Try SpotterConfigure Active Directory groups to be used with Directory Services
| "added in version" 4.0.0 of dellemc.openmanage"
Authors: Jagadeesh N V(@jagadeeshnv)
Install with ansible-galaxy collection install dellemc.openmanage:==9.1.0
collections:
- name: dellemc.openmanage
version: 9.1.0This module allows to add, modify, and delete OpenManage Enterprise connection with Active Directory Service.
---
- name: Add Active Directory service using DNS lookup along with the test connection
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
name: my_ad1
domain_server:
- domainname.com
group_domain: domainname.com
test_connection: true
domain_username: user@domainname
domain_password: domain_password
- name: Add Active Directory service using IP address of the domain controller with certificate validation
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
name: my_ad2
domain_controller_lookup: MANUAL
domain_server:
- 192.68.20.181
group_domain: domainname.com
validate_certificate: true
certificate_file: "/path/to/certificate/file.cer"
- name: Modify domain controller IP address, network_timeout and group_domain
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
name: my_ad2
domain_controller_lookup: MANUAL
domain_server:
- 192.68.20.189
group_domain: newdomain.in
network_timeout: 150
- name: Delete Active Directory service
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
name: my_ad2
state: absent
- name: Test connection to existing Active Directory service with certificate validation
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
name: my_ad2
test_connection: true
domain_username: user@domainname
domain_password: domain_password
validate_certificate: true
certificate_file: "/path/to/certificate/file.cer"
id:
description:
- Provide the ID of the existing Active Directory service connection.
- This is applicable for modification and deletion.
- This is mutually exclusive with I(name).
type: int
name:
description:
- Provide a name for the Active Directory connection.
- This is applicable for creation and deletion.
- This is mutually exclusive with I(name).
type: str
port:
default: 443
description: OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port.
type: int
state:
choices:
- present
- absent
default: present
description:
- C(present) allows to create or modify an Active Directory service.
- C(absent) allows to delete a Active Directory service.
type: str
ca_path:
description:
- The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for
the validation.
type: path
version_added: 5.0.0
version_added_collection: dellemc.openmanage
timeout:
default: 30
description: The socket level timeout in seconds.
type: int
version_added: 5.0.0
version_added_collection: dellemc.openmanage
hostname:
description: OpenManage Enterprise or OpenManage Enterprise Modular IP address or
hostname.
required: true
type: str
password:
description:
- OpenManage Enterprise or OpenManage Enterprise Modular password.
- If the password is not provided, then the environment variable C(OME_PASSWORD) is
used.
- 'Example: export OME_PASSWORD=password'
required: true
type: str
username:
description:
- OpenManage Enterprise or OpenManage Enterprise Modular username.
- If the username is not provided, then the environment variable C(OME_USERNAME) is
used.
- 'Example: export OME_USERNAME=username'
required: true
type: str
group_domain:
description:
- Provide the group domain in the format C(example.com) or C(ou=org, dc=example, dc=com).
type: str
domain_server:
description:
- Enter the domain name or FQDN or IP address of the domain controller.
- If I(domain_controller_lookup) is C(DNS), enter the domain name to query DNS for
the domain controllers.
- If I(domain_controller_lookup) is C(MANUAL), enter the FQDN or the IP address of
the domain controller. The maximum number of Active Directory servers that can be
added is three.
elements: str
type: list
search_timeout:
default: 120
description:
- Enter the search timeout duration in seconds.
- The supported timeout duration range is 15 to 300 seconds.
type: int
validate_certs:
default: true
description:
- If C(false), the SSL certificates will not be validated.
- Configure C(false) only on personally controlled sites where self-signed certificates
are used.
- Prior to collection version C(5.0.0), the I(validate_certs) is C(false) by default.
type: bool
version_added: 5.0.0
version_added_collection: dellemc.openmanage
domain_password:
description:
- Provide the domain password.
- This is applicable when I(test_connection) is C(true).
type: str
domain_username:
description:
- Provide the domain username either in the UPN (username@domain) or NetBIOS (domain\\username)
format.
- This is applicable when I(test_connection) is C(true).
type: str
network_timeout:
default: 120
description:
- Enter the network timeout duration in seconds.
- The supported timeout duration range is 15 to 300 seconds.
type: int
test_connection:
default: false
description:
- Enables testing the connection to the domain controller.
- The connection to the domain controller is tested with the provided Active Directory
service details.
- If test fails, module will error out.
- If C(true), I(domain_username) and I(domain_password) has to be provided.
type: bool
certificate_file:
description:
- Provide the full path of the SSL certificate.
- The certificate should be a Root CA Certificate encoded in Base64 format.
- This is applicable when I(validate_certificate) is C(true).
type: path
validate_certificate:
default: false
description:
- Enables validation of SSL certificate of the domain controller.
- The module will always report change when this is C(true).
type: bool
domain_controller_port:
default: 3269
description:
- Domain controller port.
- By default, Global Catalog Address port number 3269 is populated.
- For the Domain Controller Access, enter 636 as the port number.
- C(NOTE), Only LDAPS ports are supported.
type: int
domain_controller_lookup:
choices:
- DNS
- MANUAL
default: DNS
description:
- Select the Domain Controller Lookup method.
type: str
active_directory:
description: The Active Directory that was added, modified or deleted by this module.
returned: on change
sample:
CertificateValidation: false
DnsServer: []
GroupDomain: dellemcdomain.com
Id: 21789
Name: ad_test
NetworkTimeOut: 120
Password: null
SearchTimeOut: 120
ServerName:
- 192.168.20.181
ServerPort: 3269
ServerType: MANUAL
type: dict
error_info:
description: Details of the HTTP Error.
returned: on HTTP error
sample:
error_info:
error:
'@Message.ExtendedInfo':
- Message: Unable to connect to the LDAP or AD server because the entered
credentials are invalid.
MessageArgs: []
MessageId: CSEC5002
RelatedProperties: []
Resolution: Make sure the server input configuration are valid and retry
the operation.
Severity: Critical
code: Base.1.0.GeneralError
message: A general error has occurred. See ExtendedInfo for more information.
type: dict
msg:
description: Overall status of the Active Directory operation.
returned: always
sample: Successfully renamed the slot(s).
type: str