community.general.udm_user – Manage posix users on a univention corporate server
Note
This plugin is part of the community.general collection (version 3.8.1).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.general.
To use it in a playbook, specify: community.general.udm_user.
Synopsis
- This module allows to manage posix users on a univention corporate server (UCS). It uses the python API of the UCS to create a new object or edit it.
Requirements
The below requirements are needed on the host that executes this module.
- Python >= 2.6
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| birthday
string
|
Birthday
|
|
| city
string
|
City of users business address.
|
|
| country
string
|
Country of users business address.
|
|
| department_number
string
|
Department number of users business address.
aliases: departmentNumber |
|
| description
string
|
Description (not gecos)
|
|
| display_name
string
|
Display name (not gecos)
aliases: displayName |
|
| email
list / elements=string
|
Default:
[""]
|
A list of e-mail addresses.
|
| employee_number
string
|
Employee number
aliases: employeeNumber |
|
| employee_type
string
|
Employee type
aliases: employeeType |
|
| firstname
string
|
First name. Required if state=present.
|
|
| gecos
string
|
GECOS
|
|
| groups
list / elements=string
|
Default:
[]
|
POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: (&(objectClass=posixGroup(cn=$GROUP))).
|
| home_share
string
|
Home NFS share. Must be a LDAP DN, e.g.
cn=home,cn=shares,ou=school,dc=example,dc=com.
aliases: homeShare |
|
| home_share_path
string
|
Path to home NFS share, inside the homeShare.
aliases: homeSharePath |
|
| home_telephone_number
list / elements=string
|
Default:
[]
|
List of private telephone numbers.
aliases: homeTelephoneNumber |
| homedrive
string
|
Windows home drive, e.g. "H:".
|
|
| lastname
string
|
Last name. Required if state=present.
|
|
| mail_alternative_address
list / elements=string
|
Default:
[]
|
List of alternative e-mail addresses.
aliases: mailAlternativeAddress |
| mail_home_server
string
|
FQDN of mail server
aliases: mailHomeServer |
|
| mail_primary_address
string
|
Primary e-mail address
aliases: mailPrimaryAddress |
|
| mobile_telephone_number
list / elements=string
|
Default:
[]
|
Mobile phone number
aliases: mobileTelephoneNumber |
| organisation
string
|
Organisation
aliases: organization |
|
| ou
string
|
Default:
""
|
Organizational Unit inside the LDAP Base DN, e.g. school for LDAP OU ou=school,dc=example,dc=com.
|
| overridePWHistory
boolean
|
|
Override password history
aliases: override_pw_history |
| overridePWLength
boolean
|
|
Override password check
aliases: override_pw_length |
| pager_telephonenumber
list / elements=string
|
Default:
[]
|
List of pager telephone numbers.
aliases: pagerTelephonenumber |
| password
string
|
Password. Required if state=present.
|
|
| phone
list / elements=string
|
List of telephone numbers.
|
|
| position
string
|
Default:
""
|
Define the whole position of users object inside the LDAP tree, e.g. cn=employee,cn=users,ou=school,dc=example,dc=com.
|
| postcode
string
|
Postal code of users business address.
|
|
| primary_group
string
|
Primary group. This must be the group LDAP DN.
If not specified, it defaults to
cn=Domain Users,cn=groups,$LDAP_BASE_DN.
aliases: primaryGroup |
|
| profilepath
string
|
Windows profile directory
|
|
| pwd_change_next_login
string
|
|
Change password on next login.
aliases: pwdChangeNextLogin |
| room_number
string
|
Room number of users business address.
aliases: roomNumber |
|
| samba_privileges
list / elements=string
|
Samba privilege, like allow printer administration, do domain join.
aliases: sambaPrivileges |
|
| samba_user_workstations
list / elements=string
|
Allow the authentication only on this Microsoft Windows host.
aliases: sambaUserWorkstations |
|
| sambahome
string
|
Windows home path, e.g. '\\$FQDN\$USERNAME'.
|
|
| scriptpath
string
|
Windows logon script.
|
|
| secretary
list / elements=string
|
Default:
[]
|
A list of superiors as LDAP DNs.
|
| serviceprovider
list / elements=string
|
Default:
[""]
|
Enable user for the following service providers.
|
| shell
string
|
Default:
"/bin/bash"
|
Login shell
|
| state
string
|
|
Whether the user is present or not.
|
| street
string
|
Street of users business address.
|
|
| subpath
string
|
Default:
"cn=users"
|
LDAP subpath inside the organizational unit, e.g. cn=teachers,cn=users for LDAP container cn=teachers,cn=users,dc=example,dc=com.
|
| title
string
|
Title, e.g. Prof..
|
|
| unixhome
string
|
Unix home directory
If not specified, it defaults to /home/$USERNAME.
|
|
| update_password
string
|
|
always will update passwords if they differ. on_create will only set the password for newly created users.
|
| userexpiry
string
|
Account expiry date, e.g.
1999-12-31.
If not specified, it defaults to the current day plus one year.
|
|
| username
string / required
|
User name
aliases: name |
Examples
- name: Create a user on a UCS
community.general.udm_user:
name: FooBar
password: secure_password
firstname: Foo
lastname: Bar
- name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com)
community.general.udm_user:
name: foo
password: secure_password
firstname: Foo
lastname: Bar
ou: school
subpath: 'cn=teachers,cn=users'
# or define the position
- name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com)
community.general.udm_user:
name: foo
password: secure_password
firstname: Foo
lastname: Bar
position: 'cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com'
Authors
- Tobias Rüetschi (@keachi)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/udm_user_module.html