Tobias Rüetschi (@keachi)community.general.udm_user (3.8.10) — module
Install with ansible-galaxy collection install community.general:==3.8.10
collections: - name: community.general version: 3.8.10
This module allows to manage posix users on a univention corporate server (UCS). It uses the python API of the UCS to create a new object or edit it.
- name: Create a user on a UCS community.general.udm_user: name: FooBar password: secure_password firstname: Foo lastname: Bar
- name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com) community.general.udm_user: name: foo password: secure_password firstname: Foo lastname: Bar ou: school subpath: 'cn=teachers,cn=users'
# or define the position - name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com) community.general.udm_user: name: foo password: secure_password firstname: Foo lastname: Bar position: 'cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com'
ou: default: '' description: - Organizational Unit inside the LDAP Base DN, e.g. C(school) for LDAP OU C(ou=school,dc=example,dc=com). type: str city: description: - City of users business address. type: str email: default: - '' description: - A list of e-mail addresses. type: list gecos: description: - GECOS type: str phone: description: - List of telephone numbers. type: list shell: default: /bin/bash description: - Login shell type: str state: choices: - present - absent default: present description: - Whether the user is present or not. type: str title: description: - Title, e.g. C(Prof.). type: str groups: default: [] description: - 'POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: C((&(objectClass=posixGroup)(cn=$GROUP))).' type: list street: description: - Street of users business address. type: str country: description: - Country of users business address. type: str subpath: default: cn=users description: - LDAP subpath inside the organizational unit, e.g. C(cn=teachers,cn=users) for LDAP container C(cn=teachers,cn=users,dc=example,dc=com). type: str birthday: description: - Birthday type: str lastname: description: - Last name. Required if C(state=present). type: str password: description: - Password. Required if C(state=present). type: str position: default: '' description: - Define the whole position of users object inside the LDAP tree, e.g. C(cn=employee,cn=users,ou=school,dc=example,dc=com). type: str postcode: description: - Postal code of users business address. type: str unixhome: description: - Unix home directory - If not specified, it defaults to C(/home/$USERNAME). type: str username: aliases: - name description: - User name required: true type: str firstname: description: - First name. Required if C(state=present). type: str homedrive: description: - Windows home drive, e.g. C("H:"). type: str sambahome: description: - Windows home path, e.g. C('\\$FQDN\$USERNAME'). type: str secretary: default: [] description: - A list of superiors as LDAP DNs. type: list home_share: aliases: - homeShare description: - Home NFS share. Must be a LDAP DN, e.g. C(cn=home,cn=shares,ou=school,dc=example,dc=com). type: str scriptpath: description: - Windows logon script. type: str userexpiry: description: - Account expiry date, e.g. C(1999-12-31). - If not specified, it defaults to the current day plus one year. type: str description: description: - Description (not gecos) type: str profilepath: description: - Windows profile directory type: str room_number: aliases: - roomNumber description: - Room number of users business address. type: str display_name: aliases: - displayName description: - Display name (not gecos) type: str organisation: aliases: - organization description: - Organisation type: str employee_type: aliases: - employeeType description: - Employee type type: str primary_group: aliases: - primaryGroup description: - Primary group. This must be the group LDAP DN. - If not specified, it defaults to C(cn=Domain Users,cn=groups,$LDAP_BASE_DN). type: str employee_number: aliases: - employeeNumber description: - Employee number type: str home_share_path: aliases: - homeSharePath description: - Path to home NFS share, inside the homeShare. type: str serviceprovider: default: - '' description: - Enable user for the following service providers. type: list update_password: choices: - always - on_create default: always description: - C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users. type: str mail_home_server: aliases: - mailHomeServer description: - FQDN of mail server type: str overridePWLength: aliases: - override_pw_length default: 'no' description: - Override password check type: bool samba_privileges: aliases: - sambaPrivileges description: - Samba privilege, like allow printer administration, do domain join. type: list department_number: aliases: - departmentNumber description: - Department number of users business address. type: str overridePWHistory: aliases: - override_pw_history default: 'no' description: - Override password history type: bool mail_primary_address: aliases: - mailPrimaryAddress description: - Primary e-mail address type: str home_telephone_number: aliases: - homeTelephoneNumber default: [] description: - List of private telephone numbers. type: list pager_telephonenumber: aliases: - pagerTelephonenumber default: [] description: - List of pager telephone numbers. type: list pwd_change_next_login: aliases: - pwdChangeNextLogin choices: - '0' - '1' description: - Change password on next login. type: str mobile_telephone_number: aliases: - mobileTelephoneNumber default: [] description: - Mobile phone number type: list samba_user_workstations: aliases: - sambaUserWorkstations description: - Allow the authentication only on this Microsoft Windows host. type: list mail_alternative_address: aliases: - mailAlternativeAddress default: [] description: - List of alternative e-mail addresses. type: list