user – Create new users or change/remove attributes of users on AIX.
Synopsis
This module facilitates the creation of a new user with provided attributes, the modification of attributes or deletion of an existing user.
Requirements
The below requirements are needed on the host that executes this module.
AIX >= 7.1 TL3
Python >= 3.6
Root user is required.
Privileged user with authorizations: aix.security.user.remove.admin,aix.security.user.remove.normal,aix.security.user.create.admin,aix.security.user.create.normal,,aix.security.user.change,aix.security.user.list
Parameters
- state (True, str, None)
Specifies the action to be performed for the user.
presentcreates a user with provided name and attributes in the system.If the user already exists in the system, the attributes will be changed.
absentdeletes the user with provided name.
modifychanges the specified attributes of an exiting user.If the user doesn’t exist on the system, it will be created.
- name (True, str, None)
Specifies the user name.
It must be unique, you cannot use the ALL or default keywords in the user name.
- attributes (optional, dict, None)
Specifies the attributes to be changed or created for the user.
For details on valid user attributes, please refers to IBM documentation at https://www.ibm.com/support/knowledgecenter/ssw_aix_72/c_commands/chuser.html.
If you have the proper authority, you can set the following usual user attributes account_locked, admin, admgroups, capabilities, cpu, daemon, data, default_roles, dictionlist, domains, expires, fsize, fsize_hard, gecos, groups, histexpire, home, id, login, loginretries, logintimes, maxages, maxexpired, maxrepeats, maxulogs, minage, minalpha, mindiff, minlen, minother, nofiles, nproc, pgrp, projects, pwdchecks, pwdwarntime, rcmds, rlogin, roles, rss, shell, stack, su, sugroups, sysenv, threads, tpath, ttys, umask, usrenv, etc.
- remove_homedir (optional, bool, True)
Specifies if the home directory should be deleted from the system while removing a user.
Can be used when state=absent.
- change_passwd_on_login (optional, bool, False)
Specifies if the user is required to change the password when logging in the first time after the password change operation is performed.
Can be used when state=present.
- password (optional, str, None)
Specifies the encrypted string for the password to create or change the password.
Can be used when state=present or state=modify.
- load_module (optional, str, files)
Specifies the location where the operations need to be performed on the user.
filescreates/updates/deletes the user present in the Local machine.
LDAPcreates/updates the user present in the LDAP server.
Notes
Note
You can refer to the IBM documentation for additional information on the commands used at https://www.ibm.com/support/knowledgecenter/ssw_aix_72/c_commands/chuser.html, https://www.ibm.com/support/knowledgecenter/ssw_aix_72/m_commands/mkuser.html, https://www.ibm.com/support/knowledgecenter/ssw_aix_72/r_commands/rmuser.html.
Examples
- name: Create user aixguest1010
ibm.power_aix.user:
state: present
name: aixguest1010
change_passwd_on_login: false
password: as$12ndhkfjk$1c
attributes:
home: /home/test/aixguest1010
data: 1272
Return Values
- msg (always, str, Username is created SUCCESSFULLY: aixguest1010)
The execution message.
- rc (If the command failed., int, )
The return code.
- stdout (If the command failed., str, )
The standard output.
- stderr (If the command failed., str, )
The standard error.
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.