From 9c0a787b9c00af6824d14d92d9badf6e1f390498 Mon Sep 17 00:00:00 2001 From: Neil Hanlon Date: Mon, 22 Apr 2024 16:47:11 -0400 Subject: [PATCH] fix: ldap_attr module has changed; adopt new format --- adhoc-ipauser-disable-pdr.yml | 62 +++++++++++++++-------------------- 1 file changed, 27 insertions(+), 35 deletions(-) diff --git a/adhoc-ipauser-disable-pdr.yml b/adhoc-ipauser-disable-pdr.yml index 20c91e5..2fb98c6 100644 --- a/adhoc-ipauser-disable-pdr.yml +++ b/adhoc-ipauser-disable-pdr.yml @@ -10,6 +10,27 @@ hosts: "{{ host|default('ipaserver') }}" become: false gather_facts: false + vars: + cleanup_attributes: + fasGPGKeyId: [] + fasGitHubUsername: [] + fasGitLabUsername: [] + fasIRCNick: [] + fasRHBZEmail: [] + fasWebsiteURL: [] + fasgpgkeyid: [] + fasLocale: [] + fasTimezone: [] + homePhone: [] + homePostalAddress: [] + postalAddress: [] + postalCode: [] + postOfficeBox: [] + st: [] + street: [] + ipaSshPubKey: [] + telephoneNumber: [] + homePhone: [] collections: - freeipa.ansible_freeipa @@ -36,50 +57,21 @@ - name: "Remove personal information attributes" community.general.ldap_attrs: dn: "uid={{ ipa_name }},cn=users,cn=accounts,dc=rockylinux,dc=org" - name: "{{ item }}" - values: [] - state: exact - server_uri: ldap://localhost/ - bind_dn: "uid={{ ipaadmin_principal }},cn=users,cn=accounts,dc=rockylinux,dc=org" - bind_pw: "{{ ipaadmin_password }}" - with_items: - - fasGPGKeyId - - fasGitHubUsername - - fasGitLabUsername - - fasIRCNick - - fasRHBZEmail - - fasWebsiteURL - - fasgpgkeyid - - fasLocale - - fasTimezone - - homePhone - - homePostalAddress - - postalAddress - - postalCode - - postOfficeBox - - st - - street - - ipaSshPubKey - - telephoneNumber - - homePhone - - - name: "Set FAS Status Note" - community.general.ldap_attrs: - dn: "uid={{ ipa_name }},cn=users,cn=accounts,dc=rockylinux,dc=org" - name: "fasStatusNote" - values: "Account Disabled: {{ ticket_id }}" + attributes: "{{ cleanup_attributes }}" state: exact server_uri: ldap://localhost/ bind_dn: "uid={{ ipaadmin_principal }},cn=users,cn=accounts,dc=rockylinux,dc=org" bind_pw: "{{ ipaadmin_password }}" - - name: "Set FAS Account Information to Private" + - name: "Set FAS Status Note and set isprivate" community.general.ldap_attrs: dn: "uid={{ ipa_name }},cn=users,cn=accounts,dc=rockylinux,dc=org" - name: "fasisprivate" - values: "TRUE" + attributes: "{{ item }}" state: exact server_uri: ldap://localhost/ bind_dn: "uid={{ ipaadmin_principal }},cn=users,cn=accounts,dc=rockylinux,dc=org" bind_pw: "{{ ipaadmin_password }}" + loop: + - fasStatusNote: "Account Disabled: {{ ticket_id }}" + - fasisprivate: true ...