only add users, but dont allow changing users

work · September 12, 2013, 9:59am

Hallo,
I want to manage some users with the users module on running systems. At the moment, there is a lot of garbage with different attributes (UIDs, Homedir) of users with the same name. As there are running processes, ansible should not change these users, but add them if they are absent (e.g. at new systems).

One way to do this is using host_vars like ‘new_server=true’ or something like that and managing users only for servers with this variable. But thats only a dirty solution.

Is there any other way to do this? Something like the “update_password” parameter of the users module, but for all properties would be perfect!

Michael_DeHaan2 · September 12, 2013, 5:47pm

You should consider separating your provisioning playbook from your reconfiguration playbook in this case, using common roles as needed between them.

Generally speaking you would want all user attributes centrally managed so should modify them in Ansible rather than relying on user configuration.

Topic		Replies	Views
Best approach to add or remove users to match list Ansible Project	1	0	January 14, 2014
Don't create user when updating passwords Ansible Project	1	0	March 22, 2018
add user to group but don't add user Ansible Project	3	3	September 3, 2013
Looking for ideas: secure user management Ansible Project	15	0	December 11, 2013
Help with playbooks Ansible Project	3	0	September 22, 2017

only add users, but dont allow changing users

Related topics