W3cubDocs

/Ansible 2.11

fortinet.fortimanager.fmgr_user_radius – Configure RADIUS server entries.

Note

This plugin is part of the fortinet.fortimanager collection (version 2.0.1).

To install it use: ansible-galaxy collection install fortinet.fortimanager.

To use it in a playbook, specify: fortinet.fortimanager.fmgr_user_radius.

New in version 2.10: of fortinet.fortimanager

Synopsis
Parameters
Notes
Examples
Return Values

Synopsis

This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.

Parameters

Parameter				Choices/Defaults	Comments
adom string / required					the parameter (adom) in requested url
bypass_validation boolean				Choices: no ← yes	only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters
rc_failed list / elements=string					the rc codes list with which the conditions to fail will be overriden
rc_succeeded list / elements=string					the rc codes list with which the conditions to succeed will be overriden
state string / required				Choices: present absent	the directive to create, update or delete an object
user_radius dictionary					the top level parameters set
	accounting-server list / elements=string				no description
		id integer			ID (0 - 4294967295).
		port integer			RADIUS accounting port number.
		secret string			no description
		server string			{<name_str\|ip_str>} Server CN domain name or IP.
		source-ip string			Source IP address for communications to the RADIUS server.
		status string		Choices: disable enable	Status.
	acct-all-servers string			Choices: disable enable	Enable/disable sending of accounting messages to all configured servers (default = disable).
	acct-interim-interval integer				Time in seconds between each accounting interim update message.
	all-usergroup string			Choices: disable enable	Enable/disable automatically including this RADIUS server in all user groups.
	auth-type string			Choices: pap chap ms_chap ms_chap_v2 auto	Authentication methods/protocols permitted for this RADIUS server.
	class string				no description
	dynamic_mapping list / elements=string				no description
		_scope list / elements=string			no description
			name string		no description
			vdom string		no description
		acct-all-servers string		Choices: disable enable	no description
		acct-interim-interval integer			no description
		all-usergroup string		Choices: disable enable	no description
		auth-type string		Choices: pap chap ms_chap ms_chap_v2 auto	no description
		class string			no description
		dp-carrier-endpoint-attribute string		Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Vendor-Specific Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	no description
		dp-carrier-endpoint-block-attribute string		Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Vendor-Specific Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	no description
		dp-context-timeout integer			no description
		dp-flush-ip-session string		Choices: disable enable	no description
		dp-hold-time integer			no description
		dp-http-header string			no description
		dp-http-header-fallback string		Choices: ip-header-address default-profile	no description
		dp-http-header-status string		Choices: disable enable	no description
		dp-http-header-suppress string		Choices: disable enable	no description
		dp-log-dyn_flags list / elements=string		Choices: none protocol-error profile-missing context-missing accounting-stop-missed accounting-event radiusd-other endpoint-block	no description
		dp-log-period integer			no description
		dp-mem-percent integer			no description
		dp-profile-attribute string		Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Vendor-Specific Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	no description
		dp-profile-attribute-key string			no description
		dp-radius-response string		Choices: disable enable	no description
		dp-radius-server-port integer			no description
		dp-secret string			no description
		dp-validate-request-secret string		Choices: disable enable	no description
		dynamic-profile string		Choices: disable enable	no description
		endpoint-translation string		Choices: disable enable	no description
		ep-carrier-endpoint-convert-hex string		Choices: disable enable	no description
		ep-carrier-endpoint-header string			no description
		ep-carrier-endpoint-header-suppress string		Choices: disable enable	no description
		ep-carrier-endpoint-prefix string		Choices: disable enable	no description
		ep-carrier-endpoint-prefix-range-max integer			no description
		ep-carrier-endpoint-prefix-range-min integer			no description
		ep-carrier-endpoint-prefix-string string			no description
		ep-carrier-endpoint-source string		Choices: http-header cookie	no description
		ep-ip-header string			no description
		ep-ip-header-suppress string		Choices: disable enable	no description
		ep-missing-header-fallback string		Choices: session-ip policy-profile	no description
		ep-profile-query-type string		Choices: session-ip extract-ip extract-carrier-endpoint	no description
		h3c-compatibility string		Choices: disable enable	no description
		nas-ip string			no description
		password-encoding string		Choices: ISO-8859-1 auto	no description
		password-renewal string		Choices: disable enable	no description
		radius-coa string		Choices: disable enable	no description
		radius-port integer			no description
		rsso string		Choices: disable enable	no description
		rsso-context-timeout integer			no description
		rsso-endpoint-attribute string		Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	no description
		rsso-endpoint-block-attribute string		Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	no description
		rsso-ep-one-ip-only string		Choices: disable enable	no description
