So it looks like the VERY 1st user in our system has never logged in, so
the krblaspwdchange property has never gotten set. Is there a way to
ignore when that field doesn't exist or is null?
Thanks,
Harry
On Friday, February 23, 2024 at 2:46:07 PM UTC-5 Todd Lewis wrote:
> The original proble
The original problem is you're comparing 'NoneType' and 'str'. So, for
at least one of your principals there's no krblastpwdchange. You need to
work on the subset of data relevant to the comparison.
On 2/23/24 2:09 PM, lift...@gmail.com wrote:
I'm not including the entire playbook, but the URI
I'm not including the entire playbook, but the URI module call where
user_show gets registered, then the debug statements:
- name: Run user_show from IDM API using previously stored session cookie
ansible.builtin.uri:
url: "https://{{idmfqdn}}/ipa/session/json";
method: POST
Without showing us the expression you used in your debug's "msg:", this
doesn't tell us anything.
On 2/23/24 1:05 PM, lift...@gmail.com wrote:
Looks OK to me:
TASK [Show user info]
Looks OK to me:
TASK [Show user info]
**
ok: [localhost] => {
"msg": [
{
"pwdchg": "202104161
{{ user_show.results | json_query('[*].json.result.result.{uid: uid[0], pwdchg:
krblastpwdchange[0].__datetime__}') }}
I would display this info in a debug to see what the resulting data stream
looks like. Maybe the selectattr('pwdchg') is in inaccurate reference to pwdchg?
Walter
--
Walter Ro
Just pull out those fields from the returned user information. I use that
in 2 or 3 other playbooks so I know that it works.
Thanks,
Harry
On Friday, February 23, 2024 at 11:53:04 AM UTC-5 Rowe, Walter P. (Fed)
wrote:
> pwd_expire_soon: "{{ user_show.results |
> json_query('[*].json.result.r
pwd_expire_soon: "{{ user_show.results |
json_query('[*].json.result.result.{uid: uid[0], pwdchg:
krblastpwdchange[0].__datetime__}') | selectattr('pwdchg', 'lessthan',
'expire_date') | list }}"
What are you expecting this red portion to do? I don't think it is valid in
json_query.
Walter
--
I am trying to determine when user's password's are going to expire in the
next 10 days. After I traverse my FreeIPA users and store those users into
a variable, I try to set a fact like so:
- name: Find users who's password will expire in the next 10 days
set_fact:
pwd_expire_soon:
The private: yes, should prevent it from being logged etc if I’m reading the
documentation correctly.
e.g.
- hosts: all
become: yes
vars_prompt:
- name: ansible_become_pass
prompt: "Enter sudo password"
private: yes
tasks:
- name: Install a package
ansible.builtin
10 matches
Mail list logo
