dellemc / dellemc.openmanage / 9.1.0 / module / ome_active_directory Configure Active Directory groups to be used with Directory Services | "added in version" 4.0.0 of dellemc.openmanage" Authors: Jagadeesh N V(@jagadeeshnv)dellemc.openmanage.ome_active_directory (9.1.0) — module
Install with ansible-galaxy collection install dellemc.openmanage:==9.1.0
collections: - name: dellemc.openmanage version: 9.1.0
This module allows to add, modify, and delete OpenManage Enterprise connection with Active Directory Service.
--- - name: Add Active Directory service using DNS lookup along with the test connection dellemc.openmanage.ome_active_directory: hostname: "192.168.0.1" username: "username" password: "password" ca_path: "/path/to/ca_cert.pem" name: my_ad1 domain_server: - domainname.com group_domain: domainname.com test_connection: true domain_username: user@domainname domain_password: domain_password
- name: Add Active Directory service using IP address of the domain controller with certificate validation dellemc.openmanage.ome_active_directory: hostname: "192.168.0.1" username: "username" password: "password" ca_path: "/path/to/ca_cert.pem" name: my_ad2 domain_controller_lookup: MANUAL domain_server: - 192.68.20.181 group_domain: domainname.com validate_certificate: true certificate_file: "/path/to/certificate/file.cer"
- name: Modify domain controller IP address, network_timeout and group_domain dellemc.openmanage.ome_active_directory: hostname: "192.168.0.1" username: "username" password: "password" ca_path: "/path/to/ca_cert.pem" name: my_ad2 domain_controller_lookup: MANUAL domain_server: - 192.68.20.189 group_domain: newdomain.in network_timeout: 150
- name: Delete Active Directory service dellemc.openmanage.ome_active_directory: hostname: "192.168.0.1" username: "username" password: "password" ca_path: "/path/to/ca_cert.pem" name: my_ad2 state: absent
- name: Test connection to existing Active Directory service with certificate validation dellemc.openmanage.ome_active_directory: hostname: "192.168.0.1" username: "username" password: "password" ca_path: "/path/to/ca_cert.pem" name: my_ad2 test_connection: true domain_username: user@domainname domain_password: domain_password validate_certificate: true certificate_file: "/path/to/certificate/file.cer"
id: description: - Provide the ID of the existing Active Directory service connection. - This is applicable for modification and deletion. - This is mutually exclusive with I(name). type: int name: description: - Provide a name for the Active Directory connection. - This is applicable for creation and deletion. - This is mutually exclusive with I(name). type: str port: default: 443 description: OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port. type: int state: choices: - present - absent default: present description: - C(present) allows to create or modify an Active Directory service. - C(absent) allows to delete a Active Directory service. type: str ca_path: description: - The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for the validation. type: path version_added: 5.0.0 version_added_collection: dellemc.openmanage timeout: default: 30 description: The socket level timeout in seconds. type: int version_added: 5.0.0 version_added_collection: dellemc.openmanage hostname: description: OpenManage Enterprise or OpenManage Enterprise Modular IP address or hostname. required: true type: str password: description: - OpenManage Enterprise or OpenManage Enterprise Modular password. - If the password is not provided, then the environment variable C(OME_PASSWORD) is used. - 'Example: export OME_PASSWORD=password' required: true type: str username: description: - OpenManage Enterprise or OpenManage Enterprise Modular username. - If the username is not provided, then the environment variable C(OME_USERNAME) is used. - 'Example: export OME_USERNAME=username' required: true type: str group_domain: description: - Provide the group domain in the format C(example.com) or C(ou=org, dc=example, dc=com). type: str domain_server: description: - Enter the domain name or FQDN or IP address of the domain controller. - If I(domain_controller_lookup) is C(DNS), enter the domain name to query DNS for the domain controllers. - If I(domain_controller_lookup) is C(MANUAL), enter the FQDN or the IP address of the domain controller. The maximum number of Active Directory servers that can be added is three. elements: str type: list search_timeout: default: 120 description: - Enter the search timeout duration in seconds. - The supported timeout duration range is 15 to 300 seconds. type: int validate_certs: default: true description: - If C(false), the SSL certificates will not be validated. - Configure C(false) only on personally controlled sites where self-signed certificates are used. - Prior to collection version C(5.0.0), the I(validate_certs) is C(false) by default. type: bool version_added: 5.0.0 version_added_collection: dellemc.openmanage domain_password: description: - Provide the domain password. - This is applicable when I(test_connection) is C(true). type: str domain_username: description: - Provide the domain username either in the UPN (username@domain) or NetBIOS (domain\\username) format. - This is applicable when I(test_connection) is C(true). type: str network_timeout: default: 120 description: - Enter the network timeout duration in seconds. - The supported timeout duration range is 15 to 300 seconds. type: int test_connection: default: false description: - Enables testing the connection to the domain controller. - The connection to the domain controller is tested with the provided Active Directory service details. - If test fails, module will error out. - If C(true), I(domain_username) and I(domain_password) has to be provided. type: bool certificate_file: description: - Provide the full path of the SSL certificate. - The certificate should be a Root CA Certificate encoded in Base64 format. - This is applicable when I(validate_certificate) is C(true). type: path validate_certificate: default: false description: - Enables validation of SSL certificate of the domain controller. - The module will always report change when this is C(true). type: bool domain_controller_port: default: 3269 description: - Domain controller port. - By default, Global Catalog Address port number 3269 is populated. - For the Domain Controller Access, enter 636 as the port number. - C(NOTE), Only LDAPS ports are supported. type: int domain_controller_lookup: choices: - DNS - MANUAL default: DNS description: - Select the Domain Controller Lookup method. type: str
active_directory: description: The Active Directory that was added, modified or deleted by this module. returned: on change sample: CertificateValidation: false DnsServer: [] GroupDomain: dellemcdomain.com Id: 21789 Name: ad_test NetworkTimeOut: 120 Password: null SearchTimeOut: 120 ServerName: - 192.168.20.181 ServerPort: 3269 ServerType: MANUAL type: dict error_info: description: Details of the HTTP Error. returned: on HTTP error sample: error_info: error: '@Message.ExtendedInfo': - Message: Unable to connect to the LDAP or AD server because the entered credentials are invalid. MessageArgs: [] MessageId: CSEC5002 RelatedProperties: [] Resolution: Make sure the server input configuration are valid and retry the operation. Severity: Critical code: Base.1.0.GeneralError message: A general error has occurred. See ExtendedInfo for more information. type: dict msg: description: Overall status of the Active Directory operation. returned: always sample: Successfully renamed the slot(s). type: str