tom/ansible_new_ldap_user
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

if empty, password is generated

Browse Source
This commit is contained in:
Thomas Constans
2023-03-31 16:18:37 +02:00
parent 9211432515
commit 2f330cf378
3 changed files with 26 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -17,9 +17,13 @@ bindpwd - from group variables
file : default account.csv csv file containing user to create: file : default account.csv csv file containing user to create:
```csv ```csv
org,firstname,lastname,email,password org,firstname,lastname,email,[password]
``` ```
password field optionnal - if empty will be generated automatically - WIP
keep the final comma, though !
Dependencies Dependencies
------------ ------------

23
tasks/ldap_user_inc.yml
View File

@@ -1,19 +1,12 @@
--- ---
- name: add ldap ou - name: set vars
community.general.ldap_entry: ansible.builtin.set_fact:
dn: "ou={{ org }},{{ ldap_base }}"
bind_dn: "{{ binddn }}"
bind_pw: "{{ bindpwd }}"
objectClass:
- organizationalUnit
- top
- name: add ldap account
vars:
firstname: "{{ item.firstname }}" firstname: "{{ item.firstname }}"
lastname: "{{ item.lastname }}" lastname: "{{ item.lastname }}"
email: "{{ item.email }}" email: "{{ item.email }}"
password: "{{ (item.password=='')| ternary(lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1, length=14), item.password ) }}" password: "{{ (item.password=='')| ternary(lookup('community.general.random_string', min_lower=1, min_upper=1, special=false,min_numeric=1, length=14), item.password ) }}"
- name: "add ldap account {{ item.firstname }}"
community.general.ldap_entry: community.general.ldap_entry:
bind_dn: "{{ binddn }}" bind_dn: "{{ binddn }}"
bind_pw: "{{ bindpwd }}" bind_pw: "{{ bindpwd }}"
@@ -31,3 +24,9 @@
PreferredDeliveryMethod: any PreferredDeliveryMethod: any
displayName: "{{ firstname }} {{ lastname }}" displayName: "{{ firstname }} {{ lastname }}"
userPassword: "{{ password }}" userPassword: "{{ password }}"
register: result
- name: display
debug:
msg: "{{ firstname }} created with password >{{ password }}<"
when: result.changed

10
tasks/main.yml
View File

@@ -8,6 +8,15 @@
tags: always tags: always
when: binddn is not defined when: binddn is not defined
- name: add ldap ou
community.general.ldap_entry:
dn: "ou={{ org }},{{ ldap_base }}"
bind_dn: "{{ binddn }}"
bind_pw: "{{ bindpwd }}"
objectClass:
- organizationalUnit
- top
- name: read csv file - name: read csv file
community.general.read_csv: community.general.read_csv:
path: '{{ file|default( "account.csv" ) }}' path: '{{ file|default( "account.csv" ) }}'
@@ -18,3 +27,4 @@
loop: "{{ users.list }}" loop: "{{ users.list }}"