purestorage.flashblade.purefb_ds – Configure FlashBlade Directory Service

Note

This plugin is part of the purestorage.flashblade collection (version 1.5.0).

To install it use: ansible-galaxy collection install purestorage.flashblade.

To use it in a playbook, specify: purestorage.flashblade.purefb_ds.

New in version 1.0.0: of purestorage.flashblade

Synopsis

  • Create, modify or erase directory services configurations. There is no facility to SSL certificates at this time. Use the FlashBlade GUI for this additional configuration work.

  • If updating a directory service and i(bind_password) is provided this will always cause a change, even if the password given isn’t different from the current. This makes this part of the module non-idempotent..

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.7

  • purity_fb >= 1.9

  • netaddr

  • pytz

Parameters

Parameter Choices/Defaults Comments
api_token
string
FlashBlade API token for admin privileged user.
base_dn
string
Sets the base of the Distinguished Name (DN) of the directory service groups. The base should consist of only Domain Components (DCs). The base_dn will populate with a default value when a URI is entered by parsing domain components from the URI. The base DN should specify DC= for each domain component and multiple DCs should be separated by commas.
bind_password
string
Sets the password of the bind_user user name account.
bind_user
string
Sets the user name that can be used to bind to and query the directory.
For Active Directory, enter the username - often referred to as sAMAccountName or User Logon Name - of the account that is used to perform directory lookups.
For OpenLDAP, enter the full DN of the user.
dstype
string / required
    Choices:
  • management
  • nfs
  • smb
The type of directory service to work on
enable
boolean
    Choices:
  • no ←
  • yes
Whether to enable or disable directory service support.
fb_url
string
FlashBlade management IP address or Hostname.
join_ou
string
The optional organizational unit (OU) where the machine account for the directory service will be created.
nis_domain
string
The NIS domain to search
This cannot be used in conjunction with LDAP configurations.
nis_servers
list / elements=string
A list of up to 30 IP addresses or FQDNs for NIS servers.
This cannot be used in conjunction with LDAP configurations.
state
string
    Choices:
  • absent
  • present ←
Create or delete directory service configuration
uri
list / elements=string
A list of up to 30 URIs of the directory servers. Each URI must include the scheme ldap:// or ldaps:// (for LDAP over SSL), a hostname, and a domain name or IP address. For example, ldap://ad.company.com configures the directory service with the hostname "ad" in the domain "company.com" while specifying the unencrypted LDAP protocol.

Notes

Note

  • This module requires the purity_fb Python library

  • You must set PUREFB_URL and PUREFB_API environment variables if fb_url and api_token arguments are not passed to the module directly

Examples

- name: Delete existing management directory service
  purefb_ds:
    dstype: management
    state: absent
    fb_url: 10.10.10.2
    api_token: e31060a7-21fc-e277-6240-25983c6c4592

- name: Create NFS directory service (disabled)
  purefb_ds:
    dstype: nfs
    uri: "ldaps://lab.purestorage.com"
    base_dn: "DC=lab,DC=purestorage,DC=com"
    bind_user: Administrator
    bind_password: password
    fb_url: 10.10.10.2
    api_token: e31060a7-21fc-e277-6240-25983c6c4592

- name: Enable existing SMB directory service
  purefb_ds:
    dstypr: smb
    enable: true
    fb_url: 10.10.10.2
    api_token: e31060a7-21fc-e277-6240-25983c6c4592

- name: Disable existing management directory service
  purefb_ds:
    dstype: management
    enable: false
    fb_url: 10.10.10.2
    api_token: e31060a7-21fc-e277-6240-25983c6c4592

- name: Create NFS directory service (enabled)
  purefb_ds:
    dstype: nfs
    enable: true
    uri: "ldaps://lab.purestorage.com"
    base_dn: "DC=lab,DC=purestorage,DC=com"
    bind_user: Administrator
    bind_password: password
    fb_url: 10.10.10.2
    api_token: e31060a7-21fc-e277-6240-25983c6c4592

Authors