I'm trying to use the ansible-freeipa user module to disable a list of
users
(https://github.com/freeipa/ansible-freeipa/blob/master/README-user.md).
The module accepts a list for its users parameter. I can get the list as a
fact, but I can't seem to get it formatted properly for the module.
I wrote a test playbook with a static variable that worked as follows:
vars:
idmfqdn: ipaserver.example.com
binduser: 'admin'
bindpasswd: '{{ secure_ipa_pass }}'
disabled_uids:
- name: test1
- name: test2
tasks:
- name: Disable flagged accounts
freeipa.ansible_freeipa.ipauser:
ipaadmin_password: "{{ secure_ipa_pass }}"
users: "{{ disabled_uids }}"
state: disabled
However, in my real playbook, when i get the list of users to disable, it
is in the following format:
TASK [Disable flagged accounts]
***********************************************************************************
ok: [auth1.secure-ose.faa.gov] => {
"msg": "[test1]\n"
}
I get this as follows:
- name: Set Disabled Users fact
set_fact:
disabled_users: "{{ user_show.results |
json_query('[*].json.result.result.{uid: uid[0], mail: mail[0],
nsaccountlock: nsaccountlock, pwdexp:
krbpasswordexpiration[0].__datetime__}') |
selectattr('pwdexp','<',cutoff_date) | selectattr('nsaccountlock',
'equalto', False) | list }}"
- name: Get list of UIDs to disable
set_fact:
disabled_uids: "{{ disabled_users | map(attribute='uid') | list |
to_yaml }}"
So how can I create the list that conforms to the static example that the
module is expecting?
Thanks,
Harry
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/eeab5266-50aa-4bae-a0d6-032d22f4461fn%40googlegroups.com.
