New in version 1.7.
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| account_disabled (added in 1.9)
| no |
| yes will disable the user account. no will clear the disabled flag. | |
| account_locked (added in 1.9)
| no |
| no will unlock the user account if locked. | |
| description (added in 1.9)
| no | Description of the user | ||
| fullname (added in 1.9)
| no | Full name of the user | ||
| groups (added in 1.9)
| no | Adds or removes the user from this comma-separated lis of groups, depending on the value of groups_action. When groups_action is replace and groups is set to the empty string ('groups='), the user is removed from all groups. | ||
| groups_action (added in 1.9)
| no | replace |
| If replace, the user is added as a member of each group in groups and removed from any other groups. If add, the user is added to each group in groups where not already a member. If remove, the user is removed from each group in groups. |
| name | yes | Name of the user to create, remove or modify. | ||
| password | no | Optionally set the user's password to this (plain text) value. | ||
| password_expired (added in 1.9)
| no |
| yes will require the user to change their password at next login. no will clear the expired password flag. | |
| password_never_expires (added in 1.9)
| no |
| yes will set the password to never expire. no will allow the password to expire. | |
| state | no | present |
| When present, creates or updates the user account. When absent, removes the user account if it exists. When query (new in 1.9), retrieves the user account details without making any changes. |
| update_password (added in 1.9)
| no | always |
| always will update passwords if they differ. on_create will only set the password for newly created users. |
| user_cannot_change_password (added in 1.9)
| no |
| yes will prevent the user from changing their password. no will allow the user to change their password. |
- name: Ensure user bob is present
win_user:
name: bob
password: B0bP4ssw0rd
state: present
groups:
- Users
- name: Ensure user bob is absent
win_user:
name: bob
state: absent
Common return values are documented here Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| description | The description set for the user. | user exists | str | Username for test |
| name | The name of the user | always | str | username |
| password_expired | Whether the password is expired. | user exists | bool | False |
| groups | A list of groups and their ADSI path the user is a member of. | user exists | list | [{'path': 'WinNT://WORKGROUP/USER-PC/Administrators', 'name': 'Administrators'}] |
| sid | The SID for the user. | user exists | str | S-1-5-21-3322259488-2828151810-3939402796-1001 |
| account_disabled | Whether the user is disabled. | user exists | bool | False |
| path | The ADSI path for the user. | user exists | str | WinNT://WORKGROUP/USER-PC/username |
| fullname | The full name set for the user. | user exists | str | Test Username |
| password_never_expires | Whether the password is set to never expire. | user exists | bool | True |
| account_locked | Whether the user is locked. | user exists | bool | False |
| user_cannot_change_password | Whether the user can change their own password. | user exists | bool | False |
Note
This module is flagged as stableinterface which means that the maintainers for this module guarantee that no backward incompatible interface changes will be made.
For more information about Red Hat’s this support of this module, please refer to this knowledge base article<https://access.redhat.com/articles/rhel-top-support-policies>
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2017 Michael DeHaan
© 2017 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/win_user_module.html