theforeman.foreman.auth_source_ldap – Manage LDAP Authentication Sources

Note

This plugin is part of the theforeman.foreman collection (version 1.5.1).

To install it use: ansible-galaxy collection install theforeman.foreman.

To use it in a playbook, specify: theforeman.foreman.auth_source_ldap.

New in version 1.0.0: of theforeman.foreman

Synopsis
Requirements
Parameters
Examples
Return Values

Synopsis

Create, update, and delete LDAP authentication sources

Requirements

The below requirements are needed on the host that executes this module.

requests

Parameters

Parameter	Choices/Defaults	Comments
account string		Account name to use when accessing the LDAP server.
account_password string		Account password to use when accessing the LDAP server. Required when using onthefly_register. When this parameter is set, the module will not be idempotent.
attr_firstname string		Attribute containing first name. Required when using onthefly_register.
attr_lastname string		Attribute containing last name. Required when using onthefly_register.
attr_login string		Attribute containing login ID. Required when using onthefly_register.
attr_mail string		Attribute containing email address. Required when using onthefly_register.
attr_photo string		Attribute containing user photo
base_dn string		The base DN to use when searching.
groups_base string		Base DN where groups reside.
host string / required		The hostname of the LDAP server
ldap_filter string		Filter to apply to LDAP searches
locations list / elements=string		List of locations the entity should be assigned to
name string / required		The name of the LDAP authentication source
onthefly_register boolean	Choices: no yes	Whether or not to register users on the fly.
organizations list / elements=string		List of organizations the entity should be assigned to
password string / required		Password of the user accessing the Foreman server. If the value is not specified in the task, the value of environment variable `FOREMAN_PASSWORD` will be used instead.
port integer	Default: 389	The port number of the LDAP server
server_type string	Choices: free_ipa active_directory posix	Type of the LDAP server
server_url string / required		URL of the Foreman server. If the value is not specified in the task, the value of environment variable `FOREMAN_SERVER_URL` will be used instead.
state string	Choices: present ← absent	State of the entity
tls boolean	Choices: no yes	Whether or not to use TLS when contacting the LDAP server.
use_netgroups boolean	Choices: no yes	Whether to use NIS netgroups instead of posix groups, not valid for server_type=active_directory
usergroup_sync boolean	Choices: no yes	Whether or not to sync external user groups on login
username string / required		Username accessing the Foreman server. If the value is not specified in the task, the value of environment variable `FOREMAN_USERNAME` will be used instead.
validate_certs boolean	Choices: no yes ←	Whether or not to verify the TLS certificates of the Foreman server. If the value is not specified in the task, the value of environment variable `FOREMAN_VALIDATE_CERTS` will be used instead.

Examples

- name: LDAP Authentication source
  theforeman.foreman.auth_source_ldap:
    name: "Example LDAP"
    host: "ldap.example.org"
    server_url: "https://foreman.example.com"
    locations:
      - "Uppsala"
    organizations:
      - "Sweden"
    username: "admin"
    password: "changeme"
    state: present

- name: LDAP Authentication with automatic registration
  theforeman.foreman.auth_source_ldap:
    name: "Example LDAP"
    host: "ldap.example.org"
    onthefly_register: True
    account: uid=ansible,cn=sysaccounts,cn=etc,dc=example,dc=com
    account_password: secret
    base_dn: dc=example,dc=com
    groups_base: cn=groups,cn=accounts, dc=example,dc=com
    server_type: free_ipa
    attr_login: uid
    attr_firstname: givenName
    attr_lastname: sn
    attr_mail: mail
    attr_photo: jpegPhoto
    server_url: "https://foreman.example.com"
    username: "admin"
    password: "changeme"
    state: present

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key		Returned	Description
entity dictionary		success	Final state of the affected entities grouped by their type.
	auth_source_ldaps list / elements=dictionary	success	List of auth sources for LDAP.

Authors

Christoffer Reijer (@ephracis) Basalt AB

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/theforeman/foreman/auth_source_ldap_module.html