��
�Udac������������@`��s����d��d��l��m��Z��m��Z��m��Z���e��Z��i��d��d��6d��g��d��6d��d��6Z��d��Z��d �Z��d
�Z �d��d��l
�Z
�d��d��l��m��Z���d��d
�l
�m��Z���d��d��l��j��j��Z��d��d��l��m��Z���e��j�����Z��d��e��f��d��������YZ��d�����Z��e��d��k��r��e������n��d��S(����i����(����t����absolute_importt����divisiont����print_functions����1.1t����metadata_versiont����previewt����statust ���certifiedt����supported_byse
��
---
module: na_ontap_vserver_cifs_security
short_description: NetApp ONTAP vserver CIFS security modification
extends_documentation_fragment:
- netapp.na_ontap
version_added: '2.9'
author: NetApp Ansible Team (@carchi8py) <[email protected]>
description:
- modify vserver CIFS security.
options:
vserver:
description:
- name of the vserver.
required: true
type: str
kerberos_clock_skew:
description:
- The clock skew in minutes is the tolerance for accepting tickets with time stamps that do not exactly match the host's system clock.
type: int
kerberos_ticket_age:
description:
- Determine the maximum amount of time in hours that a user's ticket may be used for the purpose of Kerberos authentication.
type: int
kerberos_renew_age:
description:
- Determine the maximum amount of time in days for which a ticket can be renewed.
type: int
kerberos_kdc_timeout:
description:
- Determine the timeout value in seconds for KDC connections.
type: int
is_signing_required:
description:
- Determine whether signing is required for incoming CIFS traffic.
type: bool
is_password_complexity_required:
description:
- Determine whether password complexity is required for local users.
type: bool
is_aes_encryption_enabled:
description:
- Determine whether AES-128 and AES-256 encryption mechanisms are enabled for Kerberos-related CIFS communication.
type: bool
is_smb_encryption_required:
description:
- Determine whether SMB encryption is required for incoming CIFS traffic.
type: bool
lm_compatibility_level:
description:
- Determine the LM compatibility level.
choices: ['lm_ntlm_ntlmv2_krb', 'ntlm_ntlmv2_krb', 'ntlmv2_krb', 'krb']
type: str
referral_enabled_for_ad_ldap:
description:
- Determine whether LDAP referral chasing is enabled or not for AD LDAP connections.
type: bool
session_security_for_ad_ldap:
description:
- Determine the level of security required for LDAP communications.
choices: ['none', 'sign', 'seal']
type: str
smb1_enabled_for_dc_connections:
description:
- Determine if SMB version 1 is used for connections to domain controllers.
choices: ['false', 'true', 'system_default']
type: str
smb2_enabled_for_dc_connections:
description:
- Determine if SMB version 2 is used for connections to domain controllers.
choices: ['false', 'true', 'system_default']
type: str
use_start_tls_for_ad_ldap:
description:
- Determine whether to use start_tls for AD LDAP connections.
type: bool
sJ���
- name: modify cifs security
na_ontap_vserver_cifs_security:
vserver: ansible
hostname: "{{ hostname }}"
kerberos_clock_skew: 5
kerberos_ticket_age: 5
kerberos_renew_age: 10
kerberos_kdc_timeout: 5
is_signing_required: true
is_password_complexity_required: true
is_aes_encryption_enabled: true
is_smb_encryption_required: true
lm_compatibility_level: krb
smb1_enabled_for_dc_connections: true
smb2_enabled_for_dc_connections: true
use_start_tls_for_ad_ldap: true
username: username
password: password
- name: modify cifs security
na_ontap_vserver_cifs_security:
vserver: ansible
hostname: "{{ hostname }}"
referral_enabled_for_ad_ldap: true
username: username
password: password
- name: modify cifs security
na_ontap_vserver_cifs_security:
vserver: ansible
hostname: "{{ hostname }}"
session_security_for_ad_ldap: true
username: username
password: password
t����
N(����t
���AnsibleModule(����t ���to_native(����t����NetAppModulet����NetAppONTAPCifsSecurityc������������B`��sJ���e��Z��d��Z��d�����Z��d�����Z��d�����Z��e��d��������Z��d�����Z��d�����Z �RS(����s&���
modify vserver cifs security
c��������$���C`��s����t��j�����|��_��|��j��j��t��d��t��d��t��d��d�����d��t��d��t��d��d�����d��t��d��t��d��d�����d��t��d��t��d��d�����d �t��d��t��d��d�����d
�t��d��t��d��d�����d��t��d��t��d��d�����d
�t��d��t��d��d�����d��t��d��t��d��d�����d��t��d��t��d��d��d��d��d��g�����d��t��d��t��d��d�����d��t��d��t��d��d��d��d��g�����d��t��d��t��d��d��d��d��g�����d��t��d��t��d��d��d��d��g�����d��t��d��t��d��d������������t��d �|��j��d!�t�����|��_��t ����|��_
�|��j
�j��|��j��j�����|��_
�t��t��k��r��|��j��j��d"�d#�����n%�t��j��d$�|��j��d��|��j
�d������|��_��d��S(%���Nt����vservert����requiredt����typet����strt����kerberos_clock_skewt����intt����kerberos_ticket_aget����kerberos_renew_aget����kerberos_kdc_timeoutt����is_signing_requiredt����boolt����is_password_complexity_requiredt����is_aes_encryption_enabledt����is_smb_encryption_requiredt����lm_compatibility_levelt����choicest����lm_ntlm_ntlmv2_krbt����ntlm_ntlmv2_krbt
���ntlmv2_krbt����krbt����referral_enabled_for_ad_ldapt����session_security_for_ad_ldapt����nonet����signt����sealt����smb1_enabled_for_dc_connectionst����falset����truet����system_defaultt����smb2_enabled_for_dc_connectionst����use_start_tls_for_ad_ldapt
���argument_spect����supports_check_modet����msgs(���the python NetApp-Lib module is requiredt����module(����t����netapp_utilst����na_ontap_host_argument_specR,���t����updatet����dictt����Truet����FalseR ���R/���R����t ���na_helpert����set_parameterst����paramst
���parameterst����HAS_NETAPP_LIBt ���fail_jsont����setup_na_ontap_zapit����server(����t����self(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyt����__init__����s2���������������������������!������������� �����������c������������C`��sV���t��j��j��d�����}��t��j��j��d�����}��t��j��j��d�����}��|��j��d��|��j��d�������|��j��|������|��j��|������t�����}��y��|��j��j��|��d��t ����}��WnO��t��j��j
�k
�r���}���|��j��j��d��d��|��j��d���t
�|�����f���d��t��j���������n��X|��j��d ����rR�t��|��j��d �������d
�k��rR�|��j��d�����j��d�����}��|��j��d�����|��d
�<|��j��d�����|��d��<|��j��d�����|��d��<|��j��d�����|��d��<t��|��j��d��������|��d��<t��|��j��d��������|��d��<t��|��j��d��������|��d��<t��|��j��d��������|��d��<|��j��d�����|��d��<t��|��j��d��������|��d��<|��j��d ����|��d!�<|��j��d"����|��d#�<|��j��d$����|��d%�<t��|��j��d&�������|��d'�<|��Sd(�S()���se���
get current vserver cifs security.
