Skip to content

pfsense_authserver_ldap

Frederic Bor edited this page Jan 30, 2020 · 4 revisions
> PFSENSE_AUTHSERVER_LDAP    (/home/fbor/ansible/lib/ansible/modules/network/pfsense/pfsense_authserver_ldap.py)

  Manage pfSense LDAP authentication servers

  * This module is maintained by The Ansible Community
OPTIONS (= is mandatory):

- attr_group
  LDAP Group naming attribute
  [Default: cn]
  type: str

- attr_groupobj
  LDAP Group objectClass naming attribute
  [Default: posixGroup]
  type: str

- attr_member
  LDAP Group member naming attribute
  [Default: member]
  type: str

- attr_user
  LDAP User naming attribute
  [Default: cn]
  type: str

- authcn
  Authentication containers added to basedn
  [Default: (null)]
  type: str

- basedn
  Search base DN
  [Default: (null)]
  type: str

- binddn
  Search bind DN
  [Default: (null)]
  type: str

- bindpw
  Search bind password
  [Default: (null)]
  type: str

- ca
  Certificate Authority
  [Default: global]
  type: str

- extended_enabled
  Enable extended query
  [Default: False]
  type: bool

- extended_query
  Extended query
  [Default: (null)]
  type: str

- host
  The hostname or IP address of the authentication server
  [Default: (null)]
  type: str

= name
  The name of the authentication server

  type: str

- port
  Port to connect to
  [Default: 389]
  type: str

- protver
  LDAP protocol version
  (Choices: 2, 3)[Default: 3]
  type: str

- scope
  Search scope
  (Choices: one, subtree)[Default: (null)]
  type: str

= state
  State in which to leave the authentication server
  (Choices: present, absent)
  type: str

- timeout
  Server timeout in seconds
  [Default: 25]
  type: str

- transport
  Transport to use
  (Choices: tcp, starttls, ssl)[Default: (null)]
  type: str


AUTHOR: Orion Poplawski (@opoplawski)
  METADATA:
    status:
    - preview
    supported_by: community
  

EXAMPLES:

- name: Add adservers authentication server
  pfsense_authserver_ldap:
    name: AD
    host: adserver.example.com
    port: 636
    transport: ssl
    scope: subtree
    authcn: cn=users
    basedn: dc=example,dc=com
    binddn: cn=bind,ou=Service Accounts,dc=example,dc=com
    bindpw: "{{ vaulted_bindpw }}"
    attr_user: samAccountName
    attr_member: memberOf
    attr_groupobj: group
    state: present

- name: Remove LDAP authentication server
  pfsense_authserver_ldap:
    name: AD
    state: absent


RETURN VALUES: