community.general.ipa_pwpolicy – Manage FreeIPA password policies
This plugin is part of the community.general collection (version 4.2.0).
You might already have this collection installed if you are using the
It is not included in
To check whether it is installed, run
ansible-galaxy collection list.
To install it, use:
ansible-galaxy collection install community.general.
To use it in a playbook, specify:
New in version 2.0.0: of community.general
- name: Modify the global password policy community.general.ipa_pwpolicy: maxpwdlife: '90' minpwdlife: '1' historylength: '8' minclasses: '3' minlength: '16' maxfailcount: '6' failinterval: '60' lockouttime: '600' ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Ensure the password policy for the group admins is present community.general.ipa_pwpolicy: group: admins state: present maxpwdlife: '60' minpwdlife: '24' historylength: '16' minclasses: '4' priority: '10' maxfailcount: '4' failinterval: '600' lockouttime: '1200' ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Ensure that the group sysops does not have a unique password policy community.general.ipa_pwpolicy: group: sysops state: absent ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret
Common return values are documented here, the following are the fields unique to this module: