GithubHelp home page GithubHelp logo

kami911 / ansible-role-linux-ad Goto Github PK

View Code? Open in Web Editor NEW

This project forked from govcloud/ansible-role-ad

3.0 3.0 3.0 119 KB

Installs and configures Active Directory on Linux using sssd. Perfectly works with Ubuntu and Red Hat/CentOS also manages sudoers.

License: MIT License

Jinja 100.00%

ansible-role-linux-ad's Introduction

Ansible Role: Installs and configures Active Directory on Linux.

Travis status: Build Status Code Climate status: Code Climate Test Coverage status: Test Coverage

Table of Contents

  1. Requirements
  2. Installation
  3. Role Variables
  4. Dependencies
  5. Example Playbook
  6. Licensing
  7. Author Information
  8. Support
  9. Contributing
  10. Donation

Requirements

None.

Installation

ansible-galaxy install kami911.linux-ad

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

Port, connection, and firewall related options

linux_ad_manage_firewalld: true

Role manages the firewalld settings of required ports.

Debug settings

linux_ad_authconfig_debug_mode: false

Use authconfig debug mode.

linux_ad_authconfig_debug_level: 3

Set authconfig debug level.

linux_ad_authconfig_domain: 'cloud.department.ca'

Genereal AD settings

Set authconfig (FQDN) domain name.

linux_ad_authconfig_realm:  'CLOUD.DEPARTMENT.CA'

Set authconfig realm name.

linux_ad_authconfig_computer_ou: 'ou=computers,dc=cloud,dc=department,dc=ca'

Set the Active Directory path to computers organization unit.

linux_ad_authconfig_windomain: 'EXAMPLECOM'

Set authconfig Windows domain name.

linux_ad_authconfig_sssd_user: 'admin'

Specify an already existing domain user that has 'add computer to domain' rights.

linux_ad_authconfig_sssd_pass: 'pass'

Specify the password of that domain user.

linux_ad_authconfig_access_groups: []

An array/list of groups that have access to the host.

linux_ad_authconfig_access_users: []

An array/list of users that have access to the host.

linux_ad_ansible_distribution_major_version: '{{ ansible_lsb.major_release|int }}'

Specify the main version of your Linux OS if something gets wrong and the version is not available.

linux_ad_ad_info_ad_server: 'dc1.department.ca'

linux_ad_ad_info_ad_backup_server: 'dc2.department.ca'

Specify the primary and a backup Active Directory login server.

linux_ad_rejoin: false

Try to rejoint to the Active Directory via deleting /etc/krb5.keytab file. Default is false.

linux_ad_home_dir: '/home/%d/%u'

Home directory of the user. Additionally you can use these variables: %u -login name %U - UID number %d - domain name %f - fully qualified user name (user@domain)) %% - %.

linux_ad_shell: '/bin/bash'

Shell to use for freshly created users.

linux_ad_use_fq_username: true

Use fully qualified name for login name. When false you can login with username, when tru you can login with username@domain_name

linux_ad_home_dir_base:
  - '/home/{{ linux_ad_authconfig_domain }}'

If you not using /home/%s as home directory, the script have to create all of required domains subdirectory (in this example case /home/cloud.department.ca/). Please list all possible domains here.

linux_ad_home_dir_user: 'root'

The user of the newly created subhome directory.

linux_ad_home_dir_group: 'root'

The group of the newly created subhome directory.

linux_ad_home_dir_mode: 755

The mode of the newly created subhome directory.

linux_ad_sudoers_d:
- file: linux_ad
    host: ALL
    runas: ALL
    ugid: '%Enterprise\ Admins'
    nopasswd: true
    commands:
    - 'ALL'

Create sudoers file with these parameters. The file is filename of the created file in sudoers.d.

Dependencies

None.

Example Playbook

- hosts: all
  roles:
    - linux-ad

Licensing

The lactransformer application and documantations are licensed under the terms of the MIT / BSD, you will find a copy of this license in the LICENSE file included in the source package.

Author Information

This role was created in 2019-2020 by Kálmán Szalai - KAMI based on work of William Hearn (https://github.com/govcloud/ansible-role-ad)

Support

If you have any question, do not hesitate and drop me a line. If you found a bug, or have a feature request, you can fill an issue.

Using as a submudule of an AWX playbook

Add as a submodule

git submodule add --force [email protected]:KAMI911/ansible-role-linux-ad.git roles/linux-ad

Update as sumodule

Update only this submodule

git submodule update --remote roles/linux-ad/

Update all submodules:

git submodule foreach git pull origin master

Contributing

There are many ways to contribute to ansible-role-linux-ad -- whether it be sending patches, testing, reporting bugs, or reviewing and updating the documentation. Every contribution is appreciated!

Please continue reading in the contributing chapter.

Fork me on Github

https://github.com/KAMI911/ansible-role-linux-ad

Add a new remote upstream with this repository as value.

git remote add upstream https://github.com/KAMI911/ansible-role-linux-ad.git

You can pull updates to your fork's master branch:

git fetch --all
git pull upstream HEAD

Donation

If you find this useful, please consider a donation:

paypal

ansible-role-linux-ad's People

Contributors

kami911 avatar sylus avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

johnfolia nlasalle70 oferchen

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.