dellemc.openmanage.ome_active_directory module – Configure Active Directory groups to be used with Directory Services on OpenManage Enterprise and OpenManage Enterprise Modular
Note
This module is part of the dellemc.openmanage collection (version 4.4.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install dellemc.openmanage
.
To use it in a playbook, specify: dellemc.openmanage.ome_active_directory
.
New in version 4.0.0: of dellemc.openmanage
Synopsis
This module allows to add, modify, and delete OpenManage Enterprise connection with Active Directory Service.
Requirements
The below requirements are needed on the host that executes this module.
python >= 2.7.17
Parameters
Parameter |
Comments |
---|---|
Provide the full path of the SSL certificate. The certificate should be a Root CA Certificate encoded in Base64 format. This is applicable when validate_certificate is |
|
Select the Domain Controller Lookup method. Choices:
|
|
Domain controller port. By default, Global Catalog Address port number 3269 is populated. For the Domain Controller Access, enter 636 as the port number.
Default: 3269 |
|
Provide the domain password. This is applicable when test_connection is |
|
Enter the domain name or FQDN or IP address of the domain controller. If domain_controller_lookup is If domain_controller_lookup is |
|
Provide the domain username either in the UPN (username@domain) or NetBIOS (domain\username) format. This is applicable when test_connection is |
|
Provide the group domain in the format |
|
OpenManage Enterprise or OpenManage Enterprise Modular IP address or hostname. |
|
Provide the ID of the existing Active Directory service connection. This is applicable for modification and deletion. This is mutually exclusive with name. |
|
Provide a name for the Active Directory connection. This is applicable for creation and deletion. This is mutually exclusive with name. |
|
Enter the network timeout duration in seconds. The supported timeout duration range is 15 to 300 seconds. Default: 120 |
|
OpenManage Enterprise or OpenManage Enterprise Modular password. |
|
OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port. Default: 443 |
|
Enter the search timeout duration in seconds. The supported timeout duration range is 15 to 300 seconds. Default: 120 |
|
Choices:
|
|
Enables testing the connection to the domain controller. The connection to the domain controller is tested with the provided Active Directory service details. If test fails, module will error out. If Choices:
|
|
OpenManage Enterprise or OpenManage Enterprise Modular username. |
|
Enables validation of SSL certificate of the domain controller. The module will always report change when this is Choices:
|
Notes
Note
The module will always report change when validate_certificate is
yes
.Run this module from a system that has direct access to OpenManage Enterprise.
This module supports
check_mode
.
Examples
---
- name: Add Active Directory service using DNS lookup along with the test connection
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
name: my_ad1
domain_server:
- domainname.com
group_domain: domainname.com
test_connection: yes
domain_username: user@domainname
domain_password: domain_password
- name: Add Active Directory service using IP address of the domain controller with certificate validation
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
name: my_ad2
domain_controller_lookup: MANUAL
domain_server:
- 192.68.20.181
group_domain: domainname.com
validate_certificate: yes
certificate_file: "/path/to/certificate/file.cer"
- name: Modify domain controller IP address, network_timeout and group_domain
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
name: my_ad2
domain_controller_lookup: MANUAL
domain_server:
- 192.68.20.189
group_domain: newdomain.in
network_timeout: 150
- name: Delete Active Directory service
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
name: my_ad2
state: absent
- name: Test connection to existing Active Directory service with certificate validation
dellemc.openmanage.ome_active_directory:
hostname: "192.168.0.1"
username: "username"
password: "password"
name: my_ad2
test_connection: yes
domain_username: user@domainname
domain_password: domain_password
validate_certificate: yes
certificate_file: "/path/to/certificate/file.cer"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The Active Directory that was added, modified or deleted by this module. Returned: on change Sample: {“CertificateValidation”: false, “DnsServer”: [], “GroupDomain”: “dellemcdomain.com”, “Id”: 21789, “Name”: “ad_test”, “NetworkTimeOut”: 120, “Password”: null, “SearchTimeOut”: 120, “ServerName”: [“192.168.20.181”], “ServerPort”: 3269, “ServerType”: “MANUAL”} |
|
Details of the HTTP Error. Returned: on HTTP error Sample: {“error_info”: {“error”: {“@Message.ExtendedInfo”: [{“Message”: “Unable to connect to the LDAP or AD server because the entered credentials are invalid.”, “MessageArgs”: [], “MessageId”: “CSEC5002”, “RelatedProperties”: [], “Resolution”: “Make sure the server input configuration are valid and retry the operation.”, “Severity”: “Critical”}], “code”: “Base.1.0.GeneralError”, “message”: “A general error has occurred. See ExtendedInfo for more information.”}}} |
|
Overall status of the Active Directory operation. Returned: always Sample: “Successfully renamed the slot(s).” |
Authors
Jagadeesh N V(@jagadeeshnv)