		rsso-flush-ip-session string		Choices: disable enable	no description
		rsso-log-flags list / elements=string		Choices: none protocol-error profile-missing context-missing accounting-stop-missed accounting-event radiusd-other endpoint-block	no description
		rsso-log-period integer			no description
		rsso-radius-response string		Choices: disable enable	no description
		rsso-radius-server-port integer			no description
		rsso-secret string			no description
		rsso-validate-request-secret string		Choices: disable enable	no description
		secondary-secret string			no description
		secondary-server string			no description
		secret string			no description
		server string			no description
		source-ip string			no description
		sso-attribute string		Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	no description
		sso-attribute-key string			no description
		sso-attribute-value-override string		Choices: disable enable	no description
		tertiary-secret string			no description
		tertiary-server string			no description
		timeout integer			no description
		use-group-for-profile string		Choices: disable enable	no description
		use-management-vdom string		Choices: disable enable	no description
		username-case-sensitive string		Choices: disable enable	no description
	h3c-compatibility string			Choices: disable enable	Enable/disable compatibility with the H3C, a mechanism that performs security checking for authentication.
	name string				RADIUS server entry name.
	nas-ip string				IP address used to communicate with the RADIUS server and used as NAS-IP-Address and Called-Station-ID attributes.
	password-encoding string			Choices: ISO-8859-1 auto	Password encoding.
	password-renewal string			Choices: disable enable	Enable/disable password renewal.
	radius-coa string			Choices: disable enable	Enable to allow a mechanism to change the attributes of an authentication, authorization, and accounting session after it is a...
	radius-port integer				RADIUS service port number.
	rsso string			Choices: disable enable	Enable/disable RADIUS based single sign on feature.
	rsso-context-timeout integer				Time in seconds before the logged out user is removed from the "user context list" of logged on users.
	rsso-endpoint-attribute string			Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	RADIUS attributes used to extract the user end point identifer from the RADIUS Start record.
	rsso-endpoint-block-attribute string			Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	RADIUS attributes used to block a user.
	rsso-ep-one-ip-only string			Choices: disable enable	Enable/disable the replacement of old IP addresses with new ones for the same endpoint on RADIUS accounting Start messages.
	rsso-flush-ip-session string			Choices: disable enable	Enable/disable flushing user IP sessions on RADIUS accounting Stop messages.
	rsso-log-flags list / elements=string			Choices: none protocol-error profile-missing context-missing accounting-stop-missed accounting-event radiusd-other endpoint-block	no description
	rsso-log-period integer				Time interval in seconds that group event log messages will be generated for dynamic profile events.
	rsso-radius-response string			Choices: disable enable	Enable/disable sending RADIUS response packets after receiving Start and Stop records.
	rsso-radius-server-port integer				UDP port to listen on for RADIUS Start and Stop records.
	rsso-secret string				no description
	rsso-validate-request-secret string			Choices: disable enable	Enable/disable validating the RADIUS request shared secret in the Start or End record.
	secondary-secret string				no description
	secondary-server string				{<name_str\|ip_str>} secondary RADIUS CN domain name or IP.
	secret string				no description
	server string				Primary RADIUS server CN domain name or IP address.
	source-ip string				Source IP address for communications to the RADIUS server.
	sso-attribute string			Choices: User-Name User-Password CHAP-Password NAS-IP-Address NAS-Port Service-Type Framed-Protocol Framed-IP-Address Framed-IP-Netmask Framed-Routing Filter-Id Framed-MTU Framed-Compression Login-IP-Host Login-Service Login-TCP-Port Reply-Message Callback-Number Callback-Id Framed-Route Framed-IPX-Network State Class Session-Timeout Idle-Timeout Termination-Action Called-Station-Id Calling-Station-Id NAS-Identifier Proxy-State Login-LAT-Service Login-LAT-Node Login-LAT-Group Framed-AppleTalk-Link Framed-AppleTalk-Network Framed-AppleTalk-Zone Acct-Status-Type Acct-Delay-Time Acct-Input-Octets Acct-Output-Octets Acct-Session-Id Acct-Authentic Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Multi-Session-Id Acct-Link-Count CHAP-Challenge NAS-Port-Type Port-Limit Login-LAT-Port	RADIUS attribute that contains the profile group name to be extracted from the RADIUS Start record.
	sso-attribute-key string				Key prefix for SSO group value in the SSO attribute.
	sso-attribute-value-override string			Choices: disable enable	Enable/disable override old attribute value with new value for the same endpoint.
	tertiary-secret string				no description
	tertiary-server string				{<name_str\|ip_str>} tertiary RADIUS CN domain name or IP.
	timeout integer				Time in seconds between re-sending authentication requests.
	use-management-vdom string			Choices: disable enable	Enable/disable using management VDOM to send requests.
	username-case-sensitive string			Choices: disable enable	Enable/disable case sensitive user names.
workspace_locking_adom string					the adom to lock for FortiManager running in workspace mode, the value can be global and others including root
workspace_locking_timeout integer				Default: 300	the maximum time in seconds to wait for other user to release the workspace lock

