W3cubDocs

/Ansible

fortinet.fortios.fortios_authentication_setting – Configure authentication setting in Fortinet’s FortiOS and FortiGate.

Note

This plugin is part of the fortinet.fortios collection (version 2.1.2).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_authentication_setting.

New in version 2.10: of fortinet.fortios

Synopsis
Requirements
Parameters
Notes
Examples
Return Values

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify authentication feature and setting category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

ansible>=2.9.0

Parameters

Parameter			Choices/Defaults	Comments
access_token string				Token-based authentication. Generated from GUI of Fortigate.
authentication_setting dictionary				Configure authentication setting.
	active_auth_scheme string			Active authentication method (scheme name). Source authentication.scheme.name.
	auth_https string		Choices: enable disable	Enable/disable redirecting HTTP user authentication to HTTPS.
	captive_portal string			Captive portal host name. Source firewall.address.name.
	captive_portal6 string			IPv6 captive portal host name. Source firewall.address6.name.
	captive_portal_ip string			Captive portal IP address.
	captive_portal_ip6 string			Captive portal IPv6 address.
	captive_portal_port integer			Captive portal port number (1 - 65535).
	captive_portal_ssl_port integer			Captive portal SSL port number (1 - 65535).
	captive_portal_type string		Choices: fqdn ip	Captive portal type.
	dev_range list / elements=string			Address range for the IP based device query.
		name string / required		Address name. Source firewall.address.name firewall.addrgrp.name.
	sso_auth_scheme string			Single-Sign-On authentication method (scheme name). Source authentication.scheme.name.
	user_cert_ca string			CA certificate used for client certificate verification.
		name string / required		CA certificate list. Source vpn.certificate.ca.name.
enable_log boolean			Choices: no ← yes	Enable/Disable logging for task.
vdom string			Default: "root"	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.

Notes

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- hosts: fortigates
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Configure authentication setting.
    fortios_authentication_setting:
      vdom:  "{{ vdom }}"
      authentication_setting:
        active_auth_scheme: "<your_own_value> (source authentication.scheme.name)"
        auth_https: "enable"
        captive_portal: "<your_own_value> (source firewall.address.name)"
        captive_portal_ip: "<your_own_value>"
        captive_portal_ip6: "<your_own_value>"
        captive_portal_port: "8"
        captive_portal_ssl_port: "9"
        captive_portal_type: "fqdn"
        captive_portal6: "<your_own_value> (source firewall.address6.name)"
        dev_range:
         -
            name: "default_name_13 (source firewall.address.name firewall.addrgrp.name)"
        sso_auth_scheme: "<your_own_value> (source authentication.scheme.name)"
        user_cert_ca:
         -
            name: "default_name_16 (source vpn.certificate.ca.name)"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
build string	always	Build number of the fortigate image Sample: 1547
http_method string	always	Last method used to provision the content into FortiGate Sample: PUT
http_status string	always	Last result given by FortiGate on last operation applied Sample: 200
mkey string	success	Master key (id) used in the last call to FortiGate Sample: id
name string	always	Name of the table used to fulfill the request Sample: urlfilter
path string	always	Path of the table used to fulfill the request Sample: webfilter
revision string	always	Internal revision number Sample: 17.0.2.10658
serial string	always	Serial number of the unit Sample: FGVMEVYYQT3AB5352
status string	always	Indication of the operation's result Sample: success
vdom string	always	Virtual domain used Sample: root
version string	always	Version of the FortiGate Sample: v5.6.3

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_authentication_setting_module.html