New in version 2.2.
This module allows to manage posix users on a univention corporate server (UCS). It uses the python API of the UCS to create a new object or edit it.
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| birthday | no | None | Birthday |
|
| city | no | None | City of users business address. |
|
| country | no | None | Country of users business address. |
|
| department_number | no | None |
Department number of users business address. aliases: departmentNumber
|
|
| description | no | None | Description (not gecos) |
|
| display_name | no | None |
Display name (not gecos) aliases: displayName
|
|
| email | no | [u''] | A list of e-mail addresses. |
|
| employee_number | no | None |
Employee number aliases: employeeNumber
|
|
| employee_type | no | None |
Employee type aliases: employeeType
|
|
| firstname | no | First name. Required if state=present. |
||
| gecos | no | None | GECOS |
|
| groups | no | POSIX groups, the LDAP DNs of the groups will be found with the LDAP filter for each group as $GROUP: (&(objectClass=posixGroup(cn=$GROUP))). |
||
| home_share | no | None |
Home NFS share. Must be a LDAP DN, e.g. cn=home,cn=shares,ou=school,dc=example,dc=com.aliases: homeShare
|
|
| home_share_path | no | None |
Path to home NFS share, inside the homeShare. aliases: homeSharePath
|
|
| home_telephone_number | no |
List of private telephone numbers. aliases: homeTelephoneNumber
|
||
| homedrive | no | None | Windows home drive, e.g. "H:". |
|
| lastname | no | Last name. Required if state=present. |
||
| mail_alternative_address | no |
List of alternative e-mail addresses. aliases: mailAlternativeAddress
|
||
| mail_home_server | no | None |
FQDN of mail server aliases: mailHomeServer
|
|
| mail_primary_address | no | None |
Primary e-mail address aliases: mailPrimaryAddress
|
|
| mobile_telephone_number | no |
Mobile phone number aliases: mobileTelephoneNumber
|
||
| organisation | no | None | Organisation |
|
| ou | no | Organizational Unit inside the LDAP Base DN, e.g. school for LDAP OU ou=school,dc=example,dc=com. |
||
| override_pw_history | no |
Override password history aliases: overridePWHistory
|
||
| override_pw_length | no |
Override password check aliases: overridePWLength
|
||
| pager_telephonenumber | no |
List of pager telephone numbers. aliases: pagerTelephonenumber
|
||
| password | no | None | Password. Required if state=present. |
|
| phone | no | List of telephone numbers. |
||
| position | no | Define the whole position of users object inside the LDAP tree, e.g. cn=employee,cn=users,ou=school,dc=example,dc=com. |
||
| postcode | no | None | Postal code of users business address. |
|
| primary_group | no | cn=Domain Users,cn=groups,$LDAP_BASE_DN |
Primary group. This must be the group LDAP DN. aliases: primaryGroup
|
|
| profilepath | no | None | Windows profile directory |
|
| pwd_change_next_login | no | None |
|
Change password on next login. aliases: pwdChangeNextLogin
|
| room_number | no | None |
Room number of users business address. aliases: roomNumber
|
|
| samba_privileges | no |
Samba privilege, like allow printer administration, do domain join. aliases: sambaPrivileges
|
||
| samba_user_workstations | no |
Allow the authentication only on this Microsoft Windows host. aliases: sambaUserWorkstations
|
||
| sambahome | no | None | Windows home path, e.g. '\\$FQDN\$USERNAME'. |
|
| scriptpath | no | None | Windows logon script. |
|
| secretary | no | A list of superiors as LDAP DNs. |
||
| serviceprovider | no | [u''] | Enable user for the following service providers. |
|
| shell | no | /bin/bash | Login shell |
|
| state | no | present |
| Whether the user is present or not. |
| street | no | None | Street of users business address. |
|
| subpath | no | cn=users | LDAP subpath inside the organizational unit, e.g. cn=teachers,cn=users for LDAP container cn=teachers,cn=users,dc=example,dc=com. |
|
| title | no | None | Title, e.g. Prof.. |
|
| unixhome | no | /home/$USERNAME | Unix home directory |
|
| userexpiry | no | Today + 1 year | Account expiry date, e.g. 1999-12-31. |
|
| username | yes |
User name aliases: name
|
# Create a user on a UCS
- udm_user: name=FooBar
password=secure_password
firstname=Foo
lastname=Bar
# Create a user with the DN
# C(uid=foo,cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com)
- udm_user: name=foo
password=secure_password
firstname=Foo
lastname=Bar
ou=school
subpath='cn=teachers,cn=users'
# or define the position
- udm_user: name=foo
password=secure_password
firstname=Foo
lastname=Bar
position='cn=teachers,cn=users,ou=school,dc=school,dc=example,dc=com'
For more information on what this means please read Extras Modules
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, developing_test_pr and Developing Modules.
© 2012–2016 Michael DeHaan
© 2016 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/udm_user_module.html