Notes

Note

Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state present directive.
To delete an object, use state absent directive.
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples

- hosts: fortimanager-inventory
  collections:
    - fortinet.fortimanager
  connection: httpapi
  vars:
     ansible_httpapi_use_ssl: True
     ansible_httpapi_validate_certs: False
     ansible_httpapi_port: 443
  tasks:
   - name: Configure RADIUS server entries.
     fmgr_user_radius:
        bypass_validation: False
        workspace_locking_adom: <value in [global, custom adom including root]>
        workspace_locking_timeout: 300
        rc_succeeded: [0, -2, -3, ...]
        rc_failed: [-2, -3, ...]
        adom: <your own value>
        state: <value in [present, absent]>
        user_radius:
           accounting-server:
             -
                 id: <value of integer>
                 port: <value of integer>
                 secret: <value of string>
                 server: <value of string>
                 source-ip: <value of string>
                 status: <value in [disable, enable]>
           acct-all-servers: <value in [disable, enable]>
           acct-interim-interval: <value of integer>
           all-usergroup: <value in [disable, enable]>
           auth-type: <value in [pap, chap, ms_chap, ...]>
           class: <value of string>
           dynamic_mapping:
             -
                 _scope:
                   -
                       name: <value of string>
                       vdom: <value of string>
                 acct-all-servers: <value in [disable, enable]>
                 acct-interim-interval: <value of integer>
                 all-usergroup: <value in [disable, enable]>
                 auth-type: <value in [pap, chap, ms_chap, ...]>
                 class: <value of string>
                 dp-carrier-endpoint-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
                 dp-carrier-endpoint-block-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
                 dp-context-timeout: <value of integer>
                 dp-flush-ip-session: <value in [disable, enable]>
                 dp-hold-time: <value of integer>
                 dp-http-header: <value of string>
                 dp-http-header-fallback: <value in [ip-header-address, default-profile]>
                 dp-http-header-status: <value in [disable, enable]>
                 dp-http-header-suppress: <value in [disable, enable]>
                 dp-log-dyn_flags:
                   - none
                   - protocol-error
                   - profile-missing
                   - context-missing
                   - accounting-stop-missed
                   - accounting-event
                   - radiusd-other
                   - endpoint-block
                 dp-log-period: <value of integer>
                 dp-mem-percent: <value of integer>
                 dp-profile-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
                 dp-profile-attribute-key: <value of string>
                 dp-radius-response: <value in [disable, enable]>
                 dp-radius-server-port: <value of integer>
                 dp-secret: <value of string>
                 dp-validate-request-secret: <value in [disable, enable]>
                 dynamic-profile: <value in [disable, enable]>
                 endpoint-translation: <value in [disable, enable]>
                 ep-carrier-endpoint-convert-hex: <value in [disable, enable]>
                 ep-carrier-endpoint-header: <value of string>
                 ep-carrier-endpoint-header-suppress: <value in [disable, enable]>
                 ep-carrier-endpoint-prefix: <value in [disable, enable]>
                 ep-carrier-endpoint-prefix-range-max: <value of integer>
                 ep-carrier-endpoint-prefix-range-min: <value of integer>
                 ep-carrier-endpoint-prefix-string: <value of string>
                 ep-carrier-endpoint-source: <value in [http-header, cookie]>
                 ep-ip-header: <value of string>
                 ep-ip-header-suppress: <value in [disable, enable]>
                 ep-missing-header-fallback: <value in [session-ip, policy-profile]>
                 ep-profile-query-type: <value in [session-ip, extract-ip, extract-carrier-endpoint]>
                 h3c-compatibility: <value in [disable, enable]>
                 nas-ip: <value of string>
