Try SpotterManage LDAP domain for PowerStore
| "added in version" 1.6.0 of dellemc.powerstore"
Authors: Akash Shendge (@shenda1) <ansible.team@dell.com>
Install with ansible-galaxy collection install dellemc.powerstore:==3.2.0
collections:
- name: dellemc.powerstore
version: 3.2.0Managing LDAP domain on PowerStore Storage System includes creating LDAP domain, getting details of LDAP domain, modifying LDAP domain, verifying LDAP domain and deleting LDAP domain.
- name: Create LDAP domain
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
domain_name: "{{domain_name}}"
ldap_servers: ["10.xxx.xx.xx"]
protocol: "LDAP"
ldap_server_type: "OpenLDAP"
bind_user: "{{bind_user}}"
bind_password: "{{bind_password}}"
ldap_domain_user_settings:
user_search_path: "cn=Users"
ldap_domain_group_settings:
group_search_path: "cn=Users"
ldap_server_state: "present-in-domain"
state: "present"
- name: Get LDAP domain details using ID
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
ldap_domain_id: 4
state: "present"
- name: Get LDAP domain details using name
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
ldap_domain_name: "{{ldap_domain_name}}"
state: "present"
- name: Verify LDAP domain configuration
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
ldap_domain_id: 4
verify_configuration: true
state: "present"
- name: Delete LDAP domain configuration
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
ldap_domain_id: 4
state: "absent"
- name: Create LDAP domain with AD server type
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
ldap_domain_name: "{{domain_name}}"
ldap_servers:
- "10.xxx.xx.xx"
ldap_server_state: "present-in-domain"
ldap_server_type: "AD"
bind_user: "{{bind_user}}"
bind_password: "{{bind_password}}"
is_global_catalog: true
ldap_server_port: 3268
protocol: "LDAP"
ldap_domain_user_settings:
user_search_path: ""
ldap_domain_group_settings:
group_search_path: ""
state: "present"
- name: Get LDAP domain details using domain name
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
ldap_domain_name: "{{domain_name}}"
state: "present"
- name: Delete LDAP domain using domain name
dellemc.powerstore.ldap_domain:
array_ip: "{{array_ip}}"
validate_certs: "{{validate_certs}}"
user: "{{user}}"
password: "{{password}}"
ldap_domain_name: "{{domain_name}}"
state: "absent"
port:
description:
- Port number for the PowerStore array.
- If not passed, it will take 443 as default.
type: int
user:
description:
- The username of the PowerStore host.
required: true
type: str
state:
choices:
- absent
- present
description:
- Define whether the LDAP domain configuration should exist or not.
- For Delete operation only, it should be set to C(absent).
- For all other operations except delete, it should be set to C(present).
required: true
type: str
timeout:
default: 120
description:
- Time after which the connection will get terminated.
- It is to be mentioned in seconds.
type: int
array_ip:
description:
- IP or FQDN of the PowerStore management system.
required: true
type: str
password:
description:
- The password of the PowerStore host.
required: true
type: str
protocol:
choices:
- LDAP
- LDAPS
description:
- Types of directory service protocol.
type: str
bind_user:
description:
- Distinguished Name (DN) of the user to be used when binding; that is, authenticating
and setting up the connection to the LDAP server.
- Mandatory for the create operation.
type: str
ldap_servers:
description:
- List of IP addresses of the LDAP servers for the domain.
elements: str
type: list
ldap_timeout:
description:
- Timeout for establishing a connection to an LDAP server.
type: int
bind_password:
description:
- Password to use when binding a new LDAP session.
- Mandatory for the create operation.
type: str
ldap_domain_id:
description:
- Unique identifier of the LDAP domain configuration.
type: int
validate_certs:
aliases:
- verifycert
default: true
description:
- Boolean variable to specify whether to validate SSL certificate or not.
- C(true) - indicates that the SSL certificate should be verified. Set the environment
variable REQUESTS_CA_BUNDLE to the path of the SSL certificate.
- C(false) - indicates that the SSL certificate should not be verified.
type: bool
ldap_domain_name:
description:
- Name of the LDAP authority to construct the LDAP server configuration.
