cisco.ise.active_directory – Resource module for Active Directory

Note

This plugin is part of the cisco.ise collection (version 0.0.9).

To install it use: ansible-galaxy collection install cisco.ise.

To use it in a playbook, specify: cisco.ise.active_directory.

New in version 1.0.0: of cisco.ise

Synopsis

• Manage operations create and delete of the resource Active Directory.

Note

This module has a corresponding action plugin.

Requirements

The below requirements are needed on the host that executes this module.

• ciscoisesdk

Parameters

Parameter			Choices/Defaults	Comments
adAttributes dictionary				Active Directory's adAttributes.
	attributes list / elements=string			Active Directory's attributes.
		defaultValue string		Active Directory's defaultValue.
		internalName string		Active Directory's internalName.
		name string		Active Directory's name.
		type string		Active Directory's type.
adgroups dictionary				Active Directory's adgroups.
	groups list / elements=string			Active Directory's groups.
		name string		Active Directory's name.
		sid string		Active Directory's sid.
		type string		Active Directory's type.
adScopesNames string				Active Directory's adScopesNames.
advancedSettings dictionary				Active Directory's advancedSettings.
	agingTime integer			Active Directory's agingTime.
	country string			Active Directory's country.
	department string			Active Directory's department.
	email string			Active Directory's email.
	enableCallbackForDialinClient boolean		Choices: no yes	EnableCallbackForDialinClient flag.
	enableDialinPermissionCheck boolean		Choices: no yes	EnableDialinPermissionCheck flag.
	enableMachineAccess boolean		Choices: no yes	EnableMachineAccess flag.
	enableMachineAuth boolean		Choices: no yes	EnableMachineAuth flag.
	enablePassChange boolean		Choices: no yes	EnablePassChange flag.
	enableRewrites boolean		Choices: no yes	EnableRewrites flag.
	firstName string			Active Directory's firstName.
	identityNotInAdBehaviour string			Active Directory's identityNotInAdBehaviour.
	jobTitle string			Active Directory's jobTitle.
	lastName string			Active Directory's lastName.
	locality string			Active Directory's locality.
	organizationalUnit string			Active Directory's organizationalUnit.
	plaintextAuth boolean		Choices: no yes	PlaintextAuth flag.
	rewriteRules list / elements=string			Active Directory's rewriteRules.
		rewriteMatch string		Active Directory's rewriteMatch.
		rewriteResult string		Active Directory's rewriteResult.
		rowId integer		Active Directory's rowId.
	schema string			Active Directory's schema.
	stateOrProvince string			Active Directory's stateOrProvince.
	streetAddress string			Active Directory's streetAddress.
	telephone string			Active Directory's telephone.
	unreachableDomainsBehaviour string			Active Directory's unreachableDomainsBehaviour.
description string				Active Directory's description.
domain string				Active Directory's domain.
id string				Id path parameter.
name string				Active Directory's name.

See Also

See also

cisco.ise.plugins.module_utils.definitions.active_directory

The official documentation on the cisco.ise.plugins.module_utils.definitions.active_directory module.

Active Directory reference

Complete reference of the Active Directory object model.

Examples

- name: Create
  cisco.ise.active_directory:
    ise_hostname: "{{ise_hostname}}"
    ise_username: "{{ise_username}}"
    ise_password: "{{ise_password}}"
    ise_verify: "{{ise_verify}}"
    state: present
    adAttributes:
      attributes:
      - defaultValue: defaultString
        internalName: internalName1
        name: name1
        type: STRING
    adScopesNames: Default_Scope
    adgroups:
      groups:
      - name: cisco.com/operators
        sid: S-1-5-32-548
        type: GLOBAL
    advancedSettings:
      agingTime: 5
      country: co
      department: department
      email: mail
      enableCallbackForDialinClient: false
      enableDialinPermissionCheck: false
      enableMachineAccess: true
      enableMachineAuth: true
      enablePassChange: true
      enableRewrites: false
      firstName: givenName
      identityNotInAdBehaviour: SEARCH_JOINED_FOREST
      jobTitle: title
      lastName: sn
      locality: l
      organizationalUnit: company
      plaintextAuth: false
      rewriteRules:
      - rewriteMatch: host/[HOSTNAME].[DOMAIN]
        rewriteResult: host/[HOSTNAME].[DOMAIN]
        rowId: 0
      - rewriteMatch: host/[HOSTNAME]
        rewriteResult: host/[HOSTNAME]
        rowId: 1
      - rewriteMatch: '[DOMAIN]\[IDENTITY]'
        rewriteResult: '[DOMAIN]\[IDENTITY]'
        rowId: 2
      - rewriteMatch: '[IDENTITY]@[DOMAIN]'
        rewriteResult: '[IDENTITY]@[DOMAIN]'
        rowId: 3
      - rewriteMatch: '[IDENTITY]'
        rewriteResult: '[IDENTITY]'
        rowId: 4
      schema: ACTIVE_DIRECTORY
      stateOrProvince: st
      streetAddress: streetAddress
      telephone: telephoneNumber
      unreachableDomainsBehaviour: PROCEED
    description: ''
    domain: cisco.com
    name: cisco.com

- name: Delete by id
  cisco.ise.active_directory:
    ise_hostname: "{{ise_hostname}}"
    ise_username: "{{ise_username}}"
    ise_password: "{{ise_password}}"
    ise_verify: "{{ise_verify}}"
    state: absent
    id: string

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
ise_response dictionary	always	A dictionary or list with the response returned by the Cisco ISE Python SDK Sample: {}

Authors

• Rafael Campos (@racampos)