mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
* ipa_user: Add userauthtype param
* Add changelog fragment
* Update changelogs/fragments/951-ipa_user-add-userauthtype-param.yaml
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* Update plugins/modules/identity/ipa/ipa_user.py
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
* ipa_user: Add example for userauthtype
Co-authored-by: Lina He <lhe@tmamission.com>
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
(cherry picked from commit 104f6a3e96
)
Co-authored-by: Lina He <lh3su@virginia.edu>
This commit is contained in:
parent
0baceda7f6
commit
c00147e532
2 changed files with 27 additions and 3 deletions
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
minor_changes:
|
||||
- "ipa_user - add ``userauthtype`` option (https://github.com/ansible-collections/community.general/pull/951)."
|
|
@ -90,6 +90,12 @@ options:
|
|||
- Default home directory of the user.
|
||||
type: str
|
||||
version_added: '0.2.0'
|
||||
userauthtype:
|
||||
description:
|
||||
- The authentication type to use for the user.
|
||||
choices: ["password", "radius", "otp", "pkinit", "hardened"]
|
||||
type: str
|
||||
version_added: '1.2.0'
|
||||
extends_documentation_fragment:
|
||||
- community.general.ipa.documentation
|
||||
|
||||
|
@ -139,6 +145,15 @@ EXAMPLES = r'''
|
|||
ipa_user: admin
|
||||
ipa_pass: topsecret
|
||||
update_password: on_create
|
||||
|
||||
- name: Ensure pinky is present and using one time password authentication
|
||||
community.general.ipa_user:
|
||||
name: pinky
|
||||
state: present
|
||||
userauthtype: otp
|
||||
ipa_host: ipa.example.com
|
||||
ipa_user: admin
|
||||
ipa_pass: topsecret
|
||||
'''
|
||||
|
||||
RETURN = r'''
|
||||
|
@ -182,7 +197,8 @@ class UserIPAClient(IPAClient):
|
|||
|
||||
def get_user_dict(displayname=None, givenname=None, krbpasswordexpiration=None, loginshell=None,
|
||||
mail=None, nsaccountlock=False, sn=None, sshpubkey=None, telephonenumber=None,
|
||||
title=None, userpassword=None, gidnumber=None, uidnumber=None, homedirectory=None):
|
||||
title=None, userpassword=None, gidnumber=None, uidnumber=None, homedirectory=None,
|
||||
userauthtype=None):
|
||||
user = {}
|
||||
if displayname is not None:
|
||||
user['displayname'] = displayname
|
||||
|
@ -211,6 +227,8 @@ def get_user_dict(displayname=None, givenname=None, krbpasswordexpiration=None,
|
|||
user['uidnumber'] = uidnumber
|
||||
if homedirectory is not None:
|
||||
user['homedirectory'] = homedirectory
|
||||
if userauthtype is not None:
|
||||
user['ipauserauthtype'] = userauthtype
|
||||
|
||||
return user
|
||||
|
||||
|
@ -293,7 +311,8 @@ def ensure(module, client):
|
|||
telephonenumber=module.params['telephonenumber'], title=module.params['title'],
|
||||
userpassword=module.params['password'],
|
||||
gidnumber=module.params.get('gidnumber'), uidnumber=module.params.get('uidnumber'),
|
||||
homedirectory=module.params.get('homedirectory'))
|
||||
homedirectory=module.params.get('homedirectory'),
|
||||
userauthtype=module.params.get('userauthtype'))
|
||||
|
||||
update_password = module.params.get('update_password')
|
||||
ipa_user = client.user_find(name=name)
|
||||
|
@ -340,7 +359,9 @@ def main():
|
|||
choices=['present', 'absent', 'enabled', 'disabled']),
|
||||
telephonenumber=dict(type='list', elements='str'),
|
||||
title=dict(type='str'),
|
||||
homedirectory=dict(type='str'))
|
||||
homedirectory=dict(type='str'),
|
||||
userauthtype=dict(type='str',
|
||||
choices=['password', 'radius', 'otp', 'pkinit', 'hardened']))
|
||||
|
||||
module = AnsibleModule(argument_spec=argument_spec,
|
||||
supports_check_mode=True)
|
||||
|
|
Loading…
Reference in a new issue