:source: fmgd_user_radius.py :orphan: .. _fmgd_user_radius: fmgd_user_radius -- Configure RADIUS server entries. ++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 1.1.0 .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiManager device. - Examples include all parameters and values need to be adjusted to data sources before usage. - Tested with FortiManager v7.x. Requirements ------------ The below requirements are needed on the host that executes this module. - ansible-core>=2.16.0 FortiManager Version Compatibility ---------------------------------- .. raw:: html

Supported Version Ranges: v7.4.8 -> v7.4.10, v7.6.4 -> latest

Parameters ---------- .. raw:: html Notes ----- .. note:: - Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work. - To create or update an object, use state: present directive. - To delete an object, use state: absent directive - Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded Examples -------- .. code-block:: yaml+jinja - name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi gather_facts: false vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Configure RADIUS server entries. fortinet.fmgdevice.fmgd_user_radius: # bypass_validation: false # workspace_locking_adom: # workspace_locking_timeout: 300 # rc_succeeded: [0, -2, -3, ...] # rc_failed: [-2, -3, ...] device: vdom: state: present # user_radius: name: "your value" # Required variable, string # accounting_server: # - id: # interface: # interface_select_method: # port: # secret: # server: # source_ip: # status: # vrf_select: # acct_all_servers: # acct_interim_interval: # all_usergroup: # auth_type: # class: # delimiter: # dynamic_mapping: # - _scope: # - name: # vdom: # account_key_cert_field: # account_key_processing: # accounting_server: # - id: # interface: # interface_select_method: # port: # secret: # server: # source_ip: # status: # vrf_select: # acct_all_servers: # acct_interim_interval: # all_usergroup: # auth_type: # ca_cert: # call_station_id_type: # class: # client_cert: # delimiter: # dp_carrier_endpoint_attribute: # dp_carrier_endpoint_block_attribute: # dp_context_timeout: # dp_flush_ip_session: # dp_hold_time: # dp_http_header: # dp_http_header_fallback: # dp_http_header_status: # dp_http_header_suppress: # dp_log_dyn_flags: # - "none" # - "protocol-error" # - "profile-missing" # - "context-missing" # - "accounting-stop-missed" # - "accounting-event" # - "radiusd-other" # - "endpoint-block" # dp_log_period: # dp_mem_percent: # dp_profile_attribute: # dp_profile_attribute_key: # dp_radius_response: # dp_radius_server_port: # dp_secret: # dp_validate_request_secret: # dynamic_profile: # endpoint_translation: # ep_carrier_endpoint_convert_hex: # ep_carrier_endpoint_header: # ep_carrier_endpoint_header_suppress: # ep_carrier_endpoint_prefix: # ep_carrier_endpoint_prefix_range_max: # ep_carrier_endpoint_prefix_range_min: # ep_carrier_endpoint_prefix_string: # ep_carrier_endpoint_source: # ep_ip_header: # ep_ip_header_suppress: # ep_missing_header_fallback: # ep_profile_query_type: # group_override_attr_type: # h3c_compatibility: # interface: # interface_select_method: # mac_case: # mac_password_delimiter: # mac_username_delimiter: # nas_id: # nas_id_type: # nas_ip: # password_encoding: # password_renewal: # radius_coa: # radius_port: # require_message_authenticator: # rsso: # rsso_context_timeout: # rsso_endpoint_attribute: # rsso_endpoint_block_attribute: # rsso_ep_one_ip_only: # rsso_flush_ip_session: # rsso_log_flags: # - "none" # - "protocol-error" # - "profile-missing" # - "accounting-stop-missed" # - "accounting-event" # - "radiusd-other" # - "endpoint-block" # rsso_log_period: # rsso_radius_response: # rsso_radius_server_port: # rsso_secret: # rsso_validate_request_secret: # secondary_secret: # secondary_server: # secret: # server: # server_identity_check: # source_ip: # sso_attribute: # sso_attribute_key: # sso_attribute_value_override: # status_ttl: # switch_controller_acct_fast_framedip_detect: # switch_controller_nas_ip_dynamic: # switch_controller_service_type: # - "login" # - "framed" # - "callback-login" # - "callback-framed" # - "outbound" # - "administrative" # - "nas-prompt" # - "authenticate-only" # - "callback-nas-prompt" # - "call-check" # - "callback-administrative" # tertiary_secret: # tertiary_server: # timeout: # tls_min_proto_version: # transport_protocol: # use_group_for_profile: # use_management_vdom: # username_case_sensitive: # source_ip_interface: # vrf_select: # group_override_attr_type: # h3c_compatibility: # interface: # interface_select_method: # mac_case: # mac_password_delimiter: # mac_username_delimiter: # nas_id: # nas_id_type: # nas_ip: # password_encoding: # password_renewal: # radius_coa: # radius_port: # require_message_authenticator: # rsso: # rsso_context_timeout: # rsso_endpoint_attribute: # rsso_endpoint_block_attribute: # rsso_ep_one_ip_only: # rsso_flush_ip_session: # rsso_log_flags: # - "none" # - "protocol-error" # - "profile-missing" # - "accounting-stop-missed" # - "accounting-event" # - "radiusd-other" # - "endpoint-block" # rsso_log_period: # rsso_radius_response: # rsso_radius_server_port: # rsso_secret: # rsso_validate_request_secret: # secondary_secret: # secondary_server: # secret: # server: # source_ip: # sso_attribute: # sso_attribute_key: # sso_attribute_value_override: # switch_controller_acct_fast_framedip_detect: # switch_controller_service_type: # - "login" # - "framed" # - "callback-login" # - "callback-framed" # - "outbound" # - "administrative" # - "nas-prompt" # - "authenticate-only" # - "callback-nas-prompt" # - "call-check" # - "callback-administrative" # tertiary_secret: # tertiary_server: # timeout: # use_management_vdom: # username_case_sensitive: # tls_min_proto_version: # status_ttl: # account_key_cert_field: # switch_controller_nas_ip_dynamic: # account_key_processing: # server_identity_check: # transport_protocol: # client_cert: # ca_cert: # call_station_id_type: # source_ip_interface: # vrf_select: Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html
  • meta - The result of the request.returned: always type: dict
    • request_url - The full url requested. returned: always type: str sample: /sys/login/user
    • response_code - The status of api request. returned: always type: int sample: 0
    • response_data - The data body of the api response. returned: optional type: list or dict
    • response_message - The descriptive message of the api response. returned: always type: str sample: OK
    • system_information - The information of the target system. returned: always type: dict
  • rc - The status the request. returned: always type: int sample: 0
  • version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Xinwei Du (@dux-fortinet) - Xing Li (@lix-fortinet) - Jie Xue (@JieX19) - Link Zheng (@chillancezen) - Frank Shen (@fshen01) - Hongbin Lu (@fgtdev-hblu)