Version: 2.3.5
This role rotates the password for an Active Directory user.
| Platform | Versions |
|---|---|
| Windows |
|
None.
| Option | Description | Type | Required | Choices | Default |
|---|---|---|---|---|---|
| rotate_domain_server | The domain controller to use for the Active Directory user. This defaults to the domain controller for the domain. |
str | no | ||
| rotate_domain_username | The username for accessing the domain controller. This defaults to the domain administrator. |
str | no | ||
| rotate_domain_password | The password for accessing the domain controller. This defaults to the domain administrator password. |
str | no | ||
| vault_url | The URL for accessing HashiCorp Vault. Alternatively, this can be configured through ansible.cfg or environment variables. If rotate_use_vault is |
str | no | ||
| vault_token | The token for accessing HashiCorp Vault. Alternatively, this (or any other authentication method) can be configured through ansible.cfg or environment variables. If rotate_use_vault is |
str | no | ||
| rotate_use_vault | Whether to use HashiCorp Vault to store the new password. |
bool | no | True | |
| rotate_create_vault_mount_point | Whether to create the HashiCorp Vault mount point, if needed. If rotate_use_vault is |
bool | no | True | |
| rotate_force_password_change | Whether to change the password always without checking the age. If set to |
bool | no | False | |
| rotate_vault_mount_point | The mount point for the KV2 secrets engine in HashiCorp Vault. If rotate_use_vault is |
str | no | ||
| rotate_vault_secret_path | The path to the secret in HashiCorp Vault. If rotate_use_vault is |
str | no | ||
| rotate_user | The user whose password will be rotated. |
str | yes | ||
| rotate_new_password | The new password for the user. If rotate_use_vault is |
str | no |
MIT
Jim Tarpley