ad_auth
ad_auth
DEPRECATION WARNING: This repository is not maintained anymore; This role only runs on CentOS 7 and required pip modules, but since end of 2020 there is no development on python 2 anymore.
Bind a system to Active Directory.
GitHub | GitLab | Quality | Downloads | Version |
---|---|---|---|---|
Example Playbook
This example is taken from molecule/resources/converge.yml
and is tested on each push, pull request and release.
---
- name: converge
hosts: all
become: yes
gather_facts: yes
roles:
- role: robertdebock.ad_auth
ad_auth_registration_username: my_username
ad_auth_registration_password: my_password
ad_auth_ou: ou=Nerds,ou=Staff
ad_auth_server: my_server.example.com
ad_auth_domain: my_domain.local
ad_auth_join: no
ad_auth_simple_allow_users:
- my_user_1
- my_user_2
The machine needs to be prepared in CI this is done using molecule/resources/prepare.yml
:
---
- name: prepare
hosts: all
become: yes
gather_facts: no
roles:
- role: robertdebock.bootstrap
- role: robertdebock.epel
- role: robertdebock.python_pip
Also see a full explanation and example on how to use these roles.
Role Variables
These variables are set in defaults/main.yml
:
---
# defaults file for ad_auth
# The username to register to AD, for example: "bind_user"
ad_auth_registration_username: "unset"
# The password to register to AD, for example: "MyPaSsWoRd"
ad_auth_registration_password: "unset"
# The OU to search in, for example: "ou=Nerds,ou=Staff"
ad_auth_ou: "unset"
# The server to bind to, for example: "ad.example.com"
ad_auth_server: "unset"
# The domain to use for SSSD configuration, for example: "example.com"
ad_auth_domain: "usnet.local"
# Should this role try to bind to the AD server?
# (This can be unset for automated testing)
ad_auth_join: yes
# To limit selected users to login, fill this list with users that are
# allowed to login:
# ad_auth_simple_allow_users:
# - my_user_1
# - my_user_2
Requirements
- pip packages listed in requirements.txt.
Status of requirements
The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well.
Requirement | GitHub | GitLab |
---|---|---|
robertdebock.bootstrap | ||
robertdebock.epel | ||
robertdebock.python_pip |
Context
This role is a part of many compatible roles. Have a look at the documentation of these roles for further information.
Here is an overview of related roles:
Compatibility
This role has been tested on these container images:
container | tags |
---|---|
el | 7 |
The minimum version of Ansible required is 2.10, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in GitHub
License
Apache-2.0
Contributors
I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate.
Author Information
Please consider sponsoring me.
ansible-galaxy install robertdebock/ansible-role-ad_auth