Try SpotterManage LDAP authentication provider on PowerScale
| "added in version" 1.2.0 of dellemc.powerscale"
Authors: Jennifer John (@johnj9) <ansible.team@dell.com>
Install with ansible-galaxy collection install dellemc.powerscale:==3.0.0
collections:
- name: dellemc.powerscale
version: 3.0.0Managing LDAP authentication provider on PowerScale storage system includes creating, modifying, deleting and retrieving details of LDAP provider.
- name: Add an LDAP provider
dellemc.powerscale.ldap:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
ldap_name: "ldap_test"
server_uris:
- "{{server_uri_1}}"
- "{{server_uri_2}}"
server_uri_state: 'present-in-ldap'
base_dn: "DC=ansildap,DC=com"
ldap_parameters:
groupnet: "groupnet_ansildap"
bind_dn: "cn=admin,dc=example,dc=com"
bind_password: "{{bind_password}}"
state: "present"
- name: Add server_uris to an LDAP provider
dellemc.powerscale.ldap:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
ldap_name: "ldap_test"
server_uris:
- "{{server_uri_1}}"
server_uri_state: "present-in-ldap"
state: "present"
- name: Remove server_uris from an LDAP provider
dellemc.powerscale.ldap:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
ldap_name: "ldap_test"
server_uris:
- "{{server_uri_1}}"
server_uri_state: "absent-in-ldap"
state: "present"
- name: Modify LDAP provider
dellemc.powerscale.ldap:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
ldap_name: "ldap_test"
base_dn: "DC=ansi_ldap,DC=com"
ldap_parameters:
bind_dn: "cn=admin,dc=test,dc=com"
state: "present"
- name: Get LDAP provider details
dellemc.powerscale.ldap:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
ldap_name: "ldap_test"
state: "present"
- name: Delete a LDAP provider
dellemc.powerscale.ldap:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
ldap_name: "ldap_test"
state: "absent"
state:
choices:
- absent
- present
description:
- The state of the LDAP provider after the task is performed.
- C(present) - indicates that the LDAP provider should exist on the system.
- C(absent) - indicates that the LDAP provider should not exist on the system.
required: true
type: str
base_dn:
description:
- Specifies the root of the tree in which to search identities.
- This parameter is mandatory during create.
type: str
port_no:
default: '8080'
description:
- Port number of the PowerScale cluster.It defaults to 8080 if not specified.
required: false
type: str
api_user:
description:
- username of the PowerScale cluster.
required: true
type: str
ldap_name:
description:
- Specifies the name of the LDAP provider.
required: true
type: str
onefs_host:
description:
- IP address or FQDN of the PowerScale cluster.
required: true
type: str
verify_ssl:
choices:
- true
- false
description:
- boolean variable to specify whether to validate SSL certificate or not.
- C(true) - indicates that the SSL certificate should be verified.
- C(false) - indicates that the SSL certificate should not be verified.
required: true
type: bool
server_uris:
description:
- Specifies the server URIs.
- This parameter is mandatory during create.
- I(server_uris) should begin with ldap:// or ldaps:// if not validation error will
be displayed.
elements: str
type: list
api_password:
description:
- the password of the PowerScale cluster.
required: true
type: str
ldap_parameters:
description:
- Specify additional parameters to configure LDAP domain.
suboptions:
bind_dn:
description:
- Specifies the distinguished name for binding to the LDAP server.
type: str
bind_password:
description:
- Specifies the password for the distinguished name for binding to the LDAP server.
type: str
groupnet:
description:
- Groupnet identifier.
- This is an optional parameter and defaults to groupnet0.
type: str
type: dict
server_uri_state:
choices:
- present-in-ldap
- absent-in-ldap
description:
- Specifies if the I(server_uris) need to be added or removed from the provider.
- This parameter is mandatory if I(server_uris) is specified.
- While creating LDAP provider, this parameter value should be specified as C(present-in-ldap).
type: str
changed:
description: Whether or not the resource has changed.
returned: always
sample: 'false'
type: bool
ldap_provider_details:
contains:
base_dn:
description: Specifies the root of the tree in which to search identities.
type: str
bind_dn:
description: Specifies the distinguished name for binding to the LDAP server.
type: str
groupnet:
description: Groupnet identifier.
type: str
linked_access_zones:
description: List of access zones linked to the authentication provider.
type: list
name:
description: Specifies the name of the LDAP provider.
type: str
server_uris:
description: Specifies the server URIs.
type: str
status:
description: Specifies the status of the provider.
type: str
description: The LDAP provider details.
returned: When LDAP provider exists
sample:
base_dn: dc=sample,dc=ldap,dc=domain,dc=com
bind_dn: cn=administrator,dc=sample,dc=ldap,dc=domain,dc=com
groupnet: groupnet
linked_access_zones:
- System
name: sample-ldap
server_uris: ldap://xx.xx.xx.xx
status: online
type: complex