---
- name: Test host allow_create_keytab
hosts: ipaserver
become: true
tasks:
- name: Get Domain from server name
set_fact:
ipaserver_domain: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') }}"
when: ipaserver_domain is not defined
- name: Get Realm from server name
set_fact:
ipaserver_realm: "{{ groups.ipaserver[0].split('.')[1:] | join ('.') | upper }}"
when: ipaserver_realm is not defined
- name: Set host1_fqdn .. host3_fqdn
set_fact:
host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
- name: Host host1..., host2... and host3... absent
ipahost:
ipaadmin_password: MyPassword123
name:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
state: absent
- name: Ensure host-groups hostgroup1 and hostgroup2 absent
ipahostgroup:
ipaadmin_password: MyPassword123
name: hostgroup1,hostgroup2
state: absent
- name: Ensure users user1 and user2 absent
ipauser:
ipaadmin_password: MyPassword123
users:
- name: user1
- name: user2
state: absent
- name: Ensure group1 and group2 absent
ipagroup:
ipaadmin_password: MyPassword123
name: group1,group2
state: absent
- name: Host host2... and host3... present
ipahost:
ipaadmin_password: MyPassword123
hosts:
- name: "{{ host2_fqdn }}"
force: yes
- name: "{{ host3_fqdn }}"
force: yes
register: result
failed_when: not result.changed
- name: Ensure host-group hostgroup1 present
ipahostgroup:
ipaadmin_password: MyPassword123
name: hostgroup1
state: present
register: result
failed_when: not result.changed
- name: Ensure host-group hostgroup2 present
ipahostgroup:
ipaadmin_password: MyPassword123
name: hostgroup2
state: present
register: result
failed_when: not result.changed
- name: Ensure users user1 and user2 present
ipauser:
ipaadmin_password: MyPassword123
users:
- name: user1
first: First1
last: Last1
- name: user2
first: First2
last: Last2
register: result
failed_when: not result.changed
- name: Ensure group1 present
ipagroup:
ipaadmin_password: MyPassword123
name: group1
register: result
failed_when: not result.changed
- name: Ensure group2 present
ipagroup:
ipaadmin_password: MyPassword123
name: group2
register: result
failed_when: not result.changed
- name: Host host1... present with allow_create_keytab users,groups,hosts and hostgroups
ipahost:
ipaadmin_password: MyPassword123
name: "{{ host1_fqdn }}"
allow_create_keytab_user:
- user1
- user2
allow_create_keytab_group:
- group1
- group2
allow_create_keytab_host:
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup1
- hostgroup2
force: yes
register: result
failed_when: not result.changed
- name: Host host1... present with allow_create_keytab users,groups,hosts and hostgroups again
ipahost:
ipaadmin_password: MyPassword123
name: "{{ host1_fqdn }}"
allow_create_keytab_user:
- user1
- user2
allow_create_keytab_group:
- group1
- group2
allow_create_keytab_host:
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup1
- hostgroup2
force: yes
register: result
failed_when: result.changed
- name: Host host1... absent
ipahost:
ipaadmin_password: MyPassword123
name:
- "{{ host1_fqdn }}"
state: absent
- name: Host host1... present
ipahost:
ipaadmin_password: MyPassword123
name: "{{ host1_fqdn }}"
force: yes
register: result
failed_when: not result.changed
- name: Host host1... ensure allow_create_keytab users,groups,hosts and hostgroups present
ipahost:
ipaadmin_password: MyPassword123
name: "{{ host1_fqdn }}"
allow_create_keytab_user:
- user1
- user2
allow_create_keytab_group:
- group1
- group2
allow_create_keytab_host:
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup1
- hostgroup2
action: member
register: result
failed_when: not result.changed
- name: Host host1... ensure allow_create_keytab users,groups,hosts and hostgroups present again
ipahost:
ipaadmin_password: MyPassword123
name: "{{ host1_fqdn }}"
allow_create_keytab_user:
- user1
- user2
allow_create_keytab_group:
- group1
- group2
allow_create_keytab_host:
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup1
- hostgroup2
action: member
register: result
failed_when: result.changed
- name: Host host1... ensure allow_create_keytab users,groups,hosts and hostgroups absent
ipahost:
ipaadmin_password: MyPassword123
name: "{{ host1_fqdn }}"
allow_create_keytab_user:
- user1
- user2
allow_create_keytab_group:
- group1
- group2
allow_create_keytab_host:
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup1
- hostgroup2
action: member
state: absent
register: result
failed_when: not result.changed
- name: Host host1... ensure allow_create_keytab users,groups,hosts and hostgroups absent again
ipahost:
ipaadmin_password: MyPassword123
name: "{{ host1_fqdn }}"
allow_create_keytab_user:
- user1
- user2
allow_create_keytab_group:
- group1
- group2
allow_create_keytab_host:
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
allow_create_keytab_hostgroup:
- hostgroup1
- hostgroup2
action: member
state: absent
register: result
failed_when: result.changed
- name: Host host1..., host2... and host3... absent
ipahost:
ipaadmin_password: MyPassword123
name:
- "{{ host1_fqdn }}"
- "{{ host2_fqdn }}"
- "{{ host3_fqdn }}"
state: absent
register: result
failed_when: not result.changed
- name: Ensure host-groups hostgroup1 and hostgroup2 absent
ipahostgroup:
ipaadmin_password: MyPassword123
name: hostgroup1,hostgroup2
state: absent
register: result
failed_when: not result.changed
- name: Ensure users user1 and user2 absent
ipauser:
ipaadmin_password: MyPassword123
users:
- name: user1
- name: user2
state: absent
register: result
failed_when: not result.changed
- name: Ensure group1 and group2 absent
ipagroup:
ipaadmin_password: MyPassword123
name: group1,group2
state: absent
register: result
failed_when: not result.changed