udm_user - Manage posix users on a univention corporate server
New in version 2.2.
Synopsis
- This module allows to manage posix users on a univention corporate server (UCS). It uses the python API of the UCS to create a new object or edit it.
Requirements (on host that executes module)
- Python >= 2.6
Options
parameter | required | default | choices | comments |
---|---|---|---|---|
birthday | no | None | Birthday | |
city | no | None | City of users business address. | |
country | no | None | Country of users business address. | |
department_number | no | None | Department number of users business address. aliases: departmentNumber | |
description | no | None | Description (not gecos) | |
display_name | no | None | Display name (not gecos) aliases: displayName | |
email | no | [u''] | A list of e-mail addresses. | |
employee_number | no | None | Employee number aliases: employeeNumber | |
employee_type | no | None | Employee type aliases: employeeType | |
firstname | no | First name. Required if state=present . | ||
gecos | no | None | GECOS | |
groups | no | POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: (&(objectClass=posixGroup (cn=$GROUP))). | ||
home_share | no | None | Home NFS share. Must be a LDAP DN, e.g. cn=home,cn=shares,ou=school,dc=example,dc=com .aliases: homeShare | |
home_share_path | no | None | Path to home NFS share, inside the homeShare. aliases: homeSharePath | |
home_telephone_number | no | List of private telephone numbers. aliases: homeTelephoneNumber | ||
homedrive | no | None | Windows home drive, e.g. "H:" . | |
lastname | no | Last name. Required if state=present . | ||
mail_alternative_address | no | List of alternative e-mail addresses. aliases: mailAlternativeAddress | ||
mail_home_server | no | None | FQDN of mail server aliases: mailHomeServer | |
mail_primary_address | no | None | Primary e-mail address aliases: mailPrimaryAddress | |
mobile_telephone_number | no | Mobile phone number aliases: mobileTelephoneNumber | ||
organisation | no | None | Organisation | |
ou | no | Organizational Unit inside the LDAP Base DN, e.g. school for LDAP OU ou=school,dc=example,dc=com . | ||
override_pw_history | no | Override password history aliases: overridePWHistory | ||
override_pw_length | no | Override password check aliases: overridePWLength | ||
pager_telephonenumber | no | List of pager telephone numbers. aliases: pagerTelephonenumber | ||
password | no | None | Password. Required if state=present . | |
phone | no | List of telephone numbers. | ||
position | no | Define the whole position of users object inside the LDAP tree, e.g. cn=employee,cn=users,ou=school,dc=example,dc=com . | ||
postcode | no | None | Postal code of users business address. | |
primary_group | no | cn=Domain Users,cn=groups,$LDAP_BASE_DN | Primary group. This must be the group LDAP DN. aliases: primaryGroup | |
profilepath | no | None | Windows profile directory | |
pwd_change_next_login | no | None |
| Change password on next login. aliases: pwdChangeNextLogin |
room_number | no | None | Room number of users business address. aliases: roomNumber | |
samba_privileges | no | Samba privilege, like allow printer administration, do domain join. aliases: sambaPrivileges | ||
samba_user_workstations | no | Allow the authentication only on this Microsoft Windows host. aliases: sambaUserWorkstations | ||
sambahome | no | None | Windows home path, e.g. '\\$FQDN\$USERNAME' . | |
scriptpath | no | None | Windows logon script. | |
secretary | no | A list of superiors as LDAP DNs. | ||
serviceprovider | no | [u''] | Enable user for the following service providers. | |
shell | no | /bin/bash | Login shell | |
state | no | present |
| Whether the user is present or not. |
street | no | None | Street of users business address. | |
subpath | no | cn=users | LDAP subpath inside the organizational unit, e.g. cn=teachers,cn=users for LDAP container cn=teachers,cn=users,dc=example,dc=com . | |
title | no | None | Title, e.g. Prof. . | |
unixhome | no | /home/$USERNAME | Unix home directory | |
update_password (added in 2.3)
| no | always | always will update passwords if they differ. on_create will only set the password for newly created users. | |
userexpiry | no | Today + 1 year | Account expiry date, e.g. 1999-12-31 . | |
username | yes | User name aliases: name |
Examples
# Create a user on a UCS - udm_user: name: FooBar password: secure_password firstname: Foo lastname: Bar # Create a user with the DN # C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com) - udm_user: name: foo password: secure_password firstname: Foo lastname: Bar ou: school subpath: 'cn=teachers,cn=users' # or define the position - udm_user: name: foo password: secure_password firstname: Foo lastname: Bar position: 'cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com'
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/udm_user_module.html