:return: a dict of vserver cifs security
s����cifs-security-get-itert����querys
���cifs-securityR
���t����enable_tunnelingR.���s(���Error fetching cifs security from %s: %st ���exceptions����num-recordsi����s����attributes-lists����kerberos-clock-skewR����s����kerberos-ticket-ageR����s����kerberos-renew-ageR����s����kerberos-kdc-timeoutR����s����is-signing-requiredR����s����is-password-complexity-requiredR����s����is-aes-encryption-enabledR����s����is-smb-encryption-requiredR����s����lm-compatibility-levelR����s����referral-enabled-for-ad-ldapR!���s����session-security-for-ad-ldapR"���s����smb1-enabled-for-dc-connectionsR&���s����smb2-enabled-for-dc-connectionsR*���s����use-start-tls-for-ad-ldapR+���N(����R0���t����zapit ���NaElementt
���add_new_childR9���t����add_child_elemR3���R=���t����invoke_successfullyR4���t
���NaApiErrorR/���R;���R
���t ���tracebackt
���format_exct����get_child_by_nameR����t����get_child_contentR����t����None(����R>���t����cifs_security_getR@���t
���cifs_securityt����cifs_security_detailst����resultt����errort����cifs_security_info(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyt����cifs_security_get_iter����s>�������������
�
� �������������*���������������������������������c������������C`��s����t��j��j��d�����}��x4�|��D],�}��|��j��|��j��|�����t��|��j��|����������q��Wy��|��j��j��|��d��t �����WnO��t��j��j
�k
�r���}���|��j��j��d��d��|��j��d���t
�|�����f���d��t��j���������n��Xd��S(����sU���
:param modify: A list of attributes to modify
:return: None
s����cifs-security-modifyRA���R.���s'���Error modifying cifs security on %s: %sR
���RB���N(����R0���RC���RD���RE���t����attribute_to_nameR����R9���R=���RG���R4���RH���R/���R;���R
���RI���RJ���(����R>���t����modifyt����cifs_security_modifyt ���attributet����e(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyRW�������s��������
�*�����������c������������C`��s����t��j��|��d��d�����S(����Nt����_t����-(����R����t����replace(����RX���(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyRU�������s������c������������C`��s����|��j��d������|��j�����}��|��j��j��|��|��j�����}��|��j��j��re�|��j��j��rL�qe�|��re�|��j��|������qe�n��|��j��j �d��|��j��j������d��S(����s����Call modify operations.t����na_ontap_vserver_cifs_securityt����changedN(
���t����asup_log_for_cserverRT���R6���t����get_modified_attributesR9���R^���R/���t
���check_modeRW���t ���exit_json(����R>���t����currentRV���(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyt����apply����s������
���������������c������������C`��sA���t��j��|��j�����}��t��j��d��|��j��d��|�����}��t��j��|��|������d��S(����s����
Fetch admin vserver for the given cluster
Create and Autosupport log event with the given module name
:param event_name: Name of the event log
:return: None
R/���R
���N(����R0���t����get_cserverR=���R<���R/���t
���ems_log_event(����R>���t
���event_namet����resultst����cserver(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyR_�������s����������(
���t����__name__t
���__module__t����__doc__R?���RT���RW���t����staticmethodRU���Rd���R_���(����(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyR��������s�������� " % ���
c������������C`��s����t�����}��|��j������d��S(����N(����R����Rd���(����t����obj(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyt����main����s������ �t����__main__(����t
���__future__R����R����R����R����t
���__metaclass__t����ANSIBLE_METADATAt
���DOCUMENTATIONt����EXAMPLESt����RETURNRI���t����ansible.module_utils.basicR ���t����ansible.module_utils._textR
���t����ansible.module_utils.netappt����module_utilst����netappR0���t"���ansible.module_utils.netapp_moduleR����t����has_netapp_libR:���t����objectR����Ro���Rj���(����(����(����sa���/usr/lib/python2.7/site-packages/ansible/modules/storage/netapp/na_ontap_vserver_cifs_security.pyt����<module>����s"�������
�
�
`�%�����������������w ���
Anons79 File Manager Version 1.0, Coded By Anons79
Email: [email protected]
Anons79 Mini Shell