fortinet.fortimanager.fmgr_user_radius_dynamicmapping module – Configure RADIUS server entries.

Note

This module is part of the fortinet.fortimanager collection (version 2.7.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install fortinet.fortimanager.

To use it in a playbook, specify: fortinet.fortimanager.fmgr_user_radius_dynamicmapping.

New in fortinet.fortimanager 2.0.0

Synopsis

  • This module is able to configure a FortiManager device.

  • Examples include all parameters and values which need to be adjusted to data sources before usage.

Parameters

Parameter

Comments

access_token

string

The token to access FortiManager without using username and password.

adom

string / required

The parameter (adom) in requested url.

bypass_validation

boolean

Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters.

Choices:

  • false ← (default)

  • true

enable_log

boolean

Enable/Disable logging for task.

Choices:

  • false ← (default)

  • true

forticloud_access_token

string

Authenticate Ansible client with forticloud API access token.

proposed_method

string

The overridden method for the underlying Json RPC request.

Choices:

  • "update"

  • "set"

  • "add"

radius

string / required

The parameter (radius) in requested url.

rc_failed

list / elements=integer

The rc codes list with which the conditions to fail will be overriden.

rc_succeeded

list / elements=integer

The rc codes list with which the conditions to succeed will be overriden.

state

string / required

The directive to create, update or delete an object.

Choices:

  • "present"

  • "absent"

user_radius_dynamicmapping

dictionary

The top level parameters set.

_scope

list / elements=dictionary

Scope.

name

string

Name.

vdom

string

Vdom.

account-key-cert-field

string

Deprecated, please rename it to account_key_cert_field. Define subject identity field in certificate for user access right…

Choices:

  • "othername"

  • "rfc822name"

  • "dnsname"

  • "cn"

account-key-processing

string

Deprecated, please rename it to account_key_processing. Account key processing operation.

Choices:

  • "same"

  • "strip"

accounting-server

list / elements=dictionary

Deprecated, please rename it to accounting_server. Accounting server.

id

integer

Id.

interface

string

Interface.

interface-select-method

string

Deprecated, please rename it to interface_select_method. Interface select method.

Choices:

  • "auto"

  • "sdwan"

  • "specify"

port

integer

Port.

secret

any

(list) Secret.

server

string

Server.

source-ip

string

Deprecated, please rename it to source_ip. Source ip.

status

string

Status.

Choices:

  • "disable"

  • "enable"

acct-all-servers

string

Deprecated, please rename it to acct_all_servers. Acct all servers.

Choices:

  • "disable"

  • "enable"

acct-interim-interval

integer

Deprecated, please rename it to acct_interim_interval. Acct interim interval.

all-usergroup

string

Deprecated, please rename it to all_usergroup. All usergroup.

Choices:

  • "disable"

  • "enable"

auth-type

string

Deprecated, please rename it to auth_type. Auth type.

Choices:

  • "pap"

  • "chap"

  • "ms_chap"

  • "ms_chap_v2"

  • "auto"

ca-cert

string

Deprecated, please rename it to ca_cert. CA of server to trust under TLS.

call-station-id-type

string

Deprecated, please rename it to call_station_id_type. Calling & Called station identifier type configuration

Choices:

  • "legacy"

  • "IP"

  • "MAC"

class

any

(list) Class.

client-cert

string

Deprecated, please rename it to client_cert. Client certificate to use under TLS.

delimiter

string

Configure delimiter to be used for separating profile group names in the SSO attribute

Choices:

  • "plus"

  • "comma"

dp-carrier-endpoint-attribute

string

Deprecated, please rename it to dp_carrier_endpoint_attribute. Dp carrier endpoint attribute.

