advanced user managent

Hi all,

I'm migrating form puppet. The last playbook/manifest which is missing is
the user management.

On the puppet I wroute module and some libs an it worked like this

I habe list of pavl users in some array
users_available: user01, user02, user03, user04

For each server I have list of enabled users, this could be done by
host_vars in ansible
users_enabled: user01, user03

If you add the user to the "users_enabled", the user is created. So far so
good.

And now the tricky part. If you remove the user from the user_enabled, the
user is removed, so the ansible script should be able to check
- If the user in "users_enabled" and do not exists, create it
- if the user in "users_avaiable" - "users_enabled" and exists, remote it

Please could anybody help me to solve this tricky problem? I' managing
couple of server, where no all users have access to all servers.

So I need to do the list difference.

  best regards
    Peter Hudec

The basic idea here would be to use “with_items”…

tasks:

• action: user name={{ item }} state=present
  with_items: some_list_of_users

BTW, note I’m using 1.2 syntax, if you are still on 1.1:

with_items: ${some_list_of_users}

Hi Michael,

The snippet is about state=present, but there is no answer for the send part of my question, aka deleting users.

I solved it few mins ago as

action: user name={{ item }} state=present
with_items: users_available
when: “item in users_enabled”
tags: test

• action: user name={{ item }} state=absent force=yes remove=yes
  with_items: users_available
  when: “not item in users_enabled”
  tags: test

But the params force and remove seems to be broken. The user directory is not removed ;(

Peter

Run in verbose mode please and show me your output.

Hi Micheal,

This solution is working.
users_availavle: phudec,lgelo,jcunik,…
users_enabeld: phudec,lgelo

GATHERING FACTS