- Mandatory for the create operation.
type: str
ldap_server_port:
description:
- Port number used to connect to the LDAP Server.
type: int
ldap_server_type:
choices:
- AD
- OpenLDAP
description:
- Types of the LDAP server.
type: str
is_global_catalog:
description:
- Whether or not the catalog is global.
type: bool
ldap_server_state:
choices:
- present-in-domain
- absent-in-domain
description:
- State of the LDAP server.
- The I(ldap_servers) and I(ldap_server_state) are required together.
type: str
verify_configuration:
default: false
description:
- Indicates whether to perform the verify LDAP domain configuration or not.
type: bool
ldap_domain_user_settings:
description:
- User settings of LDAP domain.
suboptions:
user_id_attribute:
description:
- Name of the LDAP attribute whose value indicates the unique identifier of the
user.
- Default value is C(sAMAccountName).
type: str
user_object_class:
description:
- LDAP object class for users.
- Default value is C(user).
type: str
user_search_path:
description:
- Path used to search for users on the directory server.
- Search path is empty, if global catalog is enabled.
type: str
type: dict
ldap_domain_group_settings:
description:
- Group settings of LDAP domain.
suboptions:
group_member_attribute:
description:
- Name of the LDAP attribute whose value contains the names of group members within
a group.
- Default value is C(member).
type: str
group_name_attribute:
description:
- Name of the LDAP attribute whose value indicates the group name.
- Default value is C(cn).
type: str
group_object_class:
description:
- LDAP object class for groups.
- Default value is C(group).
type: str
group_search_level:
description:
- Nested search level for performing group search.
- Default value is 0.
type: int
group_search_path:
description:
- Path used to search for groups on the directory server.
- Search path is empty, if global catalog is enabled.
type: str
type: dict
changed:
description: Whether or not the resource has changed.
returned: always
sample: 'false'
type: bool
ldap_domain_details:
contains:
bind_user:
description: Distinguished Name (DN) of the user to be used when binding.
type: str
domain_name:
description: Name of the LDAP authority to construct the LDAP server configuration.
type: str
group_member_attribute:
description: Name of the LDAP attribute whose value contains the names of group
members within a group.
type: str
group_name_attribute:
description: Name of the LDAP attribute whose value indicates the group name.
type: str
group_object_class:
description: LDAP object class for groups.
type: str
group_search_level:
description: Nested search level for performing group search.
type: int
group_search_path:
description: Path used to search for groups on the directory server.
type: str
id:
description: Unique identifier of the new LDAP server configuration.
type: str
is_global_catalog:
description: Whether or not the catalog is global. Default value is false.
type: bool
ldap_server_type:
description: Types of LDAP server.
type: str
ldap_server_type_l10n:
description: Localized message string corresponding to ldap_server_type.
type: str
ldap_servers:
description: List of IP addresses of the LDAP servers for the domain. IP addresses
are in IPv4 format.
type: list
ldap_timeout:
description: Timeout for establishing a connection to an LDAP server. Default
value is 30000 (30 seconds).
type: int
port:
description: Port number used to connect to the LDAP server(s).
type: int
protocol:
description: Types of directory service protocol.
type: str
protocol_l10n:
description: Localized message string corresponding to protocol.
type: str
user_id_attribute:
description: Name of the LDAP attribute whose value indicates the unique identifier
of the user.
type: str
user_object_class:
description: LDAP object class for users.
type: str
user_search_path:
description: Path used to search for users on the directory server.
type: str
description: Details of the LDAP domain configuration.
returned: When LDAP domain configuration exists.
sample:
bind_user: cn=ldapadmin,dc=domain,dc=com
domain_name: domain.com
group_member_attribute: member
group_name_attribute: cn
group_object_class: groupOfNames
group_search_level: 0
group_search_path: dc=domain,dc=com
id: '9'
is_global_catalog: false
ldap_server_type: OpenLDAP
ldap_server_type_l10n: OpenLDAP
ldap_servers:
- 10.xxx.xx.xxx
ldap_timeout: 300000
port: 636
protocol: LDAPS
protocol_l10n: LDAPS
user_id_attribute: uid
user_object_class: inetOrgPerson
user_search_path: dc=domain,dc=com
type: complex