Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Use the new IPA module

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2020-10-21 16:06:39 +02:00
parent d9cda33f98
commit db06d34bfd
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
1 changed files with 6 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

17
roles/ipa/server/tasks/main.yml
View file

@ -247,14 +247,11 @@
failed_when: "'no modifications to be performed' not in pwpolicy_output.stderr and pwpolicy_output.rc != 0"
- name: Create fas_sync user
ipa_user:
ipauser:
name: fas_sync
givenname: FAS
sn: Sync
ipa_host: localhost
ipa_user: admin
ipa_pass: "{{ipa_admin_password}}"
validate_certs: no
ipaadmin_password: "{{ ipa_admin_password }}"
tags:
- ipa/server
- config
@ -365,18 +362,16 @@
- config
- name: Create noggin user
ipa_user:
ipauser:
name: noggin
givenname: Noggin
sn: User
password: "{{ (env == 'production')|ternary(noggin_admin_password, noggin_stg_admin_password) }}"
# Password expiration date will be a Friday 13th in 30 years. I'm sure we'll remember that.
# (if unset, IPA will assume the password is expired because it hasn't been set by the user themselves)
krbpasswordexpiration: 20500513000000
ipa_host: localhost
ipa_user: admin
ipa_pass: "{{ipa_admin_password}}"
validate_certs: no
passwordexpiration: "2050-05-13 00:00:00"
update_password: on_create
ipaadmin_password: "{{ ipa_admin_password }}"
tags:
- ipa/server
- config