purestorage.flashblade.purefb_ad (1.17.0) — module

Install collection

Install with ansible-galaxy collection install purestorage.flashblade:==1.17.0

Add to requirements.yml

  collections:
    - name: purestorage.flashblade
      version: 1.17.0

Description

Add or delete FlashBlade Active Directory Account

FlashBlade allows the creation of one AD computer account, or joining of an existing AD computer account.

Requirements

• python >= 2.7
• purity_fb >= 1.9
• netaddr
• pytz

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Create new AD account
  purestorage.flashblade.purefb_ad:
    name: ad_account
    computer: FLASHBLADE
    domain: acme.com
    username: Administrator
    password: Password
    join_ou: "CN=FakeOU"
    encryption:
    - aes128-cts-hmac-sha1-96
    - aes256-cts-hmac-sha1-96
    kerberos_servers:
    - kdc.acme.com
    directory_servers:
    - ldap.acme.com
    service_principals:
    - vip1.flashblade.acme.com
    fb_url: 10.10.10.2
    api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Connect to existing AD account
  purestorage.flashblade.purefb_ad:
    name: ad_account
    computer: FLASHBLADE
    domain: acme.com
    username: Administrator
    password: Password
    existing: true
    kerberos_servers:
    - kdc.acme.com
    directory_servers:
    - ldap.acme.com
    fb_url: 10.10.10.2
    api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Update existing AD account
  purestorage.flashblade.purefb_ad:
    name: ad_account
    encryption:
    - aes256-cts-hmac-sha1-96
    kerberos_servers:
    - kdc.acme.com
    directory_servers:
    - ldap.acme.com
    service_principals:
    - vip1.flashblade.acme.com
    fb_url: 10.10.10.2
    api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Delete local AD account
  purestorage.flashblade.purefb_ad:
    name: ad_account
    local_only: true
    fb_url: 10.10.10.2
    api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Fully delete AD account
  purestorage.flashblade.purefb_ad:
    name: ad_account
    fb_url: 10.10.10.2
    api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641

Inputs

    
name:
    description:
    - Name of the AD account
    required: true
    type: str

state:
    choices:
    - absent
    - present
    default: present
    description:
    - Define whether the AD sccount is deleted or not
    type: str

domain:
    description:
    - The Active Directory domain to join
    type: str

fb_url:
    description:
    - FlashBlade management IP address or Hostname.
    type: str

join_ou:
    description:
    - Location where the Computer account will be created. e.g. OU=Arrays,OU=Storage.
    - If left empty, defaults to B(CN=Computers).
    type: str

service:
    choices:
    - nfs
    - cifs
    - HOST
    default: nfs
    description:
    - Service protocol for Active Directory principals
    - Refer to FlashBlade User Guide for more details
    elements: str
    type: list

computer:
    description:
    - The common name of the computer account to be created in the Active Directory domain.
    - If not specified, defaults to the name of the Active Directory configuration.
    type: str

existing:
    default: false
    description:
    - Does the account I(name) already exist in the AD environment
    type: bool

password:
    description:
    - Password string for I(username)
    type: str

username:
    description:
    - A user capable of creating a computer account within the domain
    type: str

api_token:
    description:
    - FlashBlade API token for admin privileged user.
    type: str

encryption:
    choices:
    - aes256-sha1
    - aes128-sha1
    - arcfour-hmac
    default: aes256-sha1
    description:
    - The encryption types that will be supported for use by clients for Kerberos authentication
    elements: str
    type: list

local_only:
    default: false
    description:
    - Do a local-only delete of an active directory account
    type: bool

kerberos_servers:
    description:
    - A list of key distribution servers to use for Kerberos protocol
    - Accepted server formats are IP address and DNS name
    - All specified servers must be registered to the domain appropriately in the array
      configured DNS. If not specified, servers are resolved for the domain in DNS.
    - The specified list can have a maximum length of 5. If more are provided only the
      first 5 are used.
    elements: str
    type: list

directory_servers:
    description:
    - A list of directory servers that will be used for lookups related to user authorization
    - Accepted server formats are IP address and DNS name
    - All specified servers must be registered to the domain appropriately in the array
      configured DNS and will only be communicated with over the secure LDAP (LDAPS) protocol.
      If not specified, servers are resolved for the domain in DNS
    - The specified list can have a maximum length of 5. If more are provided only the
      first 5 are used.
    elements: str
    type: list

service_principals:
    description:
    - A list of either FQDNs or SPNs for registering services with the domain.
    - If not specified B(Computer Name.Domain) is used
    elements: str
    type: list