---
- name: Tests
hosts: ipaserver
become: true
gather_facts: false
tasks:
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: user1,user2,user3,user4,user5,user6,user7,user8,user9,user10
state: absent
- name: Users user1..10 present
ipauser:
ipaadmin_password: SomeADMINpassword
users:
- name: user1
givenname: user1
last: Last
- name: user2
first: user2
last: Last
- name: user3
first: user3
last: Last
- name: user4
first: user4
last: Last
- name: user5
first: user5
last: Last
- name: user6
first: user6
last: Last
- name: user7
first: user7
last: Last
- name: user8
first: user8
last: Last
- name: user9
first: user9
last: Last
- name: user10
first: user10
last: Last
register: result
failed_when: not result.changed
- name: Users user1..10 present
ipauser:
ipaadmin_password: SomeADMINpassword
users:
- name: user1
givenname: user1
sn: Last
- name: user2
first: user2
last: Last
- name: user3
first: user3
last: Last
- name: user4
first: user4
last: Last
- name: user5
first: user5
last: Last
- name: user6
first: user6
last: Last
- name: user7
first: user7
last: Last
- name: user8
first: user8
last: Last
- name: user9
first: user9
last: Last
- name: user10
first: user10
last: Last
register: result
failed_when: result.changed
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: user1,user2,user3,user4,user5,user6,user7,user8,user9,user10
state: absent
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: manager1,manager2,manager3,pinky,pinky2
state: absent
- name: User manager1 present
ipauser:
ipaadmin_password: SomeADMINpassword
users:
- name: manager1
first: Manager1
last: One1
- name: manager2
first: Manager2
last: One2
- name: manager3
first: Manager3
last: One3
register: result
failed_when: not result.changed
- name: User pinky present
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
uid: 10001
gid: 100
phone: "+555123457"
email: pinky@acme.com
principalexpiration: "20220119235959"
#passwordexpiration: "2022-01-19 23:59:59"
first: pinky
last: Acme
initials: pa
#password: foo2
principal: pa
random: yes
city: PinkyCity
userstate: PinkyState
postalcode: PinkyZip
mobile: "+555123458,+555123459"
pager: "+555123450,+555123451"
fax: "+555123452,+555123453"
orgunit: PinkyOrgUnit
manager: manager1,manager2
update_password: on_create
carlicense: PinkyCarLicense1,PinkyCarLicense2
# sshpubkey
userauthtype: password,radius,otp
userclass: PinkyUserClass
#radius: "http://some.link/"
#radiususer: PinkyRadiusUser
departmentnumber: "1234"
employeenumber: "0815"
employeetype: "PinkyExmployeeType"
preferredlanguage: "en"
# certificate
noprivate: yes
nomembers: false
#issuer: PinkyIssuer
#subject: PinkySubject
register: result
failed_when: not result.changed
- name: Same user pinky present again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
uid: 10001
gid: 100
phone: "+555123457"
email: pinky@acme.com
principalexpiration: "20220119235959"
#passwordexpiration: "2022-01-19 23:59:59"
first: pinky
last: Acme
initials: pa
#password: foo2
principal: pa
random: yes
city: PinkyCity
userstate: PinkyState
postalcode: PinkyZip
mobile: "+555123458,+555123459"
pager: "+555123450,+555123451"
fax: "+555123452,+555123453"
orgunit: PinkyOrgUnit
manager: manager1,manager2
update_password: on_create
carlicense: PinkyCarLicense1,PinkyCarLicense2
# sshpubkey
userauthtype: password,radius,otp
userclass: PinkyUserClass
#radius: "http://some.link/"
#radiususer: PinkyRadiusUser
departmentnumber: "1234"
employeenumber: "0815"
employeetype: "PinkyExmployeeType"
preferredlanguage: "en"
# certificate
noprivate: yes
nomembers: false
#issuer: PinkyIssuer
#subject: PinkySubject
register: result
failed_when: result.changed
- name: User pinky present with changed settings
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
first: pinky
last: Acme
#manager: manager1,manager2,manager3
#principal: pa,pa1,pa3
