mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-05-07 05:43:26 +00:00
577d8f7893
Update trust README file and add tests for executing plugin with
`ipaapi_context` set to `client`.
A new test playbook can be found at:
tests/trust/test_trust_client_context.yml
The new test file can be executed in a FreeIPA client host that is
not a server. In this case, it should be defined in the `ipaclients`
group, in the inventory file.
56 lines
1.5 KiB
YAML
56 lines
1.5 KiB
YAML
---
|
|
- name: find trust
|
|
hosts: "{{ ipa_test_host | default('ipaserver') }}"
|
|
become: true
|
|
gather_facts: false
|
|
|
|
tasks:
|
|
|
|
- block:
|
|
|
|
- name: delete trust
|
|
ipatrust:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
realm: windows.local
|
|
state: absent
|
|
register: del_trust
|
|
|
|
- name: check for trust
|
|
shell: |
|
|
echo 'SomeADMINpassword' | kinit admin
|
|
ipa trust-find windows.local
|
|
register: check_find_trust
|
|
failed_when: "'0 trusts matched' not in check_find_trust.stdout"
|
|
|
|
- name: delete id range
|
|
shell: |
|
|
echo 'SomeADMINpassword' | kinit admin
|
|
ipa idrange-del WINDOWS.LOCAL_id_range
|
|
when: del_trust['changed'] | bool
|
|
|
|
- name: check for range
|
|
shell: |
|
|
echo 'SomeADMINpassword' | kinit admin
|
|
ipa idrange-find WINDOWS.LOCAL_id_range
|
|
register: check_del_idrange
|
|
failed_when: "'0 ranges matched' not in check_del_idrange.stdout"
|
|
|
|
- name: add trust
|
|
ipatrust:
|
|
ipaadmin_password: SomeADMINpassword
|
|
ipaapi_context: "{{ ipa_context | default(omit) }}"
|
|
realm: windows.local
|
|
admin: Administrator
|
|
password: secret_ad_pw
|
|
state: present
|
|
|
|
- name: check for trust
|
|
shell: |
|
|
echo 'SomeADMINpassword' | kinit admin
|
|
ipa trust-find windows.local
|
|
register: check_add_trust
|
|
failed_when: "'1 trust matched' not in check_add_trust.stdout"
|
|
|
|
when: trust_test_is_supported | default(false)
|