purestorage.flashblade.purefb_ad module – Manage FlashBlade Active Directory Account
Note
This module is part of the purestorage.flashblade collection (version 1.19.2).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install purestorage.flashblade
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: purestorage.flashblade.purefb_ad
.
New in purestorage.flashblade 1.6.0
Synopsis
Add or delete FlashBlade Active Directory Account
FlashBlade allows the creation of one AD computer account, or joining of an existing AD computer account.
Requirements
The below requirements are needed on the host that executes this module.
python >= 3.9
py-pure-client
purity_fb >= 1.12.2
netaddr
datetime
pytz
distro
pycountry
urllib3
Parameters
Parameter |
Comments |
---|---|
FlashBlade API token for admin privileged user. |
|
The common name of the computer account to be created in the Active Directory domain. If not specified, defaults to the name of the Active Directory configuration. |
|
A list of directory servers that will be used for lookups related to user authorization Accepted server formats are IP address and DNS name All specified servers must be registered to the domain appropriately in the array configured DNS and will only be communicated with over the secure LDAP (LDAPS) protocol. If not specified, servers are resolved for the domain in DNS The specified list can have a maximum length of 5. If more are provided only the first 5 are used. |
|
Disable insecure certificate warnings Choices:
|
|
The Active Directory domain to join |
|
The encryption types that will be supported for use by clients for Kerberos authentication Choices:
Default: |
|
Does the account name already exist in the AD environment Choices:
|
|
FlashBlade management IP address or Hostname. |
|
Location where the Computer account will be created. e.g. OU=Arrays,OU=Storage. If left empty, defaults to CN=Computers. |
|
A list of key distribution servers to use for Kerberos protocol Accepted server formats are IP address and DNS name All specified servers must be registered to the domain appropriately in the array configured DNS. If not specified, servers are resolved for the domain in DNS. The specified list can have a maximum length of 5. If more are provided only the first 5 are used. |
|
Do a local-only delete of an active directory account Choices:
|
|
Name of the AD account |
|
Password string for username |
|
Service protocol for Active Directory principals Refer to FlashBlade User Guide for more details Choices:
Default: |
|
A list of either FQDNs or SPNs for registering services with the domain. If not specified Computer Name.Domain is used |
|
Define whether the AD sccount is deleted or not Choices:
|
|
A user capable of creating a computer account within the domain |
Notes
Note
This module requires the
purity_fb
Python libraryYou must set
PUREFB_URL
andPUREFB_API
environment variables if fb_url and api_token arguments are not passed to the module directly
Examples
- name: Create new AD account
purestorage.flashblade.purefb_ad:
name: ad_account
computer: FLASHBLADE
domain: acme.com
username: Administrator
password: Password
join_ou: "CN=FakeOU"
encryption:
- aes128-cts-hmac-sha1-96
- aes256-cts-hmac-sha1-96
kerberos_servers:
- kdc.acme.com
directory_servers:
- ldap.acme.com
service_principals:
- vip1.flashblade.acme.com
fb_url: 10.10.10.2
api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Connect to existing AD account
purestorage.flashblade.purefb_ad:
name: ad_account
computer: FLASHBLADE
domain: acme.com
username: Administrator
password: Password
existing: true
kerberos_servers:
- kdc.acme.com
directory_servers:
- ldap.acme.com
fb_url: 10.10.10.2
api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Update existing AD account
purestorage.flashblade.purefb_ad:
name: ad_account
encryption:
- aes256-cts-hmac-sha1-96
kerberos_servers:
- kdc.acme.com
directory_servers:
- ldap.acme.com
service_principals:
- vip1.flashblade.acme.com
fb_url: 10.10.10.2
api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Delete local AD account
purestorage.flashblade.purefb_ad:
name: ad_account
local_only: true
fb_url: 10.10.10.2
api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
- name: Fully delete AD account
purestorage.flashblade.purefb_ad:
name: ad_account
fb_url: 10.10.10.2
api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641