Trying to learn more about how to use Ansible. I’ve got a situation where a mix of local and LDAP users may exist on a box. In some situations user1 may either be a local user or LDAP user.
I created a task to remove certain users. The LDAP users are always marked as “changed” when obviously they aren’t. Is there a way to modify the report to say “ok?”
I know how to do this with “command:” but not “user:.”
I get “error while evaluating conditional” when using, changed_when: “result.state != absent”
Running debug on “result” shows LDAP users have state=absent:
“item”: “user1”,
“name”: “user1”,
“remove”: false,
“shell”: “/bin/bash”,
“state”: “absent”,
“stderr”: “userdel: error deleting password entry\nuserdel: error deleting shadow password entry\n”,
What I’d like to do is something like: not_changed_when: “result.state == absent”
Is there anyway to translate that into something that would work?
Thanks,
Kent
tasks:
- name: remove users
user: name={{ item }} state=absent
register: result
not_changed_when: “result.state != absent”
with_items: - local-user1
- ldap-user1
- ldap-user2