Ansible: How to create a policy with module univention_directory_manager?

jpotto · April 2, 2024, 1:00pm

Hi,
I try to create a policy with ansible via:

  - name: Erstelle Policy f. Verwaltungs-Server
    delegate_to: "PRIMARY" 
    univention.ucs_modules.univention_directory_manager:
      module: "policies/registry" 
      state: "present" 
      position: "cn=policies,{{ OUDN }}" 
      dn: "cn=ou-default-verw-policy,cn=policies,{{ OUDN }}" 
      set_properties:
        - property: "name" 
          value: "ou-default-verw-policy" 
        - property: "registry" 
          value: 
            ldap/server/name: "{{ SERVER }}.edu.silk-it.de"

It doesn’t throw an error message, but the policy is not created either.
Worse: when that policy already exists, it throws an error and doesn’t continue the playbook.

Is there a switch for “–ignore_exists” as in udm? I presumed “state: present” would automatically take care of it…
What’s wrong with the code above, why does it not create that policy?

I’m using UCS: 5.0-7 errata1011 and version 3.1.0 of the univention-ucs_modules

TIA,
Jens-Peter

Tim · June 26, 2024, 2:47pm

Hi Jens-Peter,

i tested this with version v3.1.3 and had no issues (created policy, modified policy, skipped updating policy (if not required) and removed policy) .
Would it be an option to upgarde the module?
My test code was:

  hosts: "pdn"
  gather_facts: false
  become: true
  tasks:
    - name: "create policy"
      univention_directory_manager:
        module: 'policies/registry'
        state: 'present'
        position: 'cn=policies,dc=ucs,dc=test'
        dn: 'cn=Test,cn=policies,dc=ucs,dc=test'
        set_properties:
          - property: 'name'
            value: 'Test'
          - property: 'registry'
            value:
              ldap/server/name: pdn.test.ucs

Best regards,
Tim