dellemc / dellemc.powerstore / 3.2.0 / module / ldap_domain Manage LDAP domain for PowerStore | "added in version" 1.6.0 of dellemc.powerstore" Authors: Akash Shendge (@shenda1) <ansible.team@dell.com>dellemc.powerstore.ldap_domain (3.2.0) — module
Install with ansible-galaxy collection install dellemc.powerstore:==3.2.0
collections: - name: dellemc.powerstore version: 3.2.0
Managing LDAP domain on PowerStore Storage System includes creating LDAP domain, getting details of LDAP domain, modifying LDAP domain, verifying LDAP domain and deleting LDAP domain.
- name: Create LDAP domain dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" domain_name: "{{domain_name}}" ldap_servers: ["10.xxx.xx.xx"] protocol: "LDAP" ldap_server_type: "OpenLDAP" bind_user: "{{bind_user}}" bind_password: "{{bind_password}}" ldap_domain_user_settings: user_search_path: "cn=Users" ldap_domain_group_settings: group_search_path: "cn=Users" ldap_server_state: "present-in-domain" state: "present"
- name: Get LDAP domain details using ID dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" ldap_domain_id: 4 state: "present"
- name: Get LDAP domain details using name dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" ldap_domain_name: "{{ldap_domain_name}}" state: "present"
- name: Verify LDAP domain configuration dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" ldap_domain_id: 4 verify_configuration: true state: "present"
- name: Delete LDAP domain configuration dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" ldap_domain_id: 4 state: "absent"
- name: Create LDAP domain with AD server type dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" ldap_domain_name: "{{domain_name}}" ldap_servers: - "10.xxx.xx.xx" ldap_server_state: "present-in-domain" ldap_server_type: "AD" bind_user: "{{bind_user}}" bind_password: "{{bind_password}}" is_global_catalog: true ldap_server_port: 3268 protocol: "LDAP" ldap_domain_user_settings: user_search_path: "" ldap_domain_group_settings: group_search_path: "" state: "present"
- name: Get LDAP domain details using domain name dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" ldap_domain_name: "{{domain_name}}" state: "present"
- name: Delete LDAP domain using domain name dellemc.powerstore.ldap_domain: array_ip: "{{array_ip}}" validate_certs: "{{validate_certs}}" user: "{{user}}" password: "{{password}}" ldap_domain_name: "{{domain_name}}" state: "absent"
port: description: - Port number for the PowerStore array. - If not passed, it will take 443 as default. type: int user: description: - The username of the PowerStore host. required: true type: str state: choices: - absent - present description: - Define whether the LDAP domain configuration should exist or not. - For Delete operation only, it should be set to C(absent). - For all other operations except delete, it should be set to C(present). required: true type: str timeout: default: 120 description: - Time after which the connection will get terminated. - It is to be mentioned in seconds. type: int array_ip: description: - IP or FQDN of the PowerStore management system. required: true type: str password: description: - The password of the PowerStore host. required: true type: str protocol: choices: - LDAP - LDAPS description: - Types of directory service protocol. type: str bind_user: description: - Distinguished Name (DN) of the user to be used when binding; that is, authenticating and setting up the connection to the LDAP server. - Mandatory for the create operation. type: str ldap_servers: description: - List of IP addresses of the LDAP servers for the domain. elements: str type: list ldap_timeout: description: - Timeout for establishing a connection to an LDAP server. type: int bind_password: description: - Password to use when binding a new LDAP session. - Mandatory for the create operation. type: str ldap_domain_id: description: - Unique identifier of the LDAP domain configuration. type: int validate_certs: aliases: - verifycert default: true description: - Boolean variable to specify whether to validate SSL certificate or not. - C(true) - indicates that the SSL certificate should be verified. Set the environment variable REQUESTS_CA_BUNDLE to the path of the SSL certificate. - C(false) - indicates that the SSL certificate should not be verified. type: bool ldap_domain_name: description: - Name of the LDAP authority to construct the LDAP server configuration. - Mandatory for the create operation. type: str ldap_server_port: