Showing posts from April, 2019

Force Local Users and Groups with Ansible

 I’m in the process of migrating a few Puppet modules over to Ansible, and in the process I’ve run into an unusual situation while creating users and groups. Here is some background. I have an application that will refuse to complete its installation unless it can see certain users and groups in the local passwd and group files. It just so happens that these same users and groups are also contained in LDAP. Puppet has an attribue called “ forcelocal ” in its user and group resource that has always been able to create a local user or group in this situation, despite having a matching user or group in LDAP. So, I was a bit dissappointed to discover that the similar “local” option in both the   group   and the   user   Ansible modules did not work in the same way. From the user module docs, the “local” option has the following behavior: _ “Forces the use of “local” command alternatives on platforms that implement it.   This is useful in environments that use centralized authentification w