community.general.udm_user – Manage posix users on a univention corporate server
Note
This plugin is part of the community.general collection (version 3.8.3).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.udm_user
.
Synopsis
This module allows to manage posix users on a univention corporate server (UCS). It uses the python API of the UCS to create a new object or edit it.
Requirements
The below requirements are needed on the host that executes this module.
Python >= 2.6
Parameters
Parameter |
Comments |
---|---|
Birthday |
|
City of users business address. |
|
Country of users business address. |
|
Department number of users business address. |
|
Description (not gecos) |
|
Display name (not gecos) |
|
A list of e-mail addresses. Default: [“”] |
|
Employee number |
|
Employee type |
|
First name. Required if |
|
GECOS |
|
POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: Default: [] |
|
Home NFS share. Must be a LDAP DN, e.g. |
|
Path to home NFS share, inside the homeShare. |
|
List of private telephone numbers. Default: [] |
|
Windows home drive, e.g. |
|
Last name. Required if |
|
List of alternative e-mail addresses. Default: [] |
|
FQDN of mail server |
|
Primary e-mail address |
|
Mobile phone number Default: [] |
|
Organisation |
|
Organizational Unit inside the LDAP Base DN, e.g. Default: “” |
|
Override password history Choices:
|
|
Override password check Choices:
|
|
List of pager telephone numbers. Default: [] |
|
Password. Required if |
|
List of telephone numbers. |
|
Define the whole position of users object inside the LDAP tree, e.g. Default: “” |
|
Postal code of users business address. |
|
Primary group. This must be the group LDAP DN. If not specified, it defaults to |
|
Windows profile directory |
|
Change password on next login. Choices:
|
|
Room number of users business address. |
|
Samba privilege, like allow printer administration, do domain join. |
|
Allow the authentication only on this Microsoft Windows host. |
|
Windows home path, e.g. |
|
Windows logon script. |
|
A list of superiors as LDAP DNs. Default: [] |
|
Enable user for the following service providers. Default: [“”] |
|
Login shell Default: “/bin/bash” |
|
Whether the user is present or not. Choices:
|
|
Street of users business address. |
|
LDAP subpath inside the organizational unit, e.g. Default: “cn=users” |
|
Title, e.g. |
|
Unix home directory If not specified, it defaults to |
|
Choices:
|
|
Account expiry date, e.g. If not specified, it defaults to the current day plus one year. |
|
User name |
Examples
- name: Create a user on a UCS
community.general.udm_user:
name: FooBar
password: secure_password
firstname: Foo
lastname: Bar
- name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com)
community.general.udm_user:
name: foo
password: secure_password
firstname: Foo
lastname: Bar
ou: school
subpath: 'cn=teachers,cn=users'
# or define the position
- name: Create a user with the DN C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com)
community.general.udm_user:
name: foo
password: secure_password
firstname: Foo
lastname: Bar
position: 'cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com'
Authors
Tobias Rüetschi (@keachi)