-
Notifications
You must be signed in to change notification settings - Fork 97
/
Copy pathusers.yml
101 lines (91 loc) · 3 KB
/
users.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
- hosts: computers
tasks:
- name: Create local "Users" group
win_group:
name: Users
description: Local Users
state: present
- name: Create local "Gebruikers" group
win_group:
name: Gebruikers
description: Local Users
state: present
- name: Create local "ictadmin" user
win_user:
fullname: ICT Administrator
name: ictadmin
description: Used for Ansible automated tasks by the ICT Werkgroep
# password: '{{ ictadmin_password }}'
password_expired: no
password_never_expires: yes
groups: [ Administrators ]
state: present
- name: Disable local "Administrator" user
win_user:
name: Administrator
account_disabled: yes
state: present
- name: Create local "{{ user }}" user
win_user:
fullname: '{{ "Leerling" if user == "leerling" else owner }}'
name: '{{ user }}'
# password: '1234'
description: '{{ owner }}{{ " ("~role|title~")" if role is defined else "" }}{{ "" if type in [ "desktop"] else " ("~type|title~")" }}{{ " (Extra)" if "extra" in group_names else "" }}'
account_disabled: no
account_locked: no
groups: [ Gebruikers, Users ]
user_cannot_change_password: '{{ True if user == "leerling" else False }}'
password_expired: no
password_never_expires: yes
state: present
when: user is defined
- name: Create local "{{ user2 }}" user
win_user:
fullname: '{{ "Leerling" if user2 == "leerling" else owner }}'
name: '{{ user2 }}'
# password: '1234'
description: '{{ owner }}{{ " ("~role|title~")" if role is defined else "" }}{{ "" if type in [ "desktop"] else " ("~type|title~")" }}{{ " (Extra)" if "extra" in group_names else "" }}'
account_disabled: no
account_locked: no
groups: [ Gebruikers, Users ]
user_cannot_change_password: '{{ True if user2 == "leerling" else False }}'
password_expired: no
password_never_expires: yes
state: present
when: user2 is defined
- name: Remove local "gebruiker" user
win_user:
name: 'gebruiker'
state: absent
when: user is defined and user != "gebruiker"
#- hosts: all:!computerlokaal
- hosts: computer33
tasks:
- name: Create local "leerkracht" user
win_user:
fullname: Leerkracht
name: leerkracht
description: Persoonlijke gebruiker van de leerkracht van basisschool Crombeen
account_disabled: no
groups: [ Users, Gebruikers ]
password_expired: no
password_never_expires: yes
state: present
- name: Remove local "leerling" user
win_user:
name: 'leerling'
state: absent
#- hosts: computerlokaal:extra:technieklokaal
# tasks:
# - win_user:
# name: '{{ item }}'
# state: absent
# with_items:
# - '{{ inventory_hostname }}'
# - computer {{ inventory_hostname[-2:] }}
# - school{{ inventory_hostname[-1:] }}
# - name: Create local "Visitor" group
# win_group:
# name: Visitor
# description: Visitors
# state: present