Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
duality-group / ansible python
Repository URL to install this package:
|
Version:
6.0.0 ▾
|
#!/usr/bin/python
from __future__ import absolute_import, division, print_function
# Copyright 2019-2021 Fortinet, Inc.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
DOCUMENTATION = '''
---
module: fmgr_user_radius
short_description: Configure RADIUS server entries.
description:
- This module is able to configure a FortiManager device.
- Examples include all parameters and values which need to be adjusted to data sources before usage.
version_added: "2.10"
author:
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
notes:
- Running in workspace locking mode is supported in this FortiManager module, the top
level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state present directive.
- To delete an object, use state absent directive.
- Normally, running one module can fail when a non-zero rc is returned. you can also override
the conditions to fail or succeed with parameters rc_failed and rc_succeeded
options:
enable_log:
description: Enable/Disable logging for task
required: false
type: bool
default: false
proposed_method:
description: The overridden method for the underlying Json RPC request
required: false
type: str
choices:
- update
- set
- add
bypass_validation:
description: only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters
required: false
type: bool
default: false
workspace_locking_adom:
description: the adom to lock for FortiManager running in workspace mode, the value can be global and others including root
required: false
type: str
workspace_locking_timeout:
description: the maximum time in seconds to wait for other user to release the workspace lock
required: false
type: int
default: 300
state:
description: the directive to create, update or delete an object
type: str
required: true
choices:
- present
- absent
rc_succeeded:
description: the rc codes list with which the conditions to succeed will be overriden
type: list
required: false
rc_failed:
description: the rc codes list with which the conditions to fail will be overriden
type: list
required: false
adom:
description: the parameter (adom) in requested url
type: str
required: true
user_radius:
description: the top level parameters set
required: false
type: dict
suboptions:
accounting-server:
description: 'Accounting-Server.'
type: list
suboptions:
id:
type: int
description: 'ID (0 - 4294967295).'
port:
type: int
description: 'RADIUS accounting port number.'
secret:
description: 'Secret key.'
type: str
server:
type: str
description: '{<name_str|ip_str>} Server CN domain name or IP.'
source-ip:
type: str
description: 'Source IP address for communications to the RADIUS server.'
status:
type: str
description: 'Status.'
choices:
- 'disable'
- 'enable'
interface:
type: str
description: 'Specify outgoing interface to reach server.'
interface-select-method:
type: str
description: 'Specify how to select outgoing interface to reach server.'
choices:
- 'auto'
- 'sdwan'
- 'specify'
acct-all-servers:
type: str
description: 'Enable/disable sending of accounting messages to all configured servers (default = disable).'
choices:
- 'disable'
- 'enable'
acct-interim-interval:
type: int
description: 'Time in seconds between each accounting interim update message.'
all-usergroup:
type: str
description: 'Enable/disable automatically including this RADIUS server in all user groups.'
choices:
- 'disable'
- 'enable'
auth-type:
type: str
description: 'Authentication methods/protocols permitted for this RADIUS server.'
choices:
- 'pap'
- 'chap'
- 'ms_chap'
- 'ms_chap_v2'
- 'auto'
class:
description: 'Class attribute name(s).'
type: str
dynamic_mapping:
description: 'Dynamic_Mapping.'
type: list
suboptions:
_scope:
description: '_Scope.'
type: list
suboptions:
name:
type: str
description: 'Name.'
vdom:
type: str
description: 'Vdom.'
acct-all-servers:
type: str
description: 'Enable/disable sending of accounting messages to all configured servers (default = disable).'
choices:
- 'disable'
- 'enable'
acct-interim-interval:
type: int
description: 'Time in seconds between each accounting interim update message.'
all-usergroup:
type: str
description: 'Enable/disable automatically including this RADIUS server in all user groups.'
choices:
- 'disable'
- 'enable'
auth-type:
type: str
description: 'Authentication methods/protocols permitted for this RADIUS server.'
choices:
- 'pap'
- 'chap'
- 'ms_chap'
- 'ms_chap_v2'
- 'auto'
class:
description: 'Class attribute name(s).'
type: str
dp-carrier-endpoint-attribute:
type: str
description: 'Dp-Carrier-Endpoint-Attribute.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Vendor-Specific'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
dp-carrier-endpoint-block-attribute:
type: str
description: 'Dp-Carrier-Endpoint-Block-Attribute.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Vendor-Specific'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
dp-context-timeout:
type: int
description: 'Dp-Context-Timeout.'
dp-flush-ip-session:
type: str
description: 'Dp-Flush-Ip-Session.'
choices:
- 'disable'
- 'enable'
dp-hold-time:
type: int
description: 'Dp-Hold-Time.'
dp-http-header:
type: str
description: 'Dp-Http-Header.'
dp-http-header-fallback:
type: str
description: 'Dp-Http-Header-Fallback.'
choices:
- 'ip-header-address'
- 'default-profile'
dp-http-header-status:
type: str
description: 'Dp-Http-Header-Status.'
