fortinet.fortimanager.fmgr_system_admin_setting – Admin setting.
Note
This plugin is part of the fortinet.fortimanager collection (version 2.0.1).
To install it use: ansible-galaxy collection install fortinet.fortimanager.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_system_admin_setting.
New in version 2.10: of fortinet.fortimanager
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
| Parameter | Choices/Defaults | Comments | |
|---|---|---|---|
| bypass_validation
boolean
|
|
only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters
|
|
| rc_failed
list / elements=string
|
the rc codes list with which the conditions to fail will be overriden
|
||
| rc_succeeded
list / elements=string
|
the rc codes list with which the conditions to succeed will be overriden
|
||
| state
string / required
|
|
the directive to create, update or delete an object
|
|
| system_admin_setting
dictionary
|
the top level parameters set
|
||
| access-banner
string
|
|
Enable/disable access banner.
disable - Disable setting.
enable - Enable setting.
|
|
| admin-https-redirect
string
|
|
Enable/disable redirection of HTTP admin traffic to HTTPS.
disable - Disable setting.
enable - Enable setting.
|
|
| admin-login-max
integer
|
Default:
256
|
Maximum number admin users logged in at one time (1 - 256).
|
|
| admin_server_cert
string
|
Default:
"server.crt"
|
HTTPS & Web Service server certificate.
|
|
| allow_register
string
|
|
Enable/disable allowance of register an unregistered device.
disable - Disable setting.
enable - Enable setting.
|
|
| auto-update
string
|
|
Enable/disable FortiGate automatic update.
disable - Disable device automatic update.
enable - Enable device automatic update.
|
|
| banner-message
string
|
Banner message.
|
||
| chassis-mgmt
string
|
|
Enable or disable chassis management.
disable - Disable setting.
enable - Enable setting.
|
|
| chassis-update-interval
integer
|
Default:
15
|
Chassis background update interval (4 - 1440 mins).
|
|
| device_sync_status
string
|
|
Enable/disable device synchronization status indication.
disable - Disable setting.
enable - Enable setting.
|
|
| gui-theme
string
|
|
Color scheme to use for the administration GUI.
blue - Blueberry
green - Kiwi
red - Cherry
melongene - Plum
spring - Spring
summer - Summer
autumn - Autumn
winter - Winter
space - Space
calla-lily - Calla Lily
binary-tunnel - Binary Tunnel
diving - Diving
dreamy - Dreamy
technology - Technology
landscape - Landscape
twilight - Twilight
canyon - Canyon
northern-light - Northern Light
astronomy - Astronomy
fish - Fish
penguin - Penguin
panda - Panda
polar-bear - Polar Bear
parrot - Parrot
cave - Cave
|
|
| http_port
integer
|
Default:
80
|
HTTP port.
|
|
| https_port
integer
|
Default:
443
|
HTTPS port.
|
|
| idle_timeout
integer
|
Default:
15
|
Idle timeout (1 - 480 min).
|
|
| install-ifpolicy-only
string
|
|
Allow install interface policy only.
disable - Disable setting.
enable - Enable setting.
|
|
| mgmt-addr
string
|
IP of FortiManager used by FGFM.
|
||
| mgmt-fqdn
string
|
FQDN of FortiManager used by FGFM.
|
||
| objects-force-deletion
string
|
|
Enable/disable used objects force deletion.
disable - Disable setting.
enable - Enable setting.
|
|
| offline_mode
string
|
|
Enable/disable offline mode.
disable - Disable offline mode.
enable - Enable offline mode.
|
|
| register_passwd
string
|
no description
|
||
| sdwan-monitor-history
string
|
|
Enable/disable hostname display in the GUI login page.
disable - Disable setting.
enable - Enable setting.
|
|
| shell-access
string
|
|
Enable/disable shell access.
disable - Disable setting.
enable - Enable setting.
|
|
| shell-password
string
|
no description
|
||
| show-add-multiple
string
|
|
Show add multiple button.
disable - Disable setting.
