community.general.udm_user – Manage posix users on a univention corporate server
Note
This plugin is part of the community.general collection (version 3.8.1).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.udm_user
.
Synopsis
- This module allows to manage posix users on a univention corporate server (UCS). It uses the python API of the UCS to create a new object or edit it.
Requirements
The below requirements are needed on the host that executes this module.
- Python >= 2.6
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
birthday string | Birthday | |
city string | City of users business address. | |
country string | Country of users business address. | |
department_number string | Department number of users business address. aliases: departmentNumber | |
description string | Description (not gecos) | |
display_name string | Display name (not gecos) aliases: displayName | |
email list / elements=string | Default: [""] | A list of e-mail addresses. |
employee_number string | Employee number aliases: employeeNumber | |
employee_type string | Employee type aliases: employeeType | |
firstname string | First name. Required if state=present . | |
gecos string | GECOS | |
groups list / elements=string | Default: [] | POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: (&(objectClass=posixGroup (cn=$GROUP))). |
home_share string | Home NFS share. Must be a LDAP DN, e.g. cn=home,cn=shares,ou=school,dc=example,dc=com .aliases: homeShare | |
home_share_path string | Path to home NFS share, inside the homeShare. aliases: homeSharePath | |
home_telephone_number list / elements=string | Default: [] | List of private telephone numbers. aliases: homeTelephoneNumber |
homedrive string | Windows home drive, e.g. "H:" . | |
lastname string | Last name. Required if state=present . | |
mail_alternative_address list / elements=string | Default: [] | List of alternative e-mail addresses. aliases: mailAlternativeAddress |
mail_home_server string | FQDN of mail server aliases: mailHomeServer | |
mail_primary_address string | Primary e-mail address aliases: mailPrimaryAddress | |
mobile_telephone_number list / elements=string | Default: [] | Mobile phone number aliases: mobileTelephoneNumber |
organisation string | Organisation aliases: organization | |
ou string | Default: "" | Organizational Unit inside the LDAP Base DN, e.g. school for LDAP OU ou=school,dc=example,dc=com . |
overridePWHistory boolean |
| Override password history aliases: override_pw_history |
overridePWLength boolean |
| Override password check aliases: override_pw_length |
pager_telephonenumber list / elements=string | Default: [] | List of pager telephone numbers. aliases: pagerTelephonenumber |
password string | Password. Required if state=present . | |
phone list / elements=string | List of telephone numbers. | |
position string | Default: "" | Define the whole position of users object inside the LDAP tree, e.g. cn=employee,cn=users,ou=school,dc=example,dc=com . |
postcode string | Postal code of users business address. | |
primary_group string | Primary group. This must be the group LDAP DN. If not specified, it defaults to cn=Domain Users,cn=groups,$LDAP_BASE_DN .aliases: primaryGroup | |
profilepath string | Windows profile directory | |
pwd_change_next_login string |
| Change password on next login. aliases: pwdChangeNextLogin |
room_number string | Room number of users business address. aliases: roomNumber | |
samba_privileges list / elements=string | Samba privilege, like allow printer administration, do domain join. aliases: sambaPrivileges | |
samba_user_workstations list / elements=string | Allow the authentication only on this Microsoft Windows host. aliases: sambaUserWorkstations | |
sambahome string | Windows home path, e.g. '\\$FQDN\$USERNAME' . | |
scriptpath string | Windows logon script. | |
secretary list / elements=string | Default: [] | A list of superiors as LDAP DNs. |
serviceprovider list / elements=string | Default: [""] | Enable user for the following service providers. |
shell string | Default: "/bin/bash" | Login shell |
state string |
| Whether the user is present or not. |
street string | Street of users business address. | |
subpath string | Default: "cn=users" | LDAP subpath inside the organizational unit, e.g. cn=teachers,cn=users for LDAP container cn=teachers,cn=users,dc=example,dc=com . |
title string | Title, e.g. Prof. . | |
unixhome string | Unix home directory If not specified, it defaults to /home/$USERNAME . | |
update_password string |
| always will update passwords if they differ. on_create will only set the password for newly created users. |
userexpiry string | Account expiry date, e.g. 1999-12-31 .If not specified, it defaults to the current day plus one year. | |
username string / required | User name aliases: name |
Examples
- name: Create a user on a UCS community.general.udm_user: name: FooBar password: secure_password firstname: Foo lastname: Bar - name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com) community.general.udm_user: name: foo password: secure_password firstname: Foo lastname: Bar ou: school subpath: 'cn=teachers,cn=users' # or define the position - name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com) community.general.udm_user: name: foo password: secure_password firstname: Foo lastname: Bar position: 'cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com'
Authors
- Tobias Rüetschi (@keachi)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/udm_user_module.html