Choices:

  • "User-Name"

  • "User-Password"

  • "CHAP-Password"

  • "NAS-IP-Address"

  • "NAS-Port"

  • "Service-Type"

  • "Framed-Protocol"

  • "Framed-IP-Address"

  • "Framed-IP-Netmask"

  • "Framed-Routing"

  • "Filter-Id"

  • "Framed-MTU"

  • "Framed-Compression"

  • "Login-IP-Host"

  • "Login-Service"

  • "Login-TCP-Port"

  • "Reply-Message"

  • "Callback-Number"

  • "Callback-Id"

  • "Framed-Route"

  • "Framed-IPX-Network"

  • "State"

  • "Class"

  • "Vendor-Specific"

  • "Session-Timeout"

  • "Idle-Timeout"

  • "Termination-Action"

  • "Called-Station-Id"

  • "Calling-Station-Id"

  • "NAS-Identifier"

  • "Proxy-State"

  • "Login-LAT-Service"

  • "Login-LAT-Node"

  • "Login-LAT-Group"

  • "Framed-AppleTalk-Link"

  • "Framed-AppleTalk-Network"

  • "Framed-AppleTalk-Zone"

  • "Acct-Status-Type"

  • "Acct-Delay-Time"

  • "Acct-Input-Octets"

  • "Acct-Output-Octets"

  • "Acct-Session-Id"

  • "Acct-Authentic"

  • "Acct-Session-Time"

  • "Acct-Input-Packets"

  • "Acct-Output-Packets"

  • "Acct-Terminate-Cause"

  • "Acct-Multi-Session-Id"

  • "Acct-Link-Count"

  • "CHAP-Challenge"

  • "NAS-Port-Type"

  • "Port-Limit"

  • "Login-LAT-Port"

dp-carrier-endpoint-block-attribute

string

Deprecated, please rename it to dp_carrier_endpoint_block_attribute. Dp carrier endpoint block attribute.

Choices:

  • "User-Name"

  • "User-Password"

  • "CHAP-Password"

  • "NAS-IP-Address"

  • "NAS-Port"

  • "Service-Type"

  • "Framed-Protocol"

  • "Framed-IP-Address"

  • "Framed-IP-Netmask"

  • "Framed-Routing"

  • "Filter-Id"

  • "Framed-MTU"

  • "Framed-Compression"

  • "Login-IP-Host"

  • "Login-Service"

  • "Login-TCP-Port"

  • "Reply-Message"

  • "Callback-Number"

  • "Callback-Id"

  • "Framed-Route"

  • "Framed-IPX-Network"

  • "State"

  • "Class"

  • "Vendor-Specific"

  • "Session-Timeout"

  • "Idle-Timeout"

  • "Termination-Action"

  • "Called-Station-Id"

  • "Calling-Station-Id"

  • "NAS-Identifier"

  • "Proxy-State"

  • "Login-LAT-Service"

  • "Login-LAT-Node"

  • "Login-LAT-Group"

  • "Framed-AppleTalk-Link"

  • "Framed-AppleTalk-Network"

  • "Framed-AppleTalk-Zone"

  • "Acct-Status-Type"

  • "Acct-Delay-Time"

  • "Acct-Input-Octets"

  • "Acct-Output-Octets"

  • "Acct-Session-Id"

  • "Acct-Authentic"

  • "Acct-Session-Time"

  • "Acct-Input-Packets"

  • "Acct-Output-Packets"

  • "Acct-Terminate-Cause"

  • "Acct-Multi-Session-Id"

  • "Acct-Link-Count"

  • "CHAP-Challenge"

  • "NAS-Port-Type"

  • "Port-Limit"

  • "Login-LAT-Port"

dp-context-timeout

integer

Deprecated, please rename it to dp_context_timeout. Dp context timeout.

dp-flush-ip-session

string

Deprecated, please rename it to dp_flush_ip_session. Dp flush ip session.

Choices:

  • "disable"

  • "enable"

dp-hold-time

integer

Deprecated, please rename it to dp_hold_time. Dp hold time.

dp-http-header

string

Deprecated, please rename it to dp_http_header. Dp http header.

dp-http-header-fallback

string

Deprecated, please rename it to dp_http_header_fallback. Dp http header fallback.

