Create ipa_configuration.yml

Signed-off-by: abhishek-sa1 <abhishek.sa3@dell.com>

roles/login_node/tasks/ipa_configuration.yml

@@ -0,0 +1,46 @@
+#  Copyright 2022 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+- name: Modify the freeipa global password policy
+  community.general.ipa_pwpolicy:
+    maxfailcount: "{{ hostvars['127.0.0.1']['max_failures'] }}"
+    failinterval: "{{ hostvars['127.0.0.1']['failure_reset_interval'] }}"
+    lockouttime: "{{ hostvars['127.0.0.1']['lockout_duration'] }}"
+    ipa_host: "{{ required_server_hostname }}"
+    ipa_user: "{{ ipa_admin_username }}"
+    ipa_pass: "{{ required_ipa_admin_pwd }}"
+
+- name: Create sysadmin group
+  community.general.ipa_group:
+    name: "{{ sysadmin_user_group }}"
+    description: "{{ sysadmin_group_description }}"
+    state: present
+    ipa_host: "{{ required_server_hostname }}"
+    ipa_user: "{{ ipa_admin_username }}"
+    ipa_pass: "{{ required_ipa_admin_pwd }}"
+    
+- name: Create sysadmin_sudo rule
+  community.general.ipa_sudorule:
+    name: "{{ sysadmin_sudo_rule }}"
+    description: "{{ sysadmin_sudo_rule_description }}"
+    cmdcategory: all        
+    hostcategory: all
+    runasgroupcategory: all
+    runasusercategory: all
+    usergroup:
+      - "{{ sysadmin_user_group }}"
+    ipa_host: "{{ required_server_hostname }}"
+    ipa_user: "{{ ipa_admin_username }}"
+    ipa_pass: "{{ required_ipa_admin_pwd }}"