description: - Port number used to connect to the LDAP Server. type: int ldap_server_type: choices: - AD - OpenLDAP description: - Types of the LDAP server. type: str is_global_catalog: description: - Whether or not the catalog is global. type: bool ldap_server_state: choices: - present-in-domain - absent-in-domain description: - State of the LDAP server. - The I(ldap_servers) and I(ldap_server_state) are required together. type: str verify_configuration: default: false description: - Indicates whether to perform the verify LDAP domain configuration or not. type: bool ldap_domain_user_settings: description: - User settings of LDAP domain. suboptions: user_id_attribute: description: - Name of the LDAP attribute whose value indicates the unique identifier of the user. - Default value is C(sAMAccountName). type: str user_object_class: description: - LDAP object class for users. - Default value is C(user). type: str user_search_path: description: - Path used to search for users on the directory server. - Search path is empty, if global catalog is enabled. type: str type: dict ldap_domain_group_settings: description: - Group settings of LDAP domain. suboptions: group_member_attribute: description: - Name of the LDAP attribute whose value contains the names of group members within a group. - Default value is C(member). type: str group_name_attribute: description: - Name of the LDAP attribute whose value indicates the group name. - Default value is C(cn). type: str group_object_class: description: - LDAP object class for groups. - Default value is C(group). type: str group_search_level: description: - Nested search level for performing group search. - Default value is 0. type: int group_search_path: description: - Path used to search for groups on the directory server. - Search path is empty, if global catalog is enabled. type: str type: dict
changed: description: Whether or not the resource has changed. returned: always sample: 'false' type: bool ldap_domain_details: contains: bind_user: description: Distinguished Name (DN) of the user to be used when binding. type: str domain_name: description: Name of the LDAP authority to construct the LDAP server configuration. type: str group_member_attribute: description: Name of the LDAP attribute whose value contains the names of group members within a group. type: str group_name_attribute: description: Name of the LDAP attribute whose value indicates the group name. type: str group_object_class: description: LDAP object class for groups. type: str group_search_level: description: Nested search level for performing group search. type: int group_search_path: description: Path used to search for groups on the directory server. type: str id: description: Unique identifier of the new LDAP server configuration. type: str is_global_catalog: description: Whether or not the catalog is global. Default value is false. type: bool ldap_server_type: description: Types of LDAP server. type: str ldap_server_type_l10n: description: Localized message string corresponding to ldap_server_type. type: str ldap_servers: description: List of IP addresses of the LDAP servers for the domain. IP addresses are in IPv4 format. type: list ldap_timeout: description: Timeout for establishing a connection to an LDAP server. Default value is 30000 (30 seconds). type: int port: description: Port number used to connect to the LDAP server(s). type: int protocol: description: Types of directory service protocol. type: str protocol_l10n: description: Localized message string corresponding to protocol. type: str user_id_attribute: description: Name of the LDAP attribute whose value indicates the unique identifier of the user. type: str user_object_class: description: LDAP object class for users. type: str user_search_path: description: Path used to search for users on the directory server. type: str description: Details of the LDAP domain configuration. returned: When LDAP domain configuration exists. sample: bind_user: cn=ldapadmin,dc=domain,dc=com domain_name: domain.com group_member_attribute: member group_name_attribute: cn group_object_class: groupOfNames group_search_level: 0 group_search_path: dc=domain,dc=com id: '9' is_global_catalog: false ldap_server_type: OpenLDAP ldap_server_type_l10n: OpenLDAP ldap_servers: - 10.xxx.xx.xxx ldap_timeout: 300000 port: 636 protocol: LDAPS protocol_l10n: LDAPS user_id_attribute: uid user_object_class: inetOrgPerson user_search_path: dc=domain,dc=com type: complex