ad_auth
Ansible role ad_auth
Bind a system to Active Directory.
GitHub | Version | Issues | Pull Requests | Downloads |
---|---|---|---|---|
Example Playbook
This example is taken from molecule/default/converge.yml
and is tested on each push, pull request and release.
---
- name: Converge
hosts: all
become: true
gather_facts: true
roles:
- role: buluma.ad_auth
ad_auth_registration_username: my_username
ad_auth_registration_password: my_password
ad_auth_ou: ou=Nerds,ou=Staff
ad_auth_server: my_server.example.com
ad_auth_domain: my_domain.local
ad_auth_join: false
ad_auth_simple_allow_users:
- my_user_1
- my_user_2
The machine needs to be prepared. In CI this is done using molecule/default/prepare.yml
:
---
- name: Prepare
hosts: all
become: true
gather_facts: false
vars:
python_pip_modules:
- name: pexpect
roles:
- role: buluma.bootstrap
- role: buluma.epel
- role: buluma.python_pip
Also see a full explanation and example on how to use these roles.
Role Variables
The default values for the variables are set in defaults/main.yml
:
---
# defaults file for ad_auth
# The username to register to AD, for example: "bind_user".
ad_auth_registration_username: "unset"
# The password to register to AD, for example: "MyPaSsWoRd".
ad_auth_registration_password: "unset"
# The OU to search in, for example: "ou=Nerds,ou=Staff".
ad_auth_ou: "unset"
# The server to bind to, for example: "ad.example.com".
ad_auth_server: "unset"
# The domain to use for SSSD configuration, for example: "example.com".
ad_auth_domain: "usnet.local"
# Should this role try to bind to the AD server?
# (This can be unset for automated testing)
ad_auth_join: true
# To limit selected users to login, fill this list with users that are
# allowed to login:
# ad_auth_simple_allow_users:
# - my_user_1
# - my_user_2
Requirements
- pip packages listed in requirements.txt.
State of used roles
The following roles are used to prepare a system. You can prepare your system in another way.
Requirement | GitHub | Version |
---|---|---|
buluma.bootstrap | ||
buluma.epel | ||
buluma.python_pip |
Dependencies
Most roles require some kind of preparation, this is done in molecule/default/prepare.yml
. This role has a "hard" dependency on the following roles:
- {'src': 'buluma.python_pip', 'version': '1.0.7', 'name': 'buluma.python_pip'}
Context
This role is a part of many compatible roles. Have a look at the documentation of these roles for further information.
Here is an overview of related roles:
Compatibility
This role has been tested on these container images:
container | tags |
---|---|
EL | all |
Fedora | all |
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in GitHub
Changelog
License
Author Information
ansible-galaxy install buluma/ansible-role-ad_auth