user – Create new users or change/remove attributes of users on AIX.


This module facilitates the creation of a new user with provided attributes, the modification of attributes or deletion of an existing user.


The below requirements are needed on the host that executes this module.

  • AIX >= 7.1 TL3

  • Python >= 2.7

  • Root user is required.

  • Privileged user with authorizations:,,,,,,


state (True, str, None)

Specifies the action to be performed for the user.

present creates a user with provided name and attributes in the system.

If the user already exists in the system, the attributes will be changed.

absent deletes the user with provided name.

modify changes the specified attributes of an exiting user.

If the user doesn’t exist on the system, it will be created.

name (True, str, None)

Specifies the user name.

It must be unique, you cannot use the ALL or default keywords in the user name.

attributes (optional, dict, None)

Specifies the attributes to be changed or created for the user.

For details on valid user attributes, please refers to IBM documentation at

If you have the proper authority, you can set the following usual user attributes account_locked, admin, admgroups, capabilities, cpu, daemon, data, default_roles, dictionlist, domains, expires, fsize, fsize_hard, gecos, groups, histexpire, home, id, login, loginretries, logintimes, maxages, maxexpired, maxrepeats, maxulogs, minage, minalpha, mindiff, minlen, minother, nofiles, nproc, pgrp, projects, pwdchecks, pwdwarntime, rcmds, rlogin, roles, rss, shell, stack, su, sugroups, sysenv, threads, tpath, ttys, umask, usrenv, etc.

remove_homedir (optional, bool, True)

Specifies if the home directory should be deleted from the system while removing a user.

Can be used when state=absent.

change_passwd_on_login (optional, bool, False)

Specifies if the user is required to change the password when logging in the first time after the password change operation is performed.

Can be used when state=present.

password (optional, str, None)

Specifies the encrypted string for the password to create or change the password.

Can be used when state=present or state=modify.

load_module (optional, str, files)

Specifies the location where the operations need to be performed on the user.

files creates/updates/deletes the user present in the Local machine.

LDAP creates/updates the user present in the LDAP server.



- name: Create user aixguest1010
    state: present
    name: aixguest1010
    change_passwd_on_login: False
    password: as$12ndhkfjk$1c
      home: /home/test/aixguest1010
      data: 1272

Return Values

msg (always, str, Username is created SUCCESSFULLY: aixguest1010)

The execution message.

rc (If the command failed., int, )

The return code.

stdout (If the command failed., str, )

The standard output.

stderr (If the command failed., str, )

The standard error.


  • This module is not guaranteed to have a backwards compatible interface. [preview]

  • This module is maintained by community.


  • AIX Development Team (@pbfinley1911)