Try SpotterCreate, modify, or delete an Active Directory/LDAP user group on OpenManage Enterprise and OpenManage Enterprise Modular
| "added in version" 4.0.0 of dellemc.openmanage"
Authors: Felix Stephen (@felixs88), Abhishek Sinha (@Abhishek-Dell)
Install with ansible-galaxy collection install dellemc.openmanage:==9.1.0
collections:
- name: dellemc.openmanage
version: 9.1.0This module allows to create, modify, or delete an Active Directory/LDAP user group on OpenManage Enterprise and OpenManage Enterprise Modular.
---
- name: Create Active Directory user group
dellemc.openmanage.ome_domain_user_groups:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
state: present
group_name: account operators
directory_name: directory_name
role: administrator
domain_username: username@domain
domain_password: domain_password
- name: Update Active Directory user group
dellemc.openmanage.ome_domain_user_groups:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
state: present
group_name: account operators
role: viewer
- name: Delete active directory user group
dellemc.openmanage.ome_domain_user_groups:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
state: absent
group_name: administrators
- name: Import LDAP directory group.
dellemc.openmanage.ome_domain_user_groups:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
directory_type: LDAP
state: present
group_name: account operators
directory_name: directory_name
role: administrator
domain_username: username@domain
domain_password: domain_password
- name: Remove LDAP directory group.
dellemc.openmanage.ome_domain_user_groups:
hostname: "192.168.0.1"
username: "username"
password: "password"
ca_path: "/path/to/ca_cert.pem"
state: absent
group_name: account operators
port:
default: 443
description: OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port.
type: int
role:
description:
- The desired roles and privilege for the imported Active Directory/LDAP user group.
- 'OpenManage Enterprise Modular Roles: CHASSIS ADMINISTRATOR, COMPUTE MANAGER, STORAGE
MANAGER, FABRIC MANAGER, VIEWER.'
- 'OpenManage Enterprise Roles: ADMINISTRATOR, DEVICE MANAGER, VIEWER.'
- I(role) value is case insensitive.
type: str
state:
choices:
- present
- absent
default: present
description:
- C(present) imports or modifies the Active Directory/LDAP user group.
- C(absent) deletes an existing Active Directory/LDAP user group.
type: str
ca_path:
description:
- The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for
the validation.
type: path
version_added: 5.0.0
version_added_collection: dellemc.openmanage
timeout:
default: 30
description: The socket level timeout in seconds.
type: int
version_added: 5.0.0
version_added_collection: dellemc.openmanage
hostname:
description: OpenManage Enterprise or OpenManage Enterprise Modular IP address or
hostname.
required: true
type: str
password:
description:
- OpenManage Enterprise or OpenManage Enterprise Modular password.
- If the password is not provided, then the environment variable C(OME_PASSWORD) is
used.
- 'Example: export OME_PASSWORD=password'
required: true
type: str
username:
description:
- OpenManage Enterprise or OpenManage Enterprise Modular username.
- If the username is not provided, then the environment variable C(OME_USERNAME) is
used.
- 'Example: export OME_USERNAME=username'
required: true
type: str
group_name:
description:
- The desired Active Directory/LDAP user group name to be imported or removed.
- 'Examples for user group name: Administrator or Account Operators or Access Control
Assistance Operator.'
- I(group_name) value is case insensitive.
required: true
type: str
directory_id:
description:
- The ID of the Active Directory/LDAP.
- I(directory_id) is mutually exclusive with I(directory_name).
type: int
directory_name:
description:
- The directory name set while adding the Active Directory/LDAP.
- I(directory_name) is mutually exclusive with I(directory_id).
type: str
directory_type:
choices:
- AD
- LDAP
default: AD
description:
- Type of the account.
type: str
validate_certs:
default: true
description:
- If C(false), the SSL certificates will not be validated.
- Configure C(false) only on personally controlled sites where self-signed certificates
are used.
- Prior to collection version C(5.0.0), the I(validate_certs) is C(false) by default.
type: bool
version_added: 5.0.0
version_added_collection: dellemc.openmanage
domain_password:
description:
- Active Directory/LDAP domain password.
type: str
domain_username:
description:
- Active Directory/LDAP domain username.
- 'Example: username@domain or domain\username.'
type: str
domain_user_status:
description: Details of the domain user operation, when I(state) is C(present).
returned: When I(state) is C(present).
sample:
Description: null
DirectoryServiceId: 16097
Enabled: true
Id: '16617'
IsBuiltin: false
IsVisible: true
Locked: false
Name: Account Operators
ObjectGuid: a491859c-031e-42a3-ae5e-0ab148ecf1d6
ObjectSid: null
Oem: null
Password: null
PlainTextPassword: null
RoleId: '16'
UserName: Account Operators
UserTypeId: 2
type: dict
error_info:
description: Details of the HTTP Error.
returned: on HTTP error
sample:
error:
'@Message.ExtendedInfo':
- Message: Unable to process the request because an error occurred.
MessageArgs: []
MessageId: GEN1234
RelatedProperties: []
Resolution: Retry the operation. If the issue persists, contact your system
administrator.
Severity: Critical
code: Base.1.0.GeneralError
message: A general error has occurred. See ExtendedInfo for more information.
type: dict
msg:
description: Overall status of the Active Directory/LDAP user group operation.
returned: always
sample: Successfully imported the Active Directory/LDAP user group.
type: str