Choices:

  • "ip-header-address"

  • "default-profile"

dp-http-header-status

string

Deprecated, please rename it to dp_http_header_status. Dp http header status.

Choices:

  • "disable"

  • "enable"

dp-http-header-suppress

string

Deprecated, please rename it to dp_http_header_suppress. Dp http header suppress.

Choices:

  • "disable"

  • "enable"

dp-log-dyn_flags

list / elements=string

Deprecated, please rename it to dp_log_dyn_flags. Dp log dyn flags.

Choices:

  • "none"

  • "protocol-error"

  • "profile-missing"

  • "context-missing"

  • "accounting-stop-missed"

  • "accounting-event"

  • "radiusd-other"

  • "endpoint-block"

dp-log-period

integer

Deprecated, please rename it to dp_log_period. Dp log period.

dp-mem-percent

integer

Deprecated, please rename it to dp_mem_percent. Dp mem percent.

dp-profile-attribute

string

Deprecated, please rename it to dp_profile_attribute. Dp profile attribute.

Choices:

  • "User-Name"

  • "User-Password"

  • "CHAP-Password"

  • "NAS-IP-Address"

  • "NAS-Port"

  • "Service-Type"

  • "Framed-Protocol"

  • "Framed-IP-Address"

  • "Framed-IP-Netmask"

  • "Framed-Routing"

  • "Filter-Id"

  • "Framed-MTU"

  • "Framed-Compression"

  • "Login-IP-Host"

  • "Login-Service"

  • "Login-TCP-Port"

  • "Reply-Message"

  • "Callback-Number"

  • "Callback-Id"

  • "Framed-Route"

  • "Framed-IPX-Network"

  • "State"

  • "Class"

  • "Vendor-Specific"

  • "Session-Timeout"

  • "Idle-Timeout"

  • "Termination-Action"

  • "Called-Station-Id"

  • "Calling-Station-Id"

  • "NAS-Identifier"

  • "Proxy-State"

  • "Login-LAT-Service"

  • "Login-LAT-Node"

  • "Login-LAT-Group"

  • "Framed-AppleTalk-Link"

  • "Framed-AppleTalk-Network"

  • "Framed-AppleTalk-Zone"

  • "Acct-Status-Type"

  • "Acct-Delay-Time"

  • "Acct-Input-Octets"

  • "Acct-Output-Octets"

  • "Acct-Session-Id"

  • "Acct-Authentic"

  • "Acct-Session-Time"

  • "Acct-Input-Packets"

  • "Acct-Output-Packets"

  • "Acct-Terminate-Cause"

  • "Acct-Multi-Session-Id"

  • "Acct-Link-Count"

  • "CHAP-Challenge"

  • "NAS-Port-Type"

  • "Port-Limit"

  • "Login-LAT-Port"

dp-profile-attribute-key

string

Deprecated, please rename it to dp_profile_attribute_key. Dp profile attribute key.

dp-radius-response

string

Deprecated, please rename it to dp_radius_response. Dp radius response.

Choices:

  • "disable"

  • "enable"

dp-radius-server-port

integer

Deprecated, please rename it to dp_radius_server_port. Dp radius server port.

dp-secret

any

(list) Deprecated, please rename it to dp_secret. Dp secret.

dp-validate-request-secret

string

Deprecated, please rename it to dp_validate_request_secret. Dp validate request secret.

Choices:

  • "disable"

  • "enable"

dynamic-profile

string

Deprecated, please rename it to dynamic_profile. Dynamic profile.

Choices:

  • "disable"

  • "enable"

endpoint-translation

string

Deprecated, please rename it to endpoint_translation. Endpoint translation.

Choices:

  • "disable"

  • "enable"

ep-carrier-endpoint-convert-hex

string

Deprecated, please rename it to ep_carrier_endpoint_convert_hex. Ep carrier endpoint convert hex.

