sophos.sophos_firewall.sfos_authentication_ldap module – Manage Authentication settings LDAP

Note

This module is part of the sophos.sophos_firewall collection (version 2.0.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install sophos.sophos_firewall. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: sophos.sophos_firewall.sfos_authentication_ldap.

New in sophos.sophos_firewall 1.3.0

Synopsis

• Manage authentication servers (Configure > Authentication > Servers> Add) on Sophos Firewall

Requirements

The below requirements are needed on the host that executes this module.

• sophosfirewall-python

• Beginning in version 2.0.0, this module requires use of an httpapi connection plugin. See the HTTPAPI example for details.

Parameters

Parameter	Comments
anonymousLogin string	Anonymous Login Choices: "Enable" "Disable"
appendbaseDN string	Append BaseDN Choices: "Enable" "Disable"
authenticationattribute string	Authentication Attribute
baseDN string	BaseDN
bindDN string	Username
clientcertificate string	Password Choices: "None" "ApplianceCertificate" "Webadmin"
connectionSecurity string	Encryption Choices: "Simple" "SSL" "TLS"
displaynameattribute string	Display Name Attribute
emailaddressattribute string	Email Address Attribute
expirydateattribute string	date
ldap_password string	Password
port string	Port number
serverAddress string	Server IP Address
servername string	Name of Server
state string / required	Use query to retrieve, updated to create, absent to remove, or updated to modify Choices: "absent" "updated" "query"
validateservercertificate string	Password Choices: "Enable" "Disable"
version string	Client secret Choices: "2" "3"

Examples

- name: Update Azure AD SSO
  sophos.sophos_firewall.sfos_authentication_ldap:
    servername: Test
    serveraddress: '192.168.0.1'
    port_ldap: '636'
    anonymouslogin: Disable
    connectionsecurity: SSL
    bindDN: admin
    ldap_password: sophosfirewall
    appendbaseDN: Enable
    baseDN: DC=sophos,DC=com
    authenticationattribute: johndoe
    displaynameattribute: John Doe
    groupnameattribute: 1001
    expirydateattribute: date
    validateservercertificate: Enable
    clientCertificate: ApplianceCertificate
    state: updated

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
api_response dictionary	Serialized object containing the API response. Returned: always

Authors

• Matt Mullen (@mamullen13316)

• Philip Finucane (@philfinucane)

Collection links

• Issue Tracker
• Repository (Sources)

Warning

If the firewall is a member of a group in Central, the changes made by Ansible will override the settings of the group. The actual configuration on the firewall may then differ from what is displayed for the same setting in the Central group.