freeipa / freeipa.ansible_freeipa / 1.11.1 / module / ipagroup Manage FreeIPA groups Authors: Thomas Woerner (@t-woerner) preview | supported by communityfreeipa.ansible_freeipa.ipagroup (1.11.1) — module
Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.11.1
collections: - name: freeipa.ansible_freeipa version: 1.11.1
Manage FreeIPA groups
# Create group ops with gid 1234 - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: ops gidnumber: 1234
# Create group sysops - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: sysops
# Create group appops - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: appops
# Create multiple groups ops, sysops - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword groups: - name: ops gidnumber: 1234 - name: sysops
# Add user member pinky to group sysops - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: sysops action: member user: - pinky
# Add user member brain to group sysops - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: sysops action: member user: - brain
# Add group members sysops and appops to group ops - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: ops group: - sysops - appops
# Add user and group members to groups sysops and appops - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword groups: - name: sysops user: - user1 - name: appops group: - group2
# Create a non-POSIX group - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: nongroup nonposix: yes
# Turn a non-POSIX group into a POSIX group. - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: nonposix posix: yes
# Create an external group and add members from a trust to it. - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: extgroup external: yes externalmember: - WINIPA\Web Users - WINIPA\Developers
# Create multiple non-POSIX and external groups - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword groups: - name: nongroup nonposix: true - name: extgroup external: true
# Remove groups sysops, appops, ops and nongroup - freeipa.ansible_freeipa.ipagroup: ipaadmin_password: SomeADMINpassword name: sysops,appops,ops, nongroup state: absent
gid: aliases: - gidnumber description: The GID required: false type: int name: aliases: - cn description: The group name elements: str required: false type: list user: description: List of user names assigned to this group. elements: str required: false type: list group: description: List of group names assigned to this group. elements: str required: false type: list posix: description: Create a non-POSIX group or change a non-POSIX to a posix group. required: false type: bool state: choices: - present - absent default: present description: State to ensure type: str action: choices: - member - group default: group description: Work on group or member level type: str groups: description: The list of group dicts (internally gid). elements: dict suboptions: description: description: The group description required: false type: str external: description: Allow adding external non-IPA members from trusted domains required: false type: bool externalmember: aliases: - ipaexternalmember - external_member description: - List of members of a trusted domain in DOM\name or name@domain form. elements: str required: false type: list gid: aliases: - gidnumber description: The GID required: false type: int group: description: List of group names assigned to this group. elements: str required: false type: list idoverrideuser: description: - User ID overrides to add elements: str required: false type: list membermanager_group: description: - List of member manager groups assigned to this group. - Only usable with IPA versions 4.8.4 and up. elements: str required: false type: list membermanager_user: description: - List of member manager users assigned to this group. - Only usable with IPA versions 4.8.4 and up. elements: str required: false type: list name: aliases: - cn description: The group (internally gid). required: true type: str nomembers: description: Suppress processing of membership attributes required: false type: bool nonposix: description: Create as a non-POSIX group required: false type: bool posix: description: Create a non-POSIX group or change a non-POSIX to a posix group. required: false type: bool service: description: - List of service names assigned to this group. - Only usable with IPA versions 4.7 and up. elements: str required: false type: list user: description: List of user names assigned to this group. elements: str required: false type: list type: list service: description: - List of service names assigned to this group. - Only usable with IPA versions 4.7 and up. elements: str required: false type: list external: description: Allow adding external non-IPA members from trusted domains required: false type: bool nonposix: description: Create as a non-POSIX group required: false type: bool nomembers: description: Suppress processing of membership attributes required: false type: bool description: description: The group description required: false type: str externalmember: aliases: - ipaexternalmember - external_member description: - List of members of a trusted domain in DOM\name or name@domain form. elements: str required: false type: list idoverrideuser: description: - User ID overrides to add elements: str required: false type: list ipaapi_context: choices: - server - client description: 'The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. ' required: false type: str ipaadmin_password: description: The admin password. required: false type: str ipaapi_ldap_cache: default: true description: Use LDAP cache for IPA connection. type: bool ipaadmin_principal: default: admin description: The admin principal. type: str membermanager_user: description: - List of member manager users assigned to this group. - Only usable with IPA versions 4.8.4 and up. elements: str required: false type: list membermanager_group: description: - List of member manager groups assigned to this group. - Only usable with IPA versions 4.8.4 and up. elements: str required: false type: list