Choices:

  • "disable"

  • "enable"

ep-carrier-endpoint-header

string

Deprecated, please rename it to ep_carrier_endpoint_header. Ep carrier endpoint header.

ep-carrier-endpoint-header-suppress

string

Deprecated, please rename it to ep_carrier_endpoint_header_suppress. Ep carrier endpoint header suppress.

Choices:

  • "disable"

  • "enable"

ep-carrier-endpoint-prefix

string

Deprecated, please rename it to ep_carrier_endpoint_prefix. Ep carrier endpoint prefix.

Choices:

  • "disable"

  • "enable"

ep-carrier-endpoint-prefix-range-max

integer

Deprecated, please rename it to ep_carrier_endpoint_prefix_range_max. Ep carrier endpoint prefix range max.

ep-carrier-endpoint-prefix-range-min

integer

Deprecated, please rename it to ep_carrier_endpoint_prefix_range_min. Ep carrier endpoint prefix range min.

ep-carrier-endpoint-prefix-string

string

Deprecated, please rename it to ep_carrier_endpoint_prefix_string. Ep carrier endpoint prefix string.

ep-carrier-endpoint-source

string

Deprecated, please rename it to ep_carrier_endpoint_source. Ep carrier endpoint source.

Choices:

  • "http-header"

  • "cookie"

ep-ip-header

string

Deprecated, please rename it to ep_ip_header. Ep ip header.

ep-ip-header-suppress

string

Deprecated, please rename it to ep_ip_header_suppress. Ep ip header suppress.

Choices:

  • "disable"

  • "enable"

ep-missing-header-fallback

string

Deprecated, please rename it to ep_missing_header_fallback. Ep missing header fallback.

Choices:

  • "session-ip"

  • "policy-profile"

ep-profile-query-type

string

Deprecated, please rename it to ep_profile_query_type. Ep profile query type.

Choices:

  • "session-ip"

  • "extract-ip"

  • "extract-carrier-endpoint"

group-override-attr-type

string

Deprecated, please rename it to group_override_attr_type. Group override attr type.

Choices:

  • "filter-Id"

  • "class"

h3c-compatibility

string

Deprecated, please rename it to h3c_compatibility. H3c compatibility.

Choices:

  • "disable"

  • "enable"

interface

string

Interface.

interface-select-method

string

Deprecated, please rename it to interface_select_method. Interface select method.

Choices:

  • "auto"

  • "sdwan"

  • "specify"

mac-case

string

Deprecated, please rename it to mac_case. MAC authentication case

Choices:

  • "uppercase"

  • "lowercase"

mac-password-delimiter

string

Deprecated, please rename it to mac_password_delimiter. MAC authentication password delimiter

Choices:

  • "hyphen"

  • "single-hyphen"

  • "colon"

  • "none"

mac-username-delimiter

string

Deprecated, please rename it to mac_username_delimiter. MAC authentication username delimiter

Choices:

  • "hyphen"

  • "single-hyphen"

  • "colon"

  • "none"

nas-id

string

Deprecated, please rename it to nas_id. Custom NAS identifier.

nas-id-type

string

Deprecated, please rename it to nas_id_type. NAS identifier type configuration

Choices:

  • "legacy"

  • "custom"

  • "hostname"

nas-ip

string

Deprecated, please rename it to nas_ip. Nas ip.

password-encoding

string

Deprecated, please rename it to password_encoding. Password encoding.

Choices:

  • "ISO-8859-1"

  • "auto"

password-renewal

string

Deprecated, please rename it to password_renewal. Password renewal.

Choices:

  • "disable"

  • "enable"

radius-coa

string

Deprecated, please rename it to radius_coa. Radius coa.

Choices:

  • "disable"

  • "enable"

radius-port

integer

Deprecated, please rename it to radius_port. Radius port.

rsso

string

Rsso.

Choices:

  • "disable"

  • "enable"

rsso-context-timeout

integer

Deprecated, please rename it to rsso_context_timeout. Rsso context timeout.

rsso-endpoint-attribute

string

Deprecated, please rename it to rsso_endpoint_attribute. Rsso endpoint attribute.