                 password-encoding: <value in [ISO-8859-1, auto]>
                 password-renewal: <value in [disable, enable]>
                 radius-coa: <value in [disable, enable]>
                 radius-port: <value of integer>
                 rsso: <value in [disable, enable]>
                 rsso-context-timeout: <value of integer>
                 rsso-endpoint-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
                 rsso-endpoint-block-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
                 rsso-ep-one-ip-only: <value in [disable, enable]>
                 rsso-flush-ip-session: <value in [disable, enable]>
                 rsso-log-flags:
                   - none
                   - protocol-error
                   - profile-missing
                   - context-missing
                   - accounting-stop-missed
                   - accounting-event
                   - radiusd-other
                   - endpoint-block
                 rsso-log-period: <value of integer>
                 rsso-radius-response: <value in [disable, enable]>
                 rsso-radius-server-port: <value of integer>
                 rsso-secret: <value of string>
                 rsso-validate-request-secret: <value in [disable, enable]>
                 secondary-secret: <value of string>
                 secondary-server: <value of string>
                 secret: <value of string>
                 server: <value of string>
                 source-ip: <value of string>
                 sso-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
                 sso-attribute-key: <value of string>
                 sso-attribute-value-override: <value in [disable, enable]>
                 tertiary-secret: <value of string>
                 tertiary-server: <value of string>
                 timeout: <value of integer>
                 use-group-for-profile: <value in [disable, enable]>
                 use-management-vdom: <value in [disable, enable]>
                 username-case-sensitive: <value in [disable, enable]>
           h3c-compatibility: <value in [disable, enable]>
           name: <value of string>
           nas-ip: <value of string>
           password-encoding: <value in [ISO-8859-1, auto]>
           password-renewal: <value in [disable, enable]>
           radius-coa: <value in [disable, enable]>
           radius-port: <value of integer>
           rsso: <value in [disable, enable]>
           rsso-context-timeout: <value of integer>
           rsso-endpoint-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
           rsso-endpoint-block-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
           rsso-ep-one-ip-only: <value in [disable, enable]>
           rsso-flush-ip-session: <value in [disable, enable]>
           rsso-log-flags:
             - none
             - protocol-error
             - profile-missing
             - context-missing
             - accounting-stop-missed
             - accounting-event
             - radiusd-other
             - endpoint-block
           rsso-log-period: <value of integer>
           rsso-radius-response: <value in [disable, enable]>
           rsso-radius-server-port: <value of integer>
           rsso-secret: <value of string>
           rsso-validate-request-secret: <value in [disable, enable]>
           secondary-secret: <value of string>
           secondary-server: <value of string>
           secret: <value of string>
           server: <value of string>
           source-ip: <value of string>
           sso-attribute: <value in [User-Name, User-Password, CHAP-Password, ...]>
           sso-attribute-key: <value of string>
           sso-attribute-value-override: <value in [disable, enable]>
           tertiary-secret: <value of string>
           tertiary-server: <value of string>
           timeout: <value of integer>
           use-management-vdom: <value in [disable, enable]>
           username-case-sensitive: <value in [disable, enable]>

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
request_url string	always	The full url requested Sample: /sys/login/user
response_code integer	always	The status of api request
response_message string	always	The descriptive message of the api response Sample: OK.

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Frank Shen (@fshen01)
Hongbin Lu (@fgtdev-hblu)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/fortinet/fortimanager/fmgr_user_radius_module.html