fix: ldap_attr module has changed; adopt new format

2024-04-22 16:47:11 -04:00 · 2024-04-22 16:47:11 -04:00 · 9c0a787b9c
parent 9e50935c62
commit 9c0a787b9c
1 changed files with 27 additions and 35 deletions
--- a/adhoc-ipauser-disable-pdr.yml
+++ b/adhoc-ipauser-disable-pdr.yml
@ -10,6 +10,27 @@
  hosts: "{{ host|default('ipaserver') }}"
  become: false
  gather_facts: false
+  vars:
+    cleanup_attributes:
+      fasGPGKeyId: []
+      fasGitHubUsername: []
+      fasGitLabUsername: []
+      fasIRCNick: []
+      fasRHBZEmail: []
+      fasWebsiteURL: []
+      fasgpgkeyid: []
+      fasLocale: []
+      fasTimezone: []
+      homePhone: []
+      homePostalAddress: []
+      postalAddress: []
+      postalCode: []
+      postOfficeBox: []
+      st: []
+      street: []
+      ipaSshPubKey: []
+      telephoneNumber: []
+      homePhone: []
  collections:
    - freeipa.ansible_freeipa

@ -36,50 +57,21 @@
    - name: "Remove personal information attributes"
      community.general.ldap_attrs:
        dn: "uid={{ ipa_name }},cn=users,cn=accounts,dc=rockylinux,dc=org"
-        name: "{{ item }}"
-        values: []
-        state: exact
-        server_uri: ldap://localhost/
-        bind_dn: "uid={{ ipaadmin_principal }},cn=users,cn=accounts,dc=rockylinux,dc=org"
-        bind_pw: "{{ ipaadmin_password }}"
-      with_items:
-        - fasGPGKeyId
-        - fasGitHubUsername
-        - fasGitLabUsername
-        - fasIRCNick
-        - fasRHBZEmail
-        - fasWebsiteURL
-        - fasgpgkeyid
-        - fasLocale
-        - fasTimezone
-        - homePhone
-        - homePostalAddress
-        - postalAddress
-        - postalCode
-        - postOfficeBox
-        - st
-        - street
-        - ipaSshPubKey
-        - telephoneNumber
-        - homePhone
-
-    - name: "Set FAS Status Note"
-      community.general.ldap_attrs:
-        dn: "uid={{ ipa_name }},cn=users,cn=accounts,dc=rockylinux,dc=org"
-        name: "fasStatusNote"
-        values: "Account Disabled: {{ ticket_id }}"
+        attributes: "{{ cleanup_attributes }}"
        state: exact
        server_uri: ldap://localhost/
        bind_dn: "uid={{ ipaadmin_principal }},cn=users,cn=accounts,dc=rockylinux,dc=org"
        bind_pw: "{{ ipaadmin_password }}"

-    - name: "Set FAS Account Information to Private"
+    - name: "Set FAS Status Note and set isprivate"
      community.general.ldap_attrs:
        dn: "uid={{ ipa_name }},cn=users,cn=accounts,dc=rockylinux,dc=org"
-        name: "fasisprivate"
-        values: "TRUE"
+        attributes: "{{ item }}"
        state: exact
        server_uri: ldap://localhost/
        bind_dn: "uid={{ ipaadmin_principal }},cn=users,cn=accounts,dc=rockylinux,dc=org"
        bind_pw: "{{ ipaadmin_password }}"
+      loop:
+        - fasStatusNote:  "Account Disabled: {{ ticket_id }}"
+        - fasisprivate: true
 ...