Note
This plugin is part of the purestorage.flasharray collection (version 1.11.0).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install purestorage.flasharray.
To use it in a playbook, specify: purestorage.flasharray.purefa_ad.
New in version 1.9.0: of purestorage.flasharray
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| api_token string | FlashArray API token for admin privileged user. | |
| computer string | The common name of the computer account to be created in the Active Directory domain. If not specified, defaults to the name of the Active Directory configuration. | |
| directory_servers list / elements=string | A list of directory servers that will be used for lookups related to user authorization Accepted server formats are IP address and DNS name All specified servers must be registered to the domain appropriately in the array configured DNS and are only communicated with over the secure LDAP (LDAPS) protocol. If not specified, servers are resolved for the domain in DNS The specified list can have a maximum length of 1, or 3 for Purity 6.1.6 or higher. If more are provided only the first allowed count used. | |
| domain string | The Active Directory domain to join | |
| fa_url string | FlashArray management IPv4 address or Hostname. | |
| join_ou string added in 1.10.0 of purestorage.flasharray | Distinguished name of organization unit in which the computer account should be created when joining the domain. e.g. OU=Arrays,OU=Storage. The DC=... components can be omitted. If left empty, defaults to CN=Computers. Requires Purity//FA 6.1.8 or higher | |
| kerberos_servers list / elements=string | A list of key distribution servers to use for Kerberos protocol Accepted server formats are IP address and DNS name All specified servers must be registered to the domain appropriately in the array configured DNS and are only communicated with over the secure LDAP (LDAPS) protocol. If not specified, servers are resolved for the domain in DNS. The specified list can have a maximum length of 1, or 3 for Purity 6.1.6 or higher. If more are provided only the first allowed count used. | |
| local_only boolean |
| Do a local-only delete of an active directory account |
| name string / required | Name of the AD account | |
| password string | Password string for username
| |
| state string |
| Define whether the AD sccount is deleted or not |
| username string | A user capable of creating a computer account within the domain |
Note
purestorage and py-pure-client Python librariesPUREFA_URL and PUREFA_API environment variables if fa_url and api_token arguments are not passed to the module directly- name: Create new AD account
purefa_ad:
name: ad_account
computer: FLASHARRAY
domain: acme.com
join_ou: "OU=Acme,OU=Dev"
username: Administrator
password: Password
kerberos_servers:
- kdc.acme.com
directory_servers:
- ldap.acme.com
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Delete AD account locally
purefa_ad:
name: ad_account
local_only: True
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Fully delete AD account. Note that correct AD permissions are required
purefa_ad:
name: ad_account
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/purestorage/flasharray/purefa_ad_module.html