[FEATURE]: ensure idrac_user user_password behaves the same as the ansible.builtin.user module #469
Comments
RobVerduijn
added
needs-triage
|
@RobVerduijn Thanks for Feature, iDRAC user GET API is not returning the password field as part of the reposnse and hence we cannot check if the input password is same or not. Open for discussion and checking internally what can be done |
|
@sachin-apa Couldn't you just check by simply trying to login with the user's credentials at the API? Afaik this is how other modules like mysql_user do it these days. |
Maybe make always do what it says...always (ie intentionally not be idempotent) and make on_create the default option. |
Describe the solution you'd like
Please make it so that when I use the module idrac_user with the option user_password it behaves the same as the ansible.builtin.user module with the options password and update_password.
I've been hitting issue idrac_user not idempotent #321
After reading it was closed with instructions not to use 'user_password' if you want an idempotent playbook.
But there is no way to check if the passwords of a particular user needs to be set if it is not the right one.
This makes it rather hard to write an idempotent script which sets passwords for users.
I think idrac_user module should behave as the ansible.builtin.user module
With the ansible.builtin.user module you manage the password setting behavior with the update_password option.
alwayswill only set the password if it differson_createwill only set the passwordDescribe alternatives you've considered
Using the new idrac_user_info module allows the listing all users and could be used to create a workaround to get the same result as the
on_create.I have not yet found a workaround to get the same results as the
alwaysoption (only update if it differs)Rob
The text was updated successfully, but these errors were encountered: