freeipa.ansible_freeipa.ipatrust (1.11.1) — module

Manage FreeIPA Domain Trusts.

Authors: Rob Verduijn (@RobVerduijn), Thomas Woerner (@t-woerner)

preview | supported by community

Install collection

Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.11.1


Add to requirements.yml

  collections:
    - name: freeipa.ansible_freeipa
      version: 1.11.1

Description

Manage FreeIPA Domain Trusts.

Usage examples

1
  • Hint
    Tasks should always be named using the name parameter.
# add ad-trust
- freeipa.ansible_freeipa.ipatrust:
    ipaadmin_password: SomeADMINpassword
    realm: ad.example.test
    trust_type: ad
    admin: Administrator
    password: SomeW1Npassword
    state: present
1
  • Hint
    Tasks should always be named using the name parameter.
# delete ad-trust
- freeipa.ansible_freeipa.ipatrust:
    ipaadmin_password: SomeADMINpassword
    realm: ad.example.test
    state: absent

Inputs

    
admin:
    description:
    - Active Directory domain administrator
    required: false
    type: str

realm:
    description:
    - Realm name
    required: true
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description: State to ensure
    required: false
    type: str

server:
    description:
    - Domain controller for the Active Directory domain (optional)
    required: false
    type: str

base_id:
    description:
    - First Posix ID of the range reserved for the trusted domain
    required: false
    type: int

two_way:
    default: false
    description:
    - Establish bi-directional trust. By default trust is inbound one-way only.
    required: false
    type: bool

external:
    default: false
    description:
    - Establish external trust to a domain in another forest.
    - The trust is not transitive beyond the domain.
    required: false
    type: bool

password:
    description:
    - Active Directory domain administrator's password
    required: false
    type: str

range_size:
    default: 200000
    description:
    - Size of the ID range reserved for the trusted domain
    type: int

range_type:
    choices:
    - ipa-ad-trust-posix
    - ipa-ad-trust
    default: ipa-ad-trust
    description:
    - Type of trusted domain ID range, one of ipa-ad-trust, ipa-ad-trust-posix
    required: false
    type: str

trust_type:
    choices:
    - ad
    default: ad
    description:
    - Trust type (ad for Active Directory, default)
    required: false
    type: str

trust_secret:
    description:
    - Shared secret for the trust
    required: false
    type: str

ipaapi_context:
    choices:
    - server
    - client
    description: 'The context in which the module will execute. Executing in a

      server context is preferred. If not provided context will be

      determined by the execution environment.

      '
    required: false
    type: str

ipaadmin_password:
    description: The admin password.
    required: false
    type: str

ipaapi_ldap_cache:
    default: true
    description: Use LDAP cache for IPA connection.
    type: bool

ipaadmin_principal:
    default: admin
    description: The admin principal.
    type: str