dellemc.openmanage.ome_domain_user_groups module – Create, modify, or delete an Active Directory/LDAP user group on OpenManage Enterprise and OpenManage Enterprise Modular

Note

This module is part of the dellemc.openmanage collection (version 8.5.0).

To install it, use: ansible-galaxy collection install dellemc.openmanage. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: dellemc.openmanage.ome_domain_user_groups.

New in dellemc.openmanage 4.0.0

Synopsis

• This module allows to create, modify, or delete an Active Directory/LDAP user group on OpenManage Enterprise and OpenManage Enterprise Modular.

Requirements

The below requirements are needed on the host that executes this module.

• python >= 3.9.6

Parameters

Parameter	Comments
ca_path path added in dellemc.openmanage 5.0.0	The Privacy Enhanced Mail (PEM) file that contains a CA certificate to be used for the validation.
directory_id integer	The ID of the Active Directory/LDAP. directory_id is mutually exclusive with directory_name.
directory_name string	The directory name set while adding the Active Directory/LDAP. directory_name is mutually exclusive with directory_id.
directory_type string	Type of the account. Choices: "AD" ← (default) "LDAP"
domain_password string	Active Directory/LDAP domain password.
domain_username string	Active Directory/LDAP domain username. Example: username@domain or domain\username.
group_name string / required	The desired Active Directory/LDAP user group name to be imported or removed. Examples for user group name: Administrator or Account Operators or Access Control Assistance Operator. group_name value is case insensitive.
hostname string / required	OpenManage Enterprise or OpenManage Enterprise Modular IP address or hostname.
password string / required	OpenManage Enterprise or OpenManage Enterprise Modular password.
port integer	OpenManage Enterprise or OpenManage Enterprise Modular HTTPS port. Default: 443
role string	The desired roles and privilege for the imported Active Directory/LDAP user group. OpenManage Enterprise Modular Roles: CHASSIS ADMINISTRATOR, COMPUTE MANAGER, STORAGE MANAGER, FABRIC MANAGER, VIEWER. OpenManage Enterprise Roles: ADMINISTRATOR, DEVICE MANAGER, VIEWER. role value is case insensitive.
state string	present imports or modifies the Active Directory/LDAP user group. absent deletes an existing Active Directory/LDAP user group. Choices: "present" ← (default) "absent"
timeout integer added in dellemc.openmanage 5.0.0	The socket level timeout in seconds. Default: 30
username string / required	OpenManage Enterprise or OpenManage Enterprise Modular username.
validate_certs boolean added in dellemc.openmanage 5.0.0	If false, the SSL certificates will not be validated. Configure false only on personally controlled sites where self-signed certificates are used. Prior to collection version 5.0.0, the validate_certs is false by default. Choices: false true ← (default)

Notes

Note

• This module supports check_mode and idempotency.

• Run this module from a system that has direct access to OpenManage Enterprise or OpenManage Enterprise Modular.

Examples

---
- name: Create Active Directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: present
    group_name: account operators
    directory_name: directory_name
    role: administrator
    domain_username: username@domain
    domain_password: domain_password

- name: Update Active Directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: present
    group_name: account operators
    role: viewer

- name: Delete active directory user group
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: absent
    group_name: administrators

- name: Import LDAP directory group.
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    directory_type: LDAP
    state: present
    group_name: account operators
    directory_name: directory_name
    role: administrator
    domain_username: username@domain
    domain_password: domain_password

- name: Remove LDAP directory group.
  dellemc.openmanage.ome_domain_user_groups:
    hostname: "192.168.0.1"
    username: "username"
    password: "password"
    ca_path: "/path/to/ca_cert.pem"
    state: absent
    group_name: account operators

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
domain_user_status dictionary	Details of the domain user operation, when state is present. Returned: When state is present. Sample: {"Description": null, "DirectoryServiceId": 16097, "Enabled": true, "Id": "16617", "IsBuiltin": false, "IsVisible": true, "Locked": false, "Name": "Account Operators", "ObjectGuid": "a491859c-031e-42a3-ae5e-0ab148ecf1d6", "ObjectSid": null, "Oem": null, "Password": null, "PlainTextPassword": null, "RoleId": "16", "UserName": "Account Operators", "UserTypeId": 2}
error_info dictionary	Details of the HTTP Error. Returned: on HTTP error Sample: {"error": {"@Message.ExtendedInfo": [{"Message": "Unable to process the request because an error occurred.", "MessageArgs": [], "MessageId": "GEN1234", "RelatedProperties": [], "Resolution": "Retry the operation. If the issue persists, contact your system administrator.", "Severity": "Critical"}], "code": "Base.1.0.GeneralError", "message": "A general error has occurred. See ExtendedInfo for more information."}}
msg string	Overall status of the Active Directory/LDAP user group operation. Returned: always Sample: "Successfully imported the Active Directory/LDAP user group."

Authors

• Felix Stephen (@felixs88)

• Abhishek Sinha (@Abhishek-Dell)

Collection links

Issue Tracker Homepage Repository (Sources)