Manage user accounts and user attributes.

Options

namedescriptionrequiredchoices
name Name of the user to create, remove or modify. true
comment Optionally sets the description (aka I(GECOS)) of user account.
uid Optionally sets the I(UID) of the user.
non_unique Optionally when used with the -u option, this option allows to change the user ID to a non-unique value.
  • yes
  • no
group Optionally sets the user's primary group (takes a group name).
groups Puts the user in this comma-delimited list of groups. When set to the empty string ('groups='), the user is removed from all groups except the primary group.
append If C(yes), will only add groups, not set them to just the list in I(groups).
  • yes
  • no
shell Optionally set the user's shell.
home Optionally set the user's home directory.
skeleton Optionally set a home skeleton directory. Requires createhome option!
password Optionally set the user's password to this crypted value. See the user example in the github examples directory for what this looks like in a playbook. See U(http://docs.ansible.com/ansible/faq.html#how-do-i-generate-crypted-passwords-for-the-user-module) for details on various ways to generate these password values. Note on Darwin system, this value has to be cleartext. Beware of security issues.
state Whether the account should exist or not, taking action if the state is different from what is stated.
  • present
  • absent
createhome Unless set to C(no), a home directory will be made for the user when the account is created or if the home directory does not exist.
  • yes
  • no
move_home If set to C(yes) when used with C(home=), attempt to move the user's home directory to the specified directory if it isn't there already.
  • yes
  • no
system When creating an account, setting this to C(yes) makes the user a system account. This setting cannot be changed on existing users.
  • yes
  • no
force When used with C(state=absent), behavior is as with C(userdel --force).
  • yes
  • no
login_class Optionally sets the user's login class for FreeBSD, OpenBSD and NetBSD systems.
remove When used with C(state=absent), behavior is as with C(userdel --remove).
  • yes
  • no
generate_ssh_key Whether to generate a SSH key for the user in question. This will B(not) overwrite an existing SSH key.
  • yes
  • no
ssh_key_bits Optionally specify number of bits in SSH key to create.
ssh_key_type Optionally specify the type of SSH key to generate. Available SSH key types will depend on implementation present on target host.
ssh_key_file Optionally specify the SSH key filename. If this is a relative filename then it will be relative to the user's home directory.
ssh_key_comment Optionally define the comment for the SSH key.
ssh_key_passphrase Set a passphrase for the SSH key. If no passphrase is provided, the SSH key will default to having no passphrase.
update_password C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users.
  • always
  • on_create
expires An expiry time for the user in epoch, it will be ignored on platforms that do not support this. Currently supported on Linux and FreeBSD.

Author

Stephen Fromm (@sfromm)