This project provides playbooks and roles which can be used to create and remove users from a z/OS system using modules included in the Red Hat Ansible Certified Content for IBM Z core collection.
This playbook uses:
- collection:
- ibm.ibm_zos_core
- modules:
- zos_copy
- zos_data_set
- zos_tso_command
It is a good practice to review the playbook contents before executing them. It will help you understand the requirements in terms of space, location, names, authority, and the artifacts that will be created and cleaned up.
- add-user.yml - Handles adding a user to z/OS. Playbook includes group configuration, granting permissions, generating passwords, creating and mounting ZFS filesystem for OMVS, transferring files and templates, creating generic profile, and creating catalog alias. Playbook is designed to be used standalone or in an Ansible Tower workflow template.
- remove-user.yml - Handles removal of a user from z/OS. Playbook includes removal of all configuration performed in add-user.yml. Playbook is designed to be used standalone or in an Ansible Tower workflow template.
- send-rejection-email.yml - Handles sending rejection email in the event a user's request for a new UserID is rejected. Playbook is designed to be used in an Ansible Tower workflow template.
- add-zos-user - Holds tasks related to adding a z/OS user.
- remove-zos-user - Holds tasks related to removing a z/OS user.
This playbook requires:
- Configure the included inventory.yml with the
information from the managed z/OS host.
- Review inventory documentation
- Configure the included host_vars zos_host.yml
with the information from your z/OS system.
- Review host_vars documentation and any additional noted variables in the configuration.
This project has included a site.yml playbook that serves as the primary playbook
that provides additional prerequisite checks then it invokes the add-user.yml
playbook.
If you want to run the primary playbook site.yml it will check that your environment
has the correct version of Ansible as well as the collection needed to execute
correctly. To run the primary playbook, use command:
ansible-playbook -i inventories site.ymlYou can skip the prerequisite check and run the add-user.yml or remove-user with command:
ansible-playbook -i inventories add-user.yml
ansible-playbook -i inventories add-user.ymlPlease refer to the Tower setup documentation for a step-by-step guide for getting user management configured in Ansible Tower.
All changes are maintained chronologically by date found in the changelog.
© Copyright IBM Corporation 2020
Licensed under Apache License, Version 2.0
Please refer to the support section for more details.