cloudera.exe.freeipa_server role – Set up FreeIPA server

Note

This role is part of the cloudera.exe collection (version 3.0.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install cloudera.exe..

To use it in a playbook, specify: cloudera.exe.freeipa_server.

Entry point main – Set up FreeIPA server

New in cloudera.exe 2.0.0

Synopsis

• Set up FreeIPA server with support for DNS, Kerberos, TLS, and LDAP. Optionally, install the FreeIPA server packages.

Parameters

Parameter	Comments
freeipa_server_packages list / elements=string	List of FreeIPA packages to install. If not defined, the role will default to the packages defined in the freeipa.ansible_freeipa.ipaserver role.
ipaadmin_password string / required	Password for the FreeIPA adminstrator Kerberos principal.
ipaadmin_principal string	Kerberos principal for the FreeIPA administrator account. Default: "admin"
ipadm_password string / required	Password for the FreeIPA Directory Services administrator.
ipaserver_ca_subject string	Certificate Authority subject for the self-signed root CA. Default: "CN=CLDR-RootCA,O=ipaserver_domain"
ipaserver_cidr list / elements=string / required	List of CIDR blocks to manage for the DNS service.
ipaserver_domain string / required	Domain name to set as the root zone.
ipaserver_forward_no_overlap_check string	Skip overlap check for forward DNS zones. Default: false
ipaserver_forwarders list / elements=string / required	List of upstream name servers for the DNS service.
ipaserver_realm string / required	Realm to set for the Kerberos service.
ipaserver_recursion_acl_cidr list / elements=string / required	List of CIDR blocks to define the access ACL for DNS recursion.
ipaserver_reverse_no_overlap_check string	Skip overlap check for reverse DNS zones. Default: false

Authors

• Cloudera Labs

Collection Links

• Issue Tracker
• Repository (Sources)
• Submit a Bug Report
• Request a Feature