dellemc.openmanage.ome_domain_user_groups module – Create, modify, or delete an Active Directory user group on OpenManage Enterprise and OpenManage Enterprise Modular

Note

This module is part of the dellemc.openmanage collection (version 5.5.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install dellemc.openmanage.

To use it in a playbook, specify: dellemc.openmanage.ome_domain_user_groups.

New in version 4.0.0: of dellemc.openmanage

Synopsis

  • This module allows to create, modify, or delete an Active Directory user group on OpenManage Enterprise and OpenManage Enterprise Modular.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 3.8.6

Parameters

Parameter

Comments

ca_path

path

added in 5.0.0 of dellemc.openmanage

The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for the validation.

directory_id

integer

The ID of the Active Directory.

directory_id is mutually exclusive with directory_name.

directory_name

string

The directory name set while adding the Active Directory.

directory_name is mutually exclusive with directory_id.

domain_password

string

Active directory domain password.

domain_username

string

Active directory domain username.

Example: username@domain or domainusername.

group_name

string / required

The desired Active Directory user group name to be imported or removed.

Examples for user group name: Administrator or Account Operators or Access Control Assistance Operator.

group_name value is case insensitive.

hostname

string / required

OpenManage Enterprise or OpenManage Enterprise Modular IP address or hostname.

password

string / required

OpenManage Enterprise or OpenManage Enterprise Modular password.

port

integer

OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port.

Default: 443

role

string

The desired roles and privilege for the imported Active Directory user group.

OpenManage Enterprise Modular Roles: CHASSIS ADMINISTRATOR, COMPUTE MANAGER, STORAGE MANAGER, FABRIC MANAGER, VIEWER.

OpenManage Enterprise Roles: ADMINISTRATOR, DEVICE MANAGER, VIEWER.

role value is case insensitive.

state

string

present imports or modifies the Active Directory user group.

absent deletes an existing Active Directory user group.

Choices:

  • present ← (default)

  • absent

timeout

integer

added in 5.0.0 of dellemc.openmanage

The socket level timeout in seconds.

Default: 30

username

string / required

OpenManage Enterprise or OpenManage Enterprise Modular username.

validate_certs

boolean

added in 5.0.0 of dellemc.openmanage

If False, the SSL certificates will not be validated.

Configure False only on personally controlled sites where self-signed certificates are used.

Prior to collection version 5.0.0, the validate_certs is False by default.

Choices:

  • no

  • yes ← (default)

Notes

Note

  • This module supports check_mode and idempotency.

  • Run this module from a system that has direct access to OpenManage Enterprise or OpenManage Enterprise Modular.

Examples

---
- name: Create Active Directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: present
    group_name: account operators
    directory_name: directory_name
    role: administrator
    domain_username: [email protected]
    domain_password: domain_password

- name: Update Active Directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: present
    group_name: account operators
    role: viewer

- name: Delete active directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: absent
    group_name: administrators

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

domain_user_status

dictionary

Details of the domain user operation, when state is present.

Returned: When state is present.

Sample: {“Description”: null, “DirectoryServiceId”: 16097, “Enabled”: true, “Id”: “16617”, “IsBuiltin”: false, “IsVisible”: true, “Locked”: false, “Name”: “Account Operators”, “ObjectGuid”: “a491859c-031e-42a3-ae5e-0ab148ecf1d6”, “ObjectSid”: null, “Oem”: null, “Password”: null, “PlainTextPassword”: null, “RoleId”: “16”, “UserName”: “Account Operators”, “UserTypeId”: 2}

error_info

dictionary

Details of the HTTP Error.

Returned: on HTTP error

Sample: {“error”: {“@Message.ExtendedInfo”: [{“Message”: “Unable to process the request because an error occurred.”, “MessageArgs”: [], “MessageId”: “GEN1234”, “RelatedProperties”: [], “Resolution”: “Retry the operation. If the issue persists, contact your system administrator.”, “Severity”: “Critical”}], “code”: “Base.1.0.GeneralError”, “message”: “A general error has occurred. See ExtendedInfo for more information.”}}

msg

string

Overall status of the Active Directory user group operation.

Returned: always

Sample: “Successfully imported the active directory user group.”

Authors

  • Felix Stephen (@felixs88)