One of the Ansible modules I was excited to learn about was the user module. With this module we can quickly and easily create and manage users on multiple systems. This is especially helpful for Linux devices that may not be joined to a domain and therefore require local users and passwords to be created and managed.
Ansible has quite a bit of documentation available at https://docs.ansible.com/ansible/latest/modules/user_module.html . However, one of the issues I found was in regards to the password. Specifically, the password needed to be encrypted/hashed prior to being included in the ad-hoc command. Under the Ansible FAQ ( https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module ) there is a reference to using the mkpasswd command to generate the hash.
The issue I found however, what that this process still didn’t work. When I executed the below ad-hoc command, the user was created, however we couldn’t log in as the user because the password didn’t match
ansible -i inventory.txt all -m user -a "name=egoad password='$5$XK7aKaqqjn/P5kJw$7VKwMCNf8MA9CYCyE5SD6JWA0fRI1P2Kb5CAHCtB2t2'" -u justincase -k -b -K
After some research and testing, I stumbled upon the fix – the quotes being used were incorrect. In the command above, I swapped the double quotes for single quotes, and the single quotes for double. This resulted in the following ad-hoc command that worked correctly. When completed, I was able to log in as the user with the correct password.
ansible -i inventory.txt all -m user -a 'name=egoad password="$5$XK7aKaqqjn/P5kJw$7VKwMCNf8MA9CYCyE5SD6JWA0fRI1P2Kb5CAHCtB2t2"' -u justincase -k -b -K
Comments
Post a Comment