Hi,
I’m running a playbook that create a user on remote server and also,
generate keytab file for that user based on domain properties.
I have a configuration file that holds the username , uid and some other
information.
1. I wish that that keytab file will be par of the configuration and
that the name of the file will be based on the provide username -
*username*.keytab.
2. If I set a value of uid to start with - in my example is 2000 ,
can I run and index. First user 2000+1 (2001) , second user 2000+2 (2002)
and etc
*Configuration file *
start_user_uid: 2000
users_keytab_location: /opt/keytab
domain: CLUSTER3.COM
user_details:
- {username: user3 , uid: 2001 , user_domain_password: 1234@WSX ,
keytab_name: {{ username }}.keytab }
- {username: user2 , uid: 2002 , user_domain_password: 1234 ,keytab_name:
{{ username }}.keytab }
- {username: user3 , uid: 2003 , user_domain_password: 1234 ,keytab_name:
{{ username }}.keytab }
*Playbook*
- name: create user
user:
name: "{{ item.username }}"
uid: "{{ item.uid }}"
with_items: "{{ user_details }}"
- name: Generate Kerberos ticket
expect:
command: ktutil
responses:
ktutil:
- "add_entry -password -p {{ item.username }}@{{ domain }} -k 1 -e
rc4-hmac"
- "wkt /data/ansible/add-user/{{ item.keytab_name }}.keytab"
- "quit"
Password: "{{ item.user_domain_password }}"
delegate_to: localhost
with_items: "{{ user_details }}"
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7488cb5c-a6a7-4621-9e6e-66c446c1d477%40googlegroups.com.
