New in version 2.8.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
authentication_scheme
-
|
Default: null
|
Configure Authentication Schemes.
|
||
domain-controller
-
|
Domain controller setting. Source user.domain-controller.name.
|
|||
fsso-agent-for-ntlm
-
|
FSSO agent to use for NTLM authentication. Source user.fsso.name.
|
|||
fsso-guest
-
|
|
Enable/disable user fsso-guest authentication (default = disable).
|
||
kerberos-keytab
-
|
Kerberos keytab setting. Source user.krb-keytab.name.
|
|||
method
-
|
|
Authentication methods (default = basic).
|
||
name
-
/ required
|
Authentication scheme name.
|
|||
negotiate-ntlm
-
|
|
Enable/disable negotiate authentication for NTLM (default = disable).
|
||
require-tfa
-
|
|
Enable/disable two-factor authentication (default = disable).
|
||
ssh-ca
-
|
SSH CA name. Source firewall.ssh.local-ca.name.
|
|||
state
-
|
|
Indicates whether to create or remove the object
|
||
user-database
-
|
Authentication server to contain user information; "local" (default) or "123" (for LDAP).
|
|||
name
-
/ required
|
Authentication server name. Source system.datasource.name user.radius.name user.tacacs+.name user.ldap.name user.group.name.
|
|||
host
-
/ required
|
FortiOS or FortiGate ip address.
|
|||
https
boolean
|
|
Indicates if the requests towards FortiGate must use HTTPS protocol
|
||
password
-
|
Default: ""
|
FortiOS or FortiGate password.
|
||
username
-
/ required
|
FortiOS or FortiGate username.
|
|||
vdom
-
|
Default: "root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|
Note
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
tasks:
- name: Configure Authentication Schemes.
fortios_authentication_scheme:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
authentication_scheme:
state: "present"
domain-controller: "<your_own_value> (source user.domain-controller.name)"
fsso-agent-for-ntlm: "<your_own_value> (source user.fsso.name)"
fsso-guest: "enable"
kerberos-keytab: "<your_own_value> (source user.krb-keytab.name)"
method: "ntlm"
name: "default_name_8"
negotiate-ntlm: "enable"
require-tfa: "enable"
ssh-ca: "<your_own_value> (source firewall.ssh.local-ca.name)"
user-database:
-
name: "default_name_13 (source system.datasource.name user.radius.name user.tacacs+.name user.ldap.name user.group.name)"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build
string
|
always |
Build number of the fortigate image
Sample:
1547
|
http_method
string
|
always |
Last method used to provision the content into FortiGate
Sample:
PUT
|
http_status
string
|
always |
Last result given by FortiGate on last operation applied
Sample:
200
|
mkey
string
|
success |
Master key (id) used in the last call to FortiGate
Sample:
id
|
name
string
|
always |
Name of the table used to fulfill the request
Sample:
urlfilter
|
path
string
|
always |
Path of the table used to fulfill the request
Sample:
webfilter
|
revision
string
|
always |
Internal revision number
Sample:
17.0.2.10658
|
serial
string
|
always |
Serial number of the unit
Sample:
FGVMEVYYQT3AB5352
|
status
string
|
always |
Indication of the operation's result
Sample:
success
|
vdom
string
|
always |
Virtual domain used
Sample:
root
|
version
string
|
always |
Version of the FortiGate
Sample:
v5.6.3
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.