Try SpotterManage Foreman LDAP authentication sources using Foreman API
Authors: Christoffer Reijer (@ephracis) Basalt AB
preview | supported by community
Install with ansible-galaxy collection install theforeman.foreman:==0.8.1
collections:
- name: theforeman.foreman
version: 0.8.1Create and Delete Foreman LDAP authentication sources using Foreman API
- name: LDAP Authentication source
foreman_auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
server_url: "https://foreman.example.com"
locations:
- "Uppsala"
organizations:
- "Sweden"
username: "admin"
password: "secret"
state: present
- name: LDAP Authentication with automatic registration
foreman_auth_source_ldap:
name: "Example LDAP"
host: "ldap.example.org"
onthefly_register: True
account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com
account_password: secret
base_dn: dc=example,dc=com
groups_base: cn=groups,cn=accounts, dc=example,dc=com
server_type: free_ipa
attr_login: uid
attr_firstname: givenName
attr_lastname: sn
attr_mail: mail
attr_photo: jpegPhoto
server_url: "https://foreman.example.com"
username: "admin"
password: "secret"
state: present
tls:
description: Whether or not to use TLS when contacting the LDAP server.
required: false
type: bool
host:
description: The hostname of the LDAP server
required: true
type: str
name:
description: The name of the LDAP authentication source
required: true
type: str
port:
default: 389
description: The port number of the LDAP server
required: false
type: int
state:
choices:
- present
- absent
default: present
description:
- State of the entity in Foreman
type: str
account:
description: Account name to use when accessing the LDAP server.
required: false
type: str
base_dn:
description: The base DN to use when searching.
required: false
type: str
password:
description: Password of the user accessing the Foreman server
required: true
type: str
username:
description: Username accessing the Foreman server
required: true
type: str
attr_mail:
description:
- Attribute containing email address.
- Required when using I(onthefly_register).
required: false
type: str
locations:
description: List of locations the entity should be assigned to
elements: str
type: list
attr_login:
description:
- Attribute containing login ID.
- Required when using I(onthefly_register).
required: false
type: str
attr_photo:
description: Attribute containing user photo
required: false
type: str
server_url:
description: URL of the Foreman server
required: true
type: str
groups_base:
description: Base DN where groups reside.
required: false
type: str
ldap_filter:
description: Filter to apply to LDAP searches
required: false
type: str
server_type:
choices:
- free_ipa
- active_directory
- posix
description: Type of the LDAP server
required: false
type: str
attr_lastname:
description:
- Attribute containing last name.
- Required when using I(onthefly_register).
required: false
type: str
organizations:
description: List of organizations the entity should be assigned to
elements: str
type: list
use_netgroups:
description: Whether to use NIS netgroups instead of posix groups, not valid for I(server_type=active_directory)
required: false
type: bool
attr_firstname:
description:
- Attribute containing first name.
- Required when using I(onthefly_register).
required: false
type: str
usergroup_sync:
description: Whether or not to sync external user groups on login
required: false
type: bool
validate_certs:
aliases:
- verify_ssl
default: true
description: Whether or not to verify the TLS certificates of the Foreman server
type: bool
account_password:
description:
- Account password to use when accessing the LDAP server.
- Required when using I(onthefly_register).
- When this parameter is set, the module will not be idempotent.
required: false
type: str
onthefly_register:
description: Whether or not to register users on the fly.
required: false
type: bool