Note
This plugin is part of the theforeman.foreman collection (version 2.2.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install theforeman.foreman
.
To use it in a playbook, specify: theforeman.foreman.auth_source_ldap
.
New in version 1.0.0: of theforeman.foreman
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
account string | Account name to use when accessing the LDAP server. | |
account_password string | Account password to use when accessing the LDAP server. Required when using onthefly_register. When this parameter is set, the module will not be idempotent. | |
attr_firstname string | Attribute containing first name. Required when using onthefly_register. | |
attr_lastname string | Attribute containing last name. Required when using onthefly_register. | |
attr_login string | Attribute containing login ID. Required when using onthefly_register. | |
attr_mail string | Attribute containing email address. Required when using onthefly_register. | |
attr_photo string | Attribute containing user photo | |
base_dn string | The base DN to use when searching. | |
groups_base string | Base DN where groups reside. | |
host string / required | The hostname of the LDAP server | |
ldap_filter string | Filter to apply to LDAP searches | |
locations list / elements=string | List of locations the entity should be assigned to | |
name string / required | The name of the LDAP authentication source | |
onthefly_register boolean |
| Whether or not to register users on the fly. |
organizations list / elements=string | List of organizations the entity should be assigned to | |
password string / required | Password of the user accessing the Foreman server. If the value is not specified in the task, the value of environment variable FOREMAN_PASSWORD will be used instead. | |
port integer | Default: 389 | The port number of the LDAP server |
server_type string |
| Type of the LDAP server |
server_url string / required | URL of the Foreman server. If the value is not specified in the task, the value of environment variable FOREMAN_SERVER_URL will be used instead. | |
state string |
| State of the entity |
tls boolean |
| Whether or not to use TLS when contacting the LDAP server. |
use_netgroups boolean |
| Whether to use NIS netgroups instead of posix groups, not valid for server_type=active_directory
|
usergroup_sync boolean |
| Whether or not to sync external user groups on login |
username string / required | Username accessing the Foreman server. If the value is not specified in the task, the value of environment variable FOREMAN_USERNAME will be used instead. | |
validate_certs boolean |
| Whether or not to verify the TLS certificates of the Foreman server. If the value is not specified in the task, the value of environment variable FOREMAN_VALIDATE_CERTS will be used instead. |
- name: LDAP Authentication source theforeman.foreman.auth_source_ldap: name: "Example LDAP" host: "ldap.example.org" server_url: "https://foreman.example.com" locations: - "Uppsala" organizations: - "Sweden" username: "admin" password: "changeme" state: present - name: LDAP Authentication with automatic registration theforeman.foreman.auth_source_ldap: name: "Example LDAP" host: "ldap.example.org" onthefly_register: True account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com account_password: secret base_dn: dc=example,dc=com groups_base: cn=groups,cn=accounts, dc=example,dc=com server_type: free_ipa attr_login: uid attr_firstname: givenName attr_lastname: sn attr_mail: mail attr_photo: jpegPhoto server_url: "https://foreman.example.com" username: "admin" password: "changeme" state: present
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | |
---|---|---|---|
entity dictionary | success | Final state of the affected entities grouped by their type. | |
auth_source_ldaps list / elements=dictionary | success | List of auth sources for LDAP. |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/theforeman/foreman/auth_source_ldap_module.html