dellemc.openmanage.ome_domain_user_groups module – Create, modify, or delete an Active Directory/LDAP user group on OpenManage Enterprise and OpenManage Enterprise Modular

Note

This module is part of the dellemc.openmanage collection (version 9.1.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install dellemc.openmanage. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: dellemc.openmanage.ome_domain_user_groups.

New in dellemc.openmanage 4.0.0

Synopsis 

This module allows to create, modify, or delete an Active Directory/LDAP user group on OpenManage Enterprise and OpenManage Enterprise Modular.

Requirements 

The below requirements are needed on the host that executes this module.

python >= 3.9.6

Parameters 

Parameter	Comments
ca_path path added in dellemc.openmanage 5.0.0	The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for the validation.
directory_id integer	The ID of the Active Directory/LDAP. directory_id is mutually exclusive with directory_name.
directory_name string	The directory name set while adding the Active Directory/LDAP. directory_name is mutually exclusive with directory_id.
directory_type string	Type of the account. Choices: `"AD"` ← (default) `"LDAP"`
domain_password string	Active Directory/LDAP domain password.
domain_username string	Active Directory/LDAP domain username. Example: username@domain or domain\username.
group_name string / required	The desired Active Directory/LDAP user group name to be imported or removed. Examples for user group name: Administrator or Account Operators or Access Control Assistance Operator. group_name value is case insensitive.
hostname string / required	OpenManage Enterprise or OpenManage Enterprise Modular IP address or hostname.
password string / required	OpenManage Enterprise or OpenManage Enterprise Modular password. If the password is not provided, then the environment variable `OME_PASSWORD` is used. Example: export OME_PASSWORD=password
port integer	OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port. Default: `443`
role string	The desired roles and privilege for the imported Active Directory/LDAP user group. OpenManage Enterprise Modular Roles: CHASSIS ADMINISTRATOR, COMPUTE MANAGER, STORAGE MANAGER, FABRIC MANAGER, VIEWER. OpenManage Enterprise Roles: ADMINISTRATOR, DEVICE MANAGER, VIEWER. role value is case insensitive.
state string	`present` imports or modifies the Active Directory/LDAP user group. `absent` deletes an existing Active Directory/LDAP user group. Choices: `"present"` ← (default) `"absent"`
timeout integer added in dellemc.openmanage 5.0.0	The socket level timeout in seconds. Default: `30`
username string / required	OpenManage Enterprise or OpenManage Enterprise Modular username. If the username is not provided, then the environment variable `OME_USERNAME` is used. Example: export OME_USERNAME=username
validate_certs boolean added in dellemc.openmanage 5.0.0	If `false`, the SSL certificates will not be validated. Configure `false` only on personally controlled sites where self-signed certificates are used. Prior to collection version `5.0.0`, the validate_certs is `false` by default. Choices: `false` `true` ← (default)

Notes 

Note

This module supports check_mode and idempotency.
Run this module from a system that has direct access to OpenManage Enterprise or OpenManage Enterprise Modular.

Examples 

---
- name: Create Active Directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: present
    group_name: account operators
    directory_name: directory_name
    role: administrator
    domain_username: username@domain
    domain_password: domain_password

- name: Update Active Directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: present
    group_name: account operators
    role: viewer

- name: Delete active directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: absent
    group_name: administrators

- name: Import LDAP directory group.
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    directory_type: LDAP
    state: present
    group_name: account operators
    directory_name: directory_name
    role: administrator
    domain_username: username@domain
    domain_password: domain_password

- name: Remove LDAP directory group.
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: absent
    group_name: account operators

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
domain_user_status dictionary	Details of the domain user operation, when state is `present`. Returned: When state is `present`. Sample: `{"Description": null, "DirectoryServiceId": 16097, "Enabled": true, "Id": "16617", "IsBuiltin": false, "IsVisible": true, "Locked": false, "Name": "Account Operators", "ObjectGuid": "a491859c-031e-42a3-ae5e-0ab148ecf1d6", "ObjectSid": null, "Oem": null, "Password": null, "PlainTextPassword": null, "RoleId": "16", "UserName": "Account Operators", "UserTypeId": 2}`
error_info dictionary	Details of the HTTP Error. Returned: on HTTP error Sample: `{"error": {"@Message.ExtendedInfo": [{"Message": "Unable to process the request because an error occurred.", "MessageArgs": [], "MessageId": "GEN1234", "RelatedProperties": [], "Resolution": "Retry the operation. If the issue persists, contact your system administrator.", "Severity": "Critical"}], "code": "Base.1.0.GeneralError", "message": "A general error has occurred. See ExtendedInfo for more information."}}`
msg string	Overall status of the Active Directory/LDAP user group operation. Returned: always Sample: `"Successfully imported the Active Directory/LDAP user group."`

Authors

Felix Stephen (@felixs88)
Abhishek Sinha (@Abhishek-Dell)

dellemc.openmanage.ome_domain_user_groups module – Create, modify, or delete an Active Directory/LDAP user group on OpenManage Enterprise and OpenManage Enterprise Modular

Synopsis

Requirements

Parameters

Notes

Examples

Return Values