To create a role use the ansible-galaxy command<\/p>\n
$ ansible-galaxy init SSSD<\/p>\n
then add something to main.yml<\/p>\n
$ vi SSSD\/tasks\/main.yml
\n—
\n# tasks file for SSSD
\n#
\n– name: ensure sssd packages are installed
\n yum:
\n name: libselinux-python,realmd,sssd,oddjob,oddjob-mkhomedir,adcli,samba-common,samba-common-tools,ntpdate,ntp,sudo,krb5-workstation,openldap-clients,policycoreutils-python
\n state: present<\/p>\n
– name: make sure line ‘dns=none’ is set in \/etc\/NetworkManager\/NetworkManager.conf
\n ini_file:
\n path: \/etc\/NetworkManager\/NetworkManager.conf
\n state: present
\n no_extra_spaces: yes
\n section: main
\n option: dns
\n value: none
\n owner: root
\n group: root
\n mode: 0644
\n backup: yes
\n notify:
\n – reload NetworkManager<\/p>\n
– name: deploy resolv.conf template
\n template:
\n src: templates\/resolv.conf.j2
\n dest: \/etc\/resolv.conf
\n owner: root
\n group: root
\n mode: 0644
\n backup: yes
\n notify:
\n – reload NetworkManager<\/p>\n
– name: Check if machine is bound
\n shell: \/bin\/bash -c “realm list | grep sssd”
\n register: realmd_bound
\n changed_when: false
\n ignore_errors: true<\/p>\n
– name: Add use_fully_qualified_names = False to \/etc\/sssd\/sssd.conf
\n lineinfile:
\n dest: \/etc\/sssd\/sssd.conf
\n line: ‘use_fully_qualified_names = False’
\n insertafter: ‘^\\[domain\/clarios.com\\]’
\n notify:
\n – restart sssd
\n when: realmd_bound is failed<\/p>\n
– name: Add fallback_homedir = \/home\/%u to \/etc\/sssd\/sssd.conf
\n lineinfile:
\n dest: \/etc\/sssd\/sssd.conf
\n line: ‘fallback_homedir = \/home\/%u’
\n insertafter: ‘^\\[domain\/clarios.com\\]’
\n notify:
\n – restart sssd
\n when: realmd_bound is failed<\/p>\n","protected":false},"excerpt":{"rendered":"
To create a role use the ansible-galaxy command $ ansible-galaxy init SSSD then add something to main.yml $ vi SSSD\/tasks\/main.yml — # tasks file for SSSD # – name: ensure sssd packages are installed yum: name: libselinux-python,realmd,sssd,oddjob,oddjob-mkhomedir,adcli,samba-common,samba-common-tools,ntpdate,ntp,sudo,krb5-workstation,openldap-clients,policycoreutils-python state: present – name: make sure line ‘dns=none’ is set in \/etc\/NetworkManager\/NetworkManager.conf ini_file: path: \/etc\/NetworkManager\/NetworkManager.conf state: present no_extra_spaces: […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1202","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1202","targetHints":{"allow":["GET"]}}],"collection":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1202"}],"version-history":[{"count":1,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1202\/revisions"}],"predecessor-version":[{"id":1203,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1202\/revisions\/1203"}],"wp:attachment":[{"href":"\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1202"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1202"},{"taxonomy":"post_tag","embeddable":true,"href":"\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1202"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}