Comments (4)
eta:11.10.2020
from ansible-galaxy-fortios-collection.
hi @charles-josiah charles,
for your issue I:
creating an admin user with a password is allowed.
however, you are not allowed to modify the user's password through Ansible's restful API, in the future we are going to support it.
here is an example:
$cat fortios_system_admin.yml
- hosts: fortigate03
connection: httpapi
collections:
- fortinet.fortios
vars:
vdom: "root"
ansible_httpapi_use_ssl: no
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 80
tasks:
- name: Configure Firewall Schedule Recurring
fortios_system_admin:
vdom: "{{ vdom }}"
state: "present"
system_admin:
accprofile: "super_admin"
accprofile_override: "enable"
allow_remove_admin_session: "enable"
comments: "Usuario ADMIN"
force_password_change: "disable"
guest_auth: "disable"
name: "fgt_cloud_admin2"
# password: "<senha_maluca>"
peer_auth: "disable"
two_factor: "disable"
this is the error message from API server side:
[httpsd 2017 - 1604941632 info] _api_cmdb_v2_config[1192] -- editing CLI object (append=0, auto_key=0, path=system, name=admin, mkey=fgt_cloud_admin2, flags=0)
[httpsd 2017 - 1604941632 error] _api_cmdb_v2_config[1203] -- Modification of the 'password' field of system.admin is forbidden.
[httpsd 2017 - 1604941632 warning] api_return_http_result[696] -- API error 403 raised
thanks,
Link.
from ansible-galaxy-fortios-collection.
for your issue II:
always quote your public key with single quote inside the double quotes:
ssh_public_key1: "'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC4CiMH/+/ZBkg7XNBr1jcmr1qypDpAeQU/6gG0cGR/K24QB/MOeyHZcHQkZXGcZoOJO27XPFF4WUzf5l1FrMUJbDn6lBtg+7yFt5iTSAnPJ63ZXHmcZN5Ie+g1bge+EonCChR2pzj4Eaho0BKTZkgViS6YBC82bLJhtW5u3ijlSigQfTyhWvxNz69R6YEBtTQdQGupE+HSbRho6LeGWvl+pu08b7DHS/VhCW0LVtFAjfyVCZvawVZcPJYp197+8NTtRjWQs/X45b039yJfCr6+Bb0q6d0WZZZpaGGZDhzI/VX+1mo+WrEhMskr2ngw9CTZ34LN7y6GDUCElXF9M8+WhMK6wp0nUiEpuhYZ2I7Duj2OLW2kfdZRs2Bu7pdLrdbwerGgnnH1dvDneXUE7KrmifnCGqXpEXa50nKAke5mQpg8IXk7eoWj3+wESawn9DxAcCR16yD9kDVVWstm8TyH5unaXpI4/8h92QYPNebVvUNF2+629T6yxZXo7B52Qx2E5m/U4OHjw/pii3EPtx6wKrEa0UVdYGBzP6lZa8bd5gPcsSuhg3hn8EtaiB5/lJCcbkdXu5OrhotxAsat5ZoNo0aL4Xj2fWXh+hjHTXEvn6a8GCWgXPp7WE/xU3iyHDzbPIGP5YrPL3u42PdFGQ=='"
I usually have this way to upload a public key:
put your public key in a file ./id_rsa.pub
, then the playbook :
$cat fortios_system_admin.yml
- hosts: fortigate03
connection: httpapi
collections:
- fortinet.fortios
vars:
vdom: "root"
ansible_httpapi_use_ssl: no
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 80
public_key_path: './id_rsa.pub'
public_key: "{{ lookup( 'file', public_key_path) }}"
tasks:
- name: Configure Firewall Schedule Recurring
fortios_system_admin:
vdom: "{{ vdom }}"
state: "present"
system_admin:
accprofile: "super_admin"
accprofile_override: "enable"
allow_remove_admin_session: "enable"
comments: "Usuario ADMIN"
force_password_change: "disable"
guest_auth: "disable"
name: "fgt_cloud_admin2"
peer_auth: "disable"
two_factor: "disable"
ssh_public_key1: "'{{ public_key }}'"
thanks,
Link
from ansible-galaxy-fortios-collection.
@charles-josiah hi charles,
hope you are doing fine, please find the solution in the last update.
I am marking this issue closed, you can reopen it if you need further support from us.
thanks,
Link
from ansible-galaxy-fortios-collection.
Related Issues (20)
- Can not set Admin SSH keys. "Error in Repo" HOT 4
- "Error in repo" using fortios_firewall_policy module HOT 4
- config system globals timezone not numeric in 7.4.2 HOT 3
- How to Create SDWAN Zone HOT 11
- Changing admin user password results in 403 PUT error. HOT 1
- network os fortinet.fortios.fortios is not supported HOT 1
- Is global scope security profile supported? HOT 1
- fortinet.fortios.fortios_monitor_fact filter questions HOT 4
- fortinet.fortios.fortios_monitor -selector upgrade.system.firmware possible issue? HOT 3
- Need help w/playbook to list all managed fortiap's per firewall. HOT 4
- updating policy based routing of fortigate is not working always has seq-num error HOT 2
- There must be at least 1 server certificate configured HOT 2
- Getting 404 error while trying to add IPv6 address group using fortios_firewall_addrgrp6 HOT 2
- Error in comparison/serialize HOT 4
- Question on usage - setting dhcp (v4) reservations HOT 3
- federated-upgrade 7.2.7>7.2.8 problem HOT 2
- fortios_system_global timezone not working with FortiOS 7.4.2 and higher HOT 3
- fortinet.fortios.fortios_firewall_addrgrp module question HOT 8
- fortigate firewall firmware upgrade using fortios_monitor module HOT 2
- check mode error since 2.3.5 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-galaxy-fortios-collection.