fortinet / fortinet.fortimanager / 2.4.0 / module / fmgr_authentication_scheme Configure Authentication Schemes. | "added in version" 2.1.0 of fortinet.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communityfortinet.fortimanager.fmgr_authentication_scheme (2.4.0) — module
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections: - name: fortinet.fortimanager version: 2.4.0
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Configure Authentication Schemes. fortinet.fortimanager.fmgr_authentication_scheme: # bypass_validation: false workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 # rc_succeeded: [0, -2, -3, ...] # rc_failed: [-2, -3, ...] adom: <your own value> state: present # <value in [present, absent]> authentication_scheme: domain_controller: <string> fsso_agent_for_ntlm: <string> fsso_guest: <value in [disable, enable]> kerberos_keytab: <string> method: - ntlm - basic - digest - form - negotiate - fsso - rsso - ssh-publickey - saml - cert - x-auth-user - saml-sp name: <string> negotiate_ntlm: <value in [disable, enable]> require_tfa: <value in [disable, enable]> ssh_ca: <string> user_database: <list or string> ems_device_owner: <value in [disable, enable]> saml_server: <string> saml_timeout: <integer> user_cert: <value in [disable, enable]>
adom: description: The parameter (adom) in requested url. required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int type: list enable_log: default: false description: Enable/Disable logging for task. type: bool access_token: description: The token to access FortiManager without using username and password. type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool authentication_scheme: description: The top level parameters set. required: false suboptions: domain-controller: description: Deprecated, please rename it to domain_controller. Domain controller setting. type: str ems-device-owner: choices: - disable - enable description: Deprecated, please rename it to ems_device_owner. Enable/disable SSH public-key authentication with device owner type: str fsso-agent-for-ntlm: description: Deprecated, please rename it to fsso_agent_for_ntlm. FSSO agent to use for NTLM authentication. type: str fsso-guest: choices: - disable - enable description: Deprecated, please rename it to fsso_guest. Enable/disable user fsso-guest authentication type: str kerberos-keytab: description: Deprecated, please rename it to kerberos_keytab. Kerberos keytab setting. type: str method: choices: - ntlm - basic - digest - form - negotiate - fsso - rsso - ssh-publickey - saml - cert - x-auth-user - saml-sp description: Authentication methods elements: str type: list name: description: Authentication scheme name. required: true type: str negotiate-ntlm: choices: - disable - enable description: Deprecated, please rename it to negotiate_ntlm. Enable/disable negotiate authentication for NTLM type: str require-tfa: choices: - disable - enable description: Deprecated, please rename it to require_tfa. Enable/disable two-factor authentication type: str saml-server: description: Deprecated, please rename it to saml_server. SAML configuration. type: str saml-timeout: description: Deprecated, please rename it to saml_timeout. SAML authentication timeout in seconds. type: int ssh-ca: description: Deprecated, please rename it to ssh_ca. SSH CA name. type: str user-cert: choices: - disable - enable description: Deprecated, please rename it to user_cert. Enable/disable authentication with user certificate type: str user-database: description: (list or str) Deprecated, please rename it to user_database. Authentication server to contain user information; local type: raw type: dict workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list