purestorage / purestorage.flashblade / 1.17.0 / module / purefb_ad Manage FlashBlade Active Directory Account | "added in version" 1.6.0 of purestorage.flashblade" Authors: Pure Storage Ansible Team (@sdodsley) <pure-ansible-team@purestorage.com> preview | supported by communitypurestorage.flashblade.purefb_ad (1.17.0) — module
Install with ansible-galaxy collection install purestorage.flashblade:==1.17.0
collections: - name: purestorage.flashblade version: 1.17.0
Add or delete FlashBlade Active Directory Account
FlashBlade allows the creation of one AD computer account, or joining of an existing AD computer account.
- name: Create new AD account purestorage.flashblade.purefb_ad: name: ad_account computer: FLASHBLADE domain: acme.com username: Administrator password: Password join_ou: "CN=FakeOU" encryption: - aes128-cts-hmac-sha1-96 - aes256-cts-hmac-sha1-96 kerberos_servers: - kdc.acme.com directory_servers: - ldap.acme.com service_principals: - vip1.flashblade.acme.com fb_url: 10.10.10.2 api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Connect to existing AD account purestorage.flashblade.purefb_ad: name: ad_account computer: FLASHBLADE domain: acme.com username: Administrator password: Password existing: true kerberos_servers: - kdc.acme.com directory_servers: - ldap.acme.com fb_url: 10.10.10.2 api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Update existing AD account purestorage.flashblade.purefb_ad: name: ad_account encryption: - aes256-cts-hmac-sha1-96 kerberos_servers: - kdc.acme.com directory_servers: - ldap.acme.com service_principals: - vip1.flashblade.acme.com fb_url: 10.10.10.2 api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Delete local AD account purestorage.flashblade.purefb_ad: name: ad_account local_only: true fb_url: 10.10.10.2 api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Fully delete AD account purestorage.flashblade.purefb_ad: name: ad_account fb_url: 10.10.10.2 api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
name: description: - Name of the AD account required: true type: str state: choices: - absent - present default: present description: - Define whether the AD sccount is deleted or not type: str domain: description: - The Active Directory domain to join type: str fb_url: description: - FlashBlade management IP address or Hostname. type: str join_ou: description: - Location where the Computer account will be created. e.g. OU=Arrays,OU=Storage. - If left empty, defaults to B(CN=Computers). type: str service: choices: - nfs - cifs - HOST default: nfs description: - Service protocol for Active Directory principals - Refer to FlashBlade User Guide for more details elements: str type: list computer: description: - The common name of the computer account to be created in the Active Directory domain. - If not specified, defaults to the name of the Active Directory configuration. type: str existing: default: false description: - Does the account I(name) already exist in the AD environment type: bool password: description: - Password string for I(username) type: str username: description: - A user capable of creating a computer account within the domain type: str api_token: description: - FlashBlade API token for admin privileged user. type: str encryption: choices: - aes256-sha1 - aes128-sha1 - arcfour-hmac default: aes256-sha1 description: - The encryption types that will be supported for use by clients for Kerberos authentication elements: str type: list local_only: default: false description: - Do a local-only delete of an active directory account type: bool kerberos_servers: description: - A list of key distribution servers to use for Kerberos protocol - Accepted server formats are IP address and DNS name - All specified servers must be registered to the domain appropriately in the array configured DNS. If not specified, servers are resolved for the domain in DNS. - The specified list can have a maximum length of 5. If more are provided only the first 5 are used. elements: str type: list directory_servers: description: - A list of directory servers that will be used for lookups related to user authorization - Accepted server formats are IP address and DNS name - All specified servers must be registered to the domain appropriately in the array configured DNS and will only be communicated with over the secure LDAP (LDAPS) protocol. If not specified, servers are resolved for the domain in DNS - The specified list can have a maximum length of 5. If more are provided only the first 5 are used. elements: str type: list service_principals: description: - A list of either FQDNs or SPNs for registering services with the domain. - If not specified B(Computer Name.Domain) is used elements: str type: list