Choices:

  • "User-Name"

  • "User-Password"

  • "CHAP-Password"

  • "NAS-IP-Address"

  • "NAS-Port"

  • "Service-Type"

  • "Framed-Protocol"

  • "Framed-IP-Address"

  • "Framed-IP-Netmask"

  • "Framed-Routing"

  • "Filter-Id"

  • "Framed-MTU"

  • "Framed-Compression"

  • "Login-IP-Host"

  • "Login-Service"

  • "Login-TCP-Port"

  • "Reply-Message"

  • "Callback-Number"

  • "Callback-Id"

  • "Framed-Route"

  • "Framed-IPX-Network"

  • "State"

  • "Class"

  • "Session-Timeout"

  • "Idle-Timeout"

  • "Termination-Action"

  • "Called-Station-Id"

  • "Calling-Station-Id"

  • "NAS-Identifier"

  • "Proxy-State"

  • "Login-LAT-Service"

  • "Login-LAT-Node"

  • "Login-LAT-Group"

  • "Framed-AppleTalk-Link"

  • "Framed-AppleTalk-Network"

  • "Framed-AppleTalk-Zone"

  • "Acct-Status-Type"

  • "Acct-Delay-Time"

  • "Acct-Input-Octets"

  • "Acct-Output-Octets"

  • "Acct-Session-Id"

  • "Acct-Authentic"

  • "Acct-Session-Time"

  • "Acct-Input-Packets"

  • "Acct-Output-Packets"

  • "Acct-Terminate-Cause"

  • "Acct-Multi-Session-Id"

  • "Acct-Link-Count"

  • "CHAP-Challenge"

  • "NAS-Port-Type"

  • "Port-Limit"

  • "Login-LAT-Port"

rsso-endpoint-block-attribute

string

Deprecated, please rename it to rsso_endpoint_block_attribute. Rsso endpoint block attribute.

Choices:

  • "User-Name"

  • "User-Password"

  • "CHAP-Password"

  • "NAS-IP-Address"

  • "NAS-Port"

  • "Service-Type"

  • "Framed-Protocol"

  • "Framed-IP-Address"

  • "Framed-IP-Netmask"

  • "Framed-Routing"

  • "Filter-Id"

  • "Framed-MTU"

  • "Framed-Compression"

  • "Login-IP-Host"

  • "Login-Service"

  • "Login-TCP-Port"

  • "Reply-Message"

  • "Callback-Number"

  • "Callback-Id"

  • "Framed-Route"

  • "Framed-IPX-Network"

  • "State"

  • "Class"

  • "Session-Timeout"

  • "Idle-Timeout"

  • "Termination-Action"

  • "Called-Station-Id"

  • "Calling-Station-Id"

  • "NAS-Identifier"

  • "Proxy-State"

  • "Login-LAT-Service"

  • "Login-LAT-Node"

  • "Login-LAT-Group"

  • "Framed-AppleTalk-Link"

  • "Framed-AppleTalk-Network"

  • "Framed-AppleTalk-Zone"

  • "Acct-Status-Type"

  • "Acct-Delay-Time"

  • "Acct-Input-Octets"

  • "Acct-Output-Octets"

  • "Acct-Session-Id"

  • "Acct-Authentic"

  • "Acct-Session-Time"

  • "Acct-Input-Packets"

  • "Acct-Output-Packets"

  • "Acct-Terminate-Cause"

  • "Acct-Multi-Session-Id"

  • "Acct-Link-Count"

  • "CHAP-Challenge"

  • "NAS-Port-Type"

  • "Port-Limit"

  • "Login-LAT-Port"

rsso-ep-one-ip-only

string

Deprecated, please rename it to rsso_ep_one_ip_only. Rsso ep one ip only.

Choices:

  • "disable"

  • "enable"

rsso-flush-ip-session

string

Deprecated, please rename it to rsso_flush_ip_session. Rsso flush ip session.

Choices:

  • "disable"

  • "enable"

rsso-log-flags

list / elements=string

Deprecated, please rename it to rsso_log_flags. Rsso log flags.