enable - Enable setting.
|
|
| show-adom-devman
string
|
|
Show ADOM device manager tools on GUI.
disable - Hide device manager tools on GUI.
enable - Show device manager tools on GUI.
|
|
| show-checkbox-in-table
string
|
|
Show checkboxs in tables on GUI.
disable - Disable setting.
enable - Enable setting.
|
|
| show-device-import-export
string
|
|
Enable/disable import/export of ADOM, device, and group lists.
disable - Disable setting.
enable - Enable setting.
|
|
| show-hostname
string
|
|
Enable/disable hostname display in the GUI login page.
disable - Disable setting.
enable - Enable setting.
|
|
| show_automatic_script
string
|
|
Enable/disable automatic script.
disable - Disable script option.
enable - Enable script option.
|
|
| show_grouping_script
string
|
|
Enable/disable grouping script.
disable - Disable script option.
enable - Enable script option.
|
|
| show_schedule_script
string
|
|
Enable or disable schedule script.
disable - Disable script option.
enable - Enable script option.
|
|
| show_tcl_script
string
|
|
Enable/disable TCL script.
disable - Disable script option.
enable - Enable script option.
|
|
| unreg_dev_opt
string
|
|
Action to take when unregistered device connects to FortiManager.
add_no_service - Add unregistered devices but deny service requests.
ignore - Ignore unregistered devices.
add_allow_service - Add unregistered devices and allow service requests.
|
|
| webadmin_language
string
|
|
Web admin language.
auto_detect - Automatically detect language.
english - English.
simplified_chinese - Simplified Chinese.
traditional_chinese - Traditional Chinese.
japanese - Japanese.
korean - Korean.
spanish - Spanish.
|
|
| workspace_locking_adom
string
|
the adom to lock for FortiManager running in workspace mode, the value can be global and others including root
|
||
| workspace_locking_timeout
integer
|
Default:
300
|
the maximum time in seconds to wait for other user to release the workspace lock
|
|
Notes
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state present directive.
- To delete an object, use state absent directive.
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Admin setting.
fmgr_system_admin_setting:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
system_admin_setting:
access-banner: <value in [disable, enable]>
admin-https-redirect: <value in [disable, enable]>
admin-login-max: <value of integer>
admin_server_cert: <value of string>
allow_register: <value in [disable, enable]>
auto-update: <value in [disable, enable]>
banner-message: <value of string>
chassis-mgmt: <value in [disable, enable]>
chassis-update-interval: <value of integer>
device_sync_status: <value in [disable, enable]>
gui-theme: <value in [blue, green, red, ...]>
http_port: <value of integer>
https_port: <value of integer>
idle_timeout: <value of integer>
install-ifpolicy-only: <value in [disable, enable]>
mgmt-addr: <value of string>
mgmt-fqdn: <value of string>
objects-force-deletion: <value in [disable, enable]>
offline_mode: <value in [disable, enable]>
register_passwd: <value of string>
sdwan-monitor-history: <value in [disable, enable]>
shell-access: <value in [disable, enable]>
shell-password: <value of string>
show-add-multiple: <value in [disable, enable]>
show-adom-devman: <value in [disable, enable]>
show-checkbox-in-table: <value in [disable, enable]>
show-device-import-export: <value in [disable, enable]>
show-hostname: <value in [disable, enable]>
show_automatic_script: <value in [disable, enable]>
show_grouping_script: <value in [disable, enable]>
show_schedule_script: <value in [disable, enable]>
show_tcl_script: <value in [disable, enable]>
unreg_dev_opt: <value in [add_no_service, ignore, add_allow_service]>
webadmin_language: <value in [auto_detect, english, simplified_chinese, ...]>
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| request_url
string
|
always |
The full url requested
Sample:
/sys/login/user
|
| response_code
integer
|
always |
The status of api request
|
| response_message
string
|
always |
The descriptive message of the api response
Sample:
OK.
|
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/fortinet/fortimanager/fmgr_system_admin_setting_module.html