sshpubkey:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqmVDpEX5gnSjKuv97AyzOhaUMMKz8ahOA3GY77tVC4o68KNgMCmDSEG1/kOIaElngNLaCha3p/2iAcU9Bi1tLKUlm2bbO5NHNwHfRxY/3cJtq+/7D1vxJzqThYwI4F9vr1WxyY2+mMTv3pXbfAJoR8Mu06XaEY5PDetlDKjHLuNWF+/O7ZU8PsULTa1dJZFrtXeFpmUoLoGxQBvlrlcPI1zDciCSU24t27Zan5Py2l5QchyI7yhCyMM77KDtj5+AFVpmkb9+zq50rYJAyFVeyUvwjzErvQrKJzYpA0NyBp7vskWbt36M16/M/LxEK7HA6mkcakO3ESWx5MT1LAjvdlnxbWG3787MxweHXuB8CZU+9bZPFBaJ+VQtOfJ7I8eH0S16moPC4ak8FlcFvOH8ERDPWLFDqfy09yaZ7bVIF0//5ZI7Nf3YDe3S7GrBX5ieYuECyP6UNkTx9BRsAQeVvXEc6otzB7iCSnYBMGUGzCqeigoAWaVQUONsSR3Uatks= pinky@ipaserver.el81.local
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDc8MIjaSrxLYHvu+hduoF4m6NUFSlXZWzYbd3BK4L47/U4eiXoOS6dcfuZJDjmLfOipc7XVp7NADwAgA1yBOAjbeVpXr2tC8w8saZibl75WBOEjDfNroiOh/f/ojrwwHg05QTVSZHs27sU1HBPyCQM/FHVM6EnRfmyiBkEBA/3ca0PJ9UJhWb2XisCaz6y6QcTh4gQnvHzgmEmK31GwiKnmBSEQuj8P5NGCO8RlN3cq3zpRpMDEoBRCjQYicllf/5P43r5OGvS1LhTiAMfyqE37URezNQa7aozBpH1GhIwAmjAtm84jXQjxUgZPYC0aSLuADYErScOP4792r6koH9t/DM5/M+jG2c4PNWynDczUw6Eaxl5E3hU0Ee9UN0Oee7iBnVenS/QMeZNyo5lMA/HXT5lrYiJGTYM0shRjGXXYBbJZhWerguSWDAdUd1gvuGP1nb7/+/Cvb46+HX7zYouS5Ojo0yPzMZ07X142jnKAfx9LnKdMUCwBJzbtoJ91Zc= pinky@ipaserver.el81.local
register: result
failed_when: not result.changed
- name: User pinky add manager manager1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
register: result
failed_when: not result.changed
- name: User pinky add manager manager1 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
register: result
failed_when: result.changed
- name: User pinky add manager manager2, manager3
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager2,manager3
action: member
register: result
failed_when: not result.changed
- name: User pinky add manager manager2, manager3 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager2,manager3
action: member
register: result
failed_when: result.changed
- name: User pinky remove manager manager1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
state: absent
register: result
failed_when: not result.changed
- name: User pinky remove manager manager1 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
manager: manager1
action: member
state: absent
register: result
failed_when: result.changed
- name: User pinky add principal pa
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa
action: member
register: result
failed_when: not result.changed
- name: User pinky add principal pa again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa
action: member
register: result
failed_when: result.changed
- name: User pinky add principal pa1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa1
action: member
register: result
failed_when: not result.changed
- name: User pinky remove principal pa1
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa1
action: member
state: absent
register: result
failed_when: not result.changed
- name: User pinky remove principal pa1 again
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa1
action: member
state: absent
register: result
failed_when: result.changed
- name: User pinky remove principal pa
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa
action: member
state: absent
register: result
failed_when: not result.changed
- name: User pinky remove principal non-existing pa2
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
principal: pa2
action: member
state: absent
register: result
failed_when: result.changed
- name: User pinky absent and preserved
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
preserve: yes
state: absent
register: result
failed_when: not result.changed
- name: User pinky undeleted (preserved before)
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
state: undeleted
register: result
failed_when: not result.changed
- name: Users pinky disabled
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
state: disabled
register: result
failed_when: not result.changed
- name: User pinky enabled
ipauser:
ipaadmin_password: SomeADMINpassword
name: pinky
state: enabled
register: result
failed_when: not result.changed
- name: Remove test users
ipauser:
ipaadmin_password: SomeADMINpassword
name: manager1,manager2,manager3,pinky,pinky2
state: absent