Choices:

  • "none"

  • "protocol-error"

  • "profile-missing"

  • "context-missing"

  • "accounting-stop-missed"

  • "accounting-event"

  • "radiusd-other"

  • "endpoint-block"

rsso-log-period

integer

Deprecated, please rename it to rsso_log_period. Rsso log period.

rsso-radius-response

string

Deprecated, please rename it to rsso_radius_response. Rsso radius response.

Choices:

  • "disable"

  • "enable"

rsso-radius-server-port

integer

Deprecated, please rename it to rsso_radius_server_port. Rsso radius server port.

rsso-secret

any

(list) Deprecated, please rename it to rsso_secret. Rsso secret.

rsso-validate-request-secret

string

Deprecated, please rename it to rsso_validate_request_secret. Rsso validate request secret.

Choices:

  • "disable"

  • "enable"

secondary-secret

any

(list) Deprecated, please rename it to secondary_secret. Secondary secret.

secondary-server

string

Deprecated, please rename it to secondary_server. Secondary server.

secret

any

(list) Secret.

server

string

Server.

server-identity-check

string

Deprecated, please rename it to server_identity_check. Enable/disable RADIUS server identity check

Choices:

  • "disable"

  • "enable"

source-ip

string

Deprecated, please rename it to source_ip. Source ip.

source-ip-interface

any

(list) Deprecated, please rename it to source_ip_interface. Source interface for communication with the RADIUS server.

sso-attribute

string

Deprecated, please rename it to sso_attribute. Sso attribute.

Choices:

  • "User-Name"

  • "User-Password"

  • "CHAP-Password"

  • "NAS-IP-Address"

  • "NAS-Port"

  • "Service-Type"

  • "Framed-Protocol"

  • "Framed-IP-Address"

  • "Framed-IP-Netmask"

  • "Framed-Routing"

  • "Filter-Id"

  • "Framed-MTU"

  • "Framed-Compression"

  • "Login-IP-Host"

  • "Login-Service"

  • "Login-TCP-Port"

  • "Reply-Message"

  • "Callback-Number"

  • "Callback-Id"

  • "Framed-Route"

  • "Framed-IPX-Network"

  • "State"

  • "Class"

  • "Session-Timeout"

  • "Idle-Timeout"

  • "Termination-Action"

  • "Called-Station-Id"

  • "Calling-Station-Id"

  • "NAS-Identifier"

  • "Proxy-State"

  • "Login-LAT-Service"

  • "Login-LAT-Node"

  • "Login-LAT-Group"

  • "Framed-AppleTalk-Link"

  • "Framed-AppleTalk-Network"

  • "Framed-AppleTalk-Zone"

  • "Acct-Status-Type"

  • "Acct-Delay-Time"

  • "Acct-Input-Octets"

  • "Acct-Output-Octets"

  • "Acct-Session-Id"

  • "Acct-Authentic"

  • "Acct-Session-Time"

  • "Acct-Input-Packets"

  • "Acct-Output-Packets"

  • "Acct-Terminate-Cause"

  • "Acct-Multi-Session-Id"

  • "Acct-Link-Count"

  • "CHAP-Challenge"

  • "NAS-Port-Type"

  • "Port-Limit"

  • "Login-LAT-Port"

sso-attribute-key

string

Deprecated, please rename it to sso_attribute_key. Sso attribute key.

sso-attribute-value-override

string

Deprecated, please rename it to sso_attribute_value_override. Sso attribute value override.

Choices:

  • "disable"

  • "enable"

status-ttl

integer

Deprecated, please rename it to status_ttl. Time for which server reachability is cached so that when a server is unreacha…

switch-controller-acct-fast-framedip-detect

integer

Deprecated, please rename it to switch_controller_acct_fast_framedip_detect. Switch controller acct fast framedip detect.

switch-controller-nas-ip-dynamic

string

Deprecated, please rename it to switch_controller_nas_ip_dynamic. Enable/Disable switch-controller nas-ip dynamic to dynam…

Choices:

  • "disable"

  • "enable"

switch-controller-service-type

list / elements=string

Deprecated, please rename it to switch_controller_service_type. Switch controller service type.

