--- - name: Tests hosts: ipaserver become: true gather_facts: false tasks: - name: Ensure HBAC Rule allhosts is absent ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts,sshd-pinky,loginRule state: absent - name: User pinky absent ipauser: ipaadmin_password: MyPassword123 name: pinky state: absent - name: User group login absent ipagroup: ipaadmin_password: MyPassword123 name: login state: absent - name: User pinky present ipauser: ipaadmin_password: MyPassword123 name: pinky uid: 10001 gid: 100 phone: "+555123457" email: pinky@acme.com principalexpiration: "20220119235959" #passwordexpiration: "2022-01-19 23:59:59" first: pinky last: Acme register: result failed_when: not result.changed - name: User group login present ipagroup: ipaadmin_password: MyPassword123 name: login register: result failed_when: not result.changed - name: Ensure HBAC Rule allhosts is present ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts usercategory: all register: result failed_when: not result.changed - name: Ensure HBAC Rule allhosts is present again ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts usercategory: all register: result failed_when: result.changed - name: Ensure host "{{ groups.ipaserver[0] }}" is present in HBAC Rule allhosts ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts host: "{{ groups.ipaserver[0] }}" action: member register: result failed_when: not result.changed - name: Ensure host "{{ groups.ipaserver[0] }}" is present in HBAC Rule allhosts again ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts host: "{{ groups.ipaserver[0] }}" action: member register: result failed_when: result.changed - name: Ensure HBAC Rule sshd-pinky is present ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky hostcategory: all register: result failed_when: not result.changed - name: Ensure HBAC Rule sshd-pinky is present again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky hostcategory: all register: result failed_when: result.changed - name: Ensure user pinky is present in HBAC Rule sshd-pinky ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky user: pinky action: member register: result failed_when: not result.changed - name: Ensure user pinky is present in HBAC Rule sshd-pinky again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky user: pinky action: member register: result failed_when: result.changed - name: Ensure HBAC service sshd is present in HBAC Rule sshd-pinky ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky hbacsvc: sshd action: member register: result failed_when: not result.changed - name: Ensure HBAC service sshd is present in HBAC Rule sshd-pinky again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky hbacsvc: sshd action: member register: result failed_when: result.changed - name: Ensure HBAC Rule loginRule is present with HBAC service sshd ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule group: login register: result failed_when: not result.changed - name: Ensure HBAC Rule loginRule is present with HBAC service sshd again ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule group: login register: result failed_when: result.changed - name: Ensure user pinky is present in HBAC Rule loginRule ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule user: pinky action: member register: result failed_when: not result.changed - name: Ensure user pinky is present in HBAC Rule loginRule again ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule user: pinky action: member register: result failed_when: result.changed - name: Ensure user pinky is absent in HBAC Rule loginRule ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule user: pinky action: member state: absent register: result failed_when: not result.changed - name: Ensure user pinky is absent in HBAC Rule loginRule again ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule user: pinky action: member state: absent register: result failed_when: result.changed - name: Ensure HBAC Rule loginRule is absent ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule state: absent register: result failed_when: not result.changed - name: Ensure HBAC Rule loginRule is absent again ipahbacrule: ipaadmin_password: MyPassword123 name: loginRule state: absent register: result failed_when: result.changed - name: Ensure HBAC service sshd is absent in HBAC Rule sshd-pinky ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky hbacsvc: sshd action: member state: absent register: result failed_when: not result.changed - name: Ensure HBAC service sshd is absent in HBAC Rule sshd-pinky again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky hbacsvc: sshd action: member state: absent register: result failed_when: result.changed - name: Ensure user pinky is absent in HBAC Rule sshd-pinky ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky user: pinky action: member state: absent register: result failed_when: not result.changed - name: Ensure user pinky is absent in HBAC Rule sshd-pinky again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky user: pinky action: member state: absent register: result failed_when: result.changed - name: Ensure HBAC Rule sshd-pinky is disabled ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky state: disabled register: result failed_when: not result.changed - name: Ensure HBAC Rule sshd-pinky is disabled again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky state: disabled register: result failed_when: result.changed - name: Ensure HBAC Rule sshd-pinky is enabled ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky state: enabled register: result failed_when: not result.changed - name: Ensure HBAC Rule sshd-pinky is enabled again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky state: enabled register: result failed_when: result.changed - name: Ensure HBAC Rule sshd-pinky is absent ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky state: absent register: result failed_when: not result.changed - name: Ensure HBAC Rule sshd-pinky is absent again ipahbacrule: ipaadmin_password: MyPassword123 name: sshd-pinky state: absent register: result failed_when: result.changed - name: Ensure host "{{ groups.ipaserver[0] }}" is absent in HBAC Rule allhosts ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts host: "{{ groups.ipaserver[0] }}" action: member state: absent register: result failed_when: not result.changed - name: Ensure host "{{ groups.ipaserver[0] }}" is absent in HBAC Rule allhosts again ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts host: "{{ groups.ipaserver[0] }}" action: member state: absent register: result failed_when: result.changed - name: Ensure HBAC Rule allhosts is absent ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts state: absent register: result failed_when: not result.changed - name: Ensure HBAC Rule allhosts is absent again ipahbacrule: ipaadmin_password: MyPassword123 name: allhosts state: absent register: result failed_when: result.changed - name: User pinky absent ipauser: ipaadmin_password: MyPassword123 name: pinky state: absent - name: User group login absent ipagroup: ipaadmin_password: MyPassword123 name: login state: absent