internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-03-26 21:33:05 +00:00
Code Issues Projects Releases Wiki Activity
Files
603bd61845492bcb601746fbae21f3b5c2e3c319
ansible-freeipa/tests/idrange/tasks_set_trust.yml
Rafael Guterres Jeffman 603bd61845 New idrange management module 
There is a new idrange management module placed in the plugins folder:

    plugins/modules/ipaidrange.py

The idrange module allows to ensure presence and absence of idranges.

Here is the documentation of the module:

    README-idrange.md

New example playbooks have been added:

    playbooks/idrange/idrange-absent.yml
    playbooks/idrange/idrange-ad-posix-present.yml
    playbooks/idrange/idrange-ad-present.yml
    playbooks/idrange/idrange-present.yml

New tests for the module can be found at:

    tests/idrange/test_idrange.yml
    tests/idrange/test_idrange_client_context.yml
2022-04-28 11:54:41 -03:00

37 lines
1.2 KiB
YAML
Raw Blame History

---
- name: Ensure DNS forward zone to Windows AD
ipadnsforwardzone:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: "{{ adserver.domain }}"
forwarders:
- ip_address: "{{ adserver.ip_address }}"
forwardpolicy: first
register: trust_dnszone
- name: Set trust to Widows AD
ipatrust:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
realm: "{{ adserver.domain }}"
admin: Administrator
password: "{{ adserver.password }}"
base_id: "{{ trust_base_id | default(omit) }}"
range_type: "{{ trust_range_type | default(omit) }}"
range_size: "{{ trust_range_size | default(omit) }}"
register: result
failed_when: result.failed
- name: Retrieve Domain Security Identifier
shell:
cmd: |
kinit -c test_krb5_cache admin <<< SomeADMINpassword > /dev/null
KRB5CCNAME=test_krb5_cache ipa trust-show {{ adserver.domain }} | sed -n "/Domain Security Identifier/s/ //gp" | cut -d":" -f2
kdestroy -c test_krb5_cache -A -q > /dev/null
register: getsid
no_log: yes
- name: Set ipa_domain_sid.
set_fact:
ipa_domain_sid: "{{ getsid.stdout }}"
Reference in New Issue View Git Blame Copy Permalink