theforeman / theforeman.foreman / 4.0.0 / module / auth_source_ldap Manage LDAP Authentication Sources | "added in version" 1.0.0 of theforeman.foreman" Authors: Christoffer Reijer (@ephracis) Basalt ABtheforeman.foreman.auth_source_ldap (4.0.0) — module
Install with ansible-galaxy collection install theforeman.foreman:==4.0.0
collections: - name: theforeman.foreman version: 4.0.0
Create, update, and delete LDAP authentication sources
- name: Simple FreeIPA authentication source theforeman.foreman.auth_source_ldap: name: "Example LDAP" host: "ldap.example.org" server_url: "https://foreman.example.com" locations: - "Uppsala" organizations: - "Sweden" username: "admin" password: "changeme" state: present
- name: FreeIPA with automatic registration theforeman.foreman.auth_source_ldap: name: "Example LDAP" host: "ldap.example.org" onthefly_register: true account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com account_password: secret base_dn: dc=example,dc=com groups_base: cn=groups,cn=accounts, dc=example,dc=com server_type: free_ipa attr_login: uid attr_firstname: givenName attr_lastname: sn attr_mail: mail attr_photo: jpegPhoto server_url: "https://foreman.example.com" username: "admin" password: "changeme" state: present
- name: Active Directory with automatic registration theforeman.foreman.auth_source_ldap: name: "Example AD" host: "ad.example.org" onthefly_register: true account: EXAMPLE\ansible account_password: secret base_dn: cn=Users,dc=example,dc=com groups_base: cn=Users,dc=example,dc=com server_type: active_directory attr_login: sAMAccountName attr_firstname: givenName attr_lastname: sn attr_mail: mail ldap_filter: (memberOf=CN=Domain Users,CN=Users,DC=example,DC=com) server_url: "https://foreman.example.com" username: "admin" password: "changeme" state: present
tls: description: Whether or not to use TLS when contacting the LDAP server. required: false type: bool host: description: The hostname of the LDAP server required: true type: str name: description: The name of the LDAP authentication source required: true type: str port: default: 389 description: The port number of the LDAP server required: false type: int state: choices: - present - absent default: present description: - State of the entity type: str account: description: Account name to use when accessing the LDAP server. required: false type: str base_dn: description: The base DN to use when searching. required: false type: str password: description: - Password of the user accessing the Foreman server. - If the value is not specified in the task, the value of environment variable C(FOREMAN_PASSWORD) will be used instead. required: true type: str username: description: - Username accessing the Foreman server. - If the value is not specified in the task, the value of environment variable C(FOREMAN_USERNAME) will be used instead. required: true type: str attr_mail: description: - Attribute containing email address. - Required when using I(onthefly_register). required: false type: str locations: description: List of locations the entity should be assigned to elements: str type: list attr_login: description: - Attribute containing login ID. - Required when using I(onthefly_register). required: false type: str attr_photo: description: Attribute containing user photo required: false type: str server_url: description: - URL of the Foreman server. - If the value is not specified in the task, the value of environment variable C(FOREMAN_SERVER_URL) will be used instead. required: true type: str groups_base: description: Base DN where groups reside. required: false type: str ldap_filter: description: Filter to apply to LDAP searches required: false type: str server_type: choices: - free_ipa - active_directory - posix description: Type of the LDAP server required: false type: str attr_lastname: description: - Attribute containing last name. - Required when using I(onthefly_register). required: false type: str organizations: description: List of organizations the entity should be assigned to elements: str type: list use_netgroups: description: Whether to use NIS netgroups instead of posix groups, not valid for I(server_type=active_directory) required: false type: bool attr_firstname: description: - Attribute containing first name. - Required when using I(onthefly_register). required: false type: str usergroup_sync: description: Whether or not to sync external user groups on login required: false type: bool validate_certs: default: true description: - Whether or not to verify the TLS certificates of the Foreman server. - If the value is not specified in the task, the value of environment variable C(FOREMAN_VALIDATE_CERTS) will be used instead. type: bool account_password: description: - Account password to use when accessing the LDAP server. - Required when using I(onthefly_register). - When this parameter is set, the module will not be idempotent. required: false type: str onthefly_register: description: Whether or not to register users on the fly. required: false type: bool
entity: contains: auth_source_ldaps: description: List of auth sources for LDAP. elements: dict type: list description: Final state of the affected entities grouped by their type. returned: success type: dict