Choices:

  • "login"

  • "framed"

  • "callback-login"

  • "callback-framed"

  • "outbound"

  • "administrative"

  • "nas-prompt"

  • "authenticate-only"

  • "callback-nas-prompt"

  • "call-check"

  • "callback-administrative"

tertiary-secret

any

(list) Deprecated, please rename it to tertiary_secret. Tertiary secret.

tertiary-server

string

Deprecated, please rename it to tertiary_server. Tertiary server.

timeout

integer

Timeout.

tls-min-proto-version

string

Deprecated, please rename it to tls_min_proto_version. Minimum supported protocol version for TLS connections

Choices:

  • "default"

  • "TLSv1"

  • "TLSv1-1"

  • "TLSv1-2"

  • "SSLv3"

  • "TLSv1-3"

transport-protocol

string

Deprecated, please rename it to transport_protocol. Transport protocol to be used

Choices:

  • "udp"

  • "tcp"

  • "tls"

use-group-for-profile

string

Deprecated, please rename it to use_group_for_profile. Use group for profile.

Choices:

  • "disable"

  • "enable"

use-management-vdom

string

Deprecated, please rename it to use_management_vdom. Use management vdom.

Choices:

  • "disable"

  • "enable"

username-case-sensitive

string

Deprecated, please rename it to username_case_sensitive. Username case sensitive.

Choices:

  • "disable"

  • "enable"

workspace_locking_adom

string

The adom to lock for FortiManager running in workspace mode, the value can be global and others including root.

workspace_locking_timeout

integer

The maximum time in seconds to wait for other user to release the workspace lock.

Default: 300

Notes

Note

  • Starting in version 2.4.0, all input arguments are named using the underscore naming convention (snake_case). Please change the arguments such as “var-name” to “var_name”. Old argument names are still available yet you will receive deprecation warnings. You can ignore this warning by setting deprecation_warnings=False in ansible.cfg.

  • Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.

  • To create or update an object, use state present directive.

  • To delete an object, use state absent directive.

  • Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples

- name: Example playbook
  hosts: fortimanagers
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Configure dynamic mappings of RADIUS server
      fortinet.fortimanager.fmgr_user_radius_dynamicmapping:
        bypass_validation: false
        adom: ansible
        radius: ansible-test-radius # name
        state: present
        user_radius_dynamicmapping:
          _scope:
            - name: FGT_AWS # need a valid device name
              vdom: root # need a valid vdom name under the device
          server: ansible
          timeout: 100

- name: Gathering fortimanager facts
  hosts: fortimanagers
  gather_facts: false
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Retrieve all the dynamic mappings of RADIUS server
      fortinet.fortimanager.fmgr_fact:
        facts:
          selector: "user_radius_dynamicmapping"
          params:
            adom: "ansible"
            radius: "ansible-test-radius" # name
            dynamic_mapping: "your_value"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

meta

dictionary

The result of the request.

Returned: always

request_url

string

The full url requested.

Returned: always

Sample: "/sys/login/user"

response_code

integer

The status of api request.

Returned: always

Sample: 0

response_data

list / elements=string

The api response.

Returned: always

response_message

string

The descriptive message of the api response.

Returned: always

Sample: "OK."

system_information

dictionary

The information of the target system.

Returned: always

rc

integer

The status the request.

Returned: always

Sample: 0

version_check_warning

list / elements=string

Warning if the parameters used in the playbook are not supported by the current FortiManager version.

Returned: complex

Authors

  • Xinwei Du (@dux-fortinet)

  • Xing Li (@lix-fortinet)

  • Jie Xue (@JieX19)

  • Link Zheng (@chillancezen)

  • Frank Shen (@fshen01)

  • Hongbin Lu (@fgtdev-hblu)