Ansible 'user' module won't set expected password

Archives Ansible Project
1

Hi - I’m trying to use the ansible.builtin.user module to set the user’s password as it creates a new user account. My task contains:

  • name: Create oracle user
    ansible.builtin.user:
    name: oracle
    state: present
    uid: 54321
    group: oinstall
    groups: dba,asmdba,backupdba,dgdba,kmdba,racdba
    password: “{{ ‘ansible_password’ | password_hash(‘sha512’), ‘mysecretsalt’ }}”

The value of ‘ansible_password’ is set in the inventory file; the password contains letters, numbers and special characters.

The Ansible play containing this code executes successfully. The ‘oracle’ account is created. But I’m not able to log into the account, using the value provided in the ‘ansible_password’ value. I’ve read the Ansible documentation and Google’d around, but don’t see why this isn’t working as expected.

Thoughts, please!

Thanks
tl

2

Have you tried a simpler password to see whether it works?

Ko

3

The code you posted uses the quoted literal string ‘ansible_password’ as the password.

If you want the use the variable, then don’t use quotes:

password: “{{ ansible_password | password_hash(‘sha512’), ‘mysecretsalt’ }}”

Another problem could be that the variable name you picked is reserved: https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html#connecting-to-hosts-behavioral-inventory-parameters
So pick something else, for example oracle_user_password.

4

Hi Dick

Exactly! argh, I didn’t see that problem. This worked fine:

  • name: Create oracle user
    ansible.builtin.user:
    name: oracle
    state: present
    uid: 54321
    group: oinstall
    groups: dba,asmdba,backupdba,dgdba,kmdba,racdba
    password: “{{ ansible_password | password_hash(‘sha512’) }}”

Thanks very much for the help!
tl