choices:
- 'disable'
- 'enable'
dp-http-header-suppress:
type: str
description: 'Dp-Http-Header-Suppress.'
choices:
- 'disable'
- 'enable'
dp-log-dyn_flags:
description: 'Dp-Log-Dyn_Flags.'
type: list
choices:
- none
- protocol-error
- profile-missing
- context-missing
- accounting-stop-missed
- accounting-event
- radiusd-other
- endpoint-block
dp-log-period:
type: int
description: 'Dp-Log-Period.'
dp-mem-percent:
type: int
description: 'Dp-Mem-Percent.'
dp-profile-attribute:
type: str
description: 'Dp-Profile-Attribute.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Vendor-Specific'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
dp-profile-attribute-key:
type: str
description: 'Dp-Profile-Attribute-Key.'
dp-radius-response:
type: str
description: 'Dp-Radius-Response.'
choices:
- 'disable'
- 'enable'
dp-radius-server-port:
type: int
description: 'Dp-Radius-Server-Port.'
dp-secret:
description: 'Dp-Secret.'
type: str
dp-validate-request-secret:
type: str
description: 'Dp-Validate-Request-Secret.'
choices:
- 'disable'
- 'enable'
dynamic-profile:
type: str
description: 'Dynamic-Profile.'
choices:
- 'disable'
- 'enable'
endpoint-translation:
type: str
description: 'Endpoint-Translation.'
choices:
- 'disable'
- 'enable'
ep-carrier-endpoint-convert-hex:
type: str
description: 'Ep-Carrier-Endpoint-Convert-Hex.'
choices:
- 'disable'
- 'enable'
ep-carrier-endpoint-header:
type: str
description: 'Ep-Carrier-Endpoint-Header.'
ep-carrier-endpoint-header-suppress:
type: str
description: 'Ep-Carrier-Endpoint-Header-Suppress.'
choices:
- 'disable'
- 'enable'
ep-carrier-endpoint-prefix:
type: str
description: 'Ep-Carrier-Endpoint-Prefix.'
choices:
- 'disable'
- 'enable'
ep-carrier-endpoint-prefix-range-max:
type: int
description: 'Ep-Carrier-Endpoint-Prefix-Range-Max.'
ep-carrier-endpoint-prefix-range-min:
type: int
description: 'Ep-Carrier-Endpoint-Prefix-Range-Min.'
ep-carrier-endpoint-prefix-string:
type: str
description: 'Ep-Carrier-Endpoint-Prefix-String.'
ep-carrier-endpoint-source:
type: str
description: 'Ep-Carrier-Endpoint-Source.'
choices:
- 'http-header'
- 'cookie'
ep-ip-header:
type: str
description: 'Ep-Ip-Header.'
ep-ip-header-suppress:
type: str
description: 'Ep-Ip-Header-Suppress.'
choices:
- 'disable'
- 'enable'
ep-missing-header-fallback:
type: str
description: 'Ep-Missing-Header-Fallback.'
choices:
- 'session-ip'
- 'policy-profile'
ep-profile-query-type:
type: str
description: 'Ep-Profile-Query-Type.'
choices:
- 'session-ip'
- 'extract-ip'
- 'extract-carrier-endpoint'
h3c-compatibility:
type: str
description: 'Enable/disable compatibility with the H3C, a mechanism that performs security checking for authentication.'
choices:
- 'disable'
- 'enable'
nas-ip:
type: str
description: 'IP address used to communicate with the RADIUS server and used as NAS-IP-Address and Called-Station-ID attributes.'
password-encoding:
type: str
description: 'Password encoding.'
choices:
- 'ISO-8859-1'
- 'auto'
password-renewal:
type: str
description: 'Enable/disable password renewal.'
choices:
- 'disable'
- 'enable'
radius-coa:
type: str
description: 'Enable to allow a mechanism to change the attributes of an authentication, authorization, and accounting session after...'
choices:
- 'disable'
- 'enable'
radius-port:
type: int
description: 'RADIUS service port number.'
rsso:
type: str
description: 'Enable/disable RADIUS based single sign on feature.'
choices:
- 'disable'
- 'enable'
rsso-context-timeout:
type: int
description: 'Time in seconds before the logged out user is removed from the "user context list" of logged on users.'
rsso-endpoint-attribute:
type: str
description: 'RADIUS attributes used to extract the user end point identifer from the RADIUS Start record.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
rsso-endpoint-block-attribute:
type: str
description: 'RADIUS attributes used to block a user.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
rsso-ep-one-ip-only:
type: str
description: 'Enable/disable the replacement of old IP addresses with new ones for the same endpoint on RADIUS accounting Start mess...'
choices:
- 'disable'
- 'enable'
rsso-flush-ip-session:
type: str
description: 'Enable/disable flushing user IP sessions on RADIUS accounting Stop messages.'
choices:
- 'disable'
- 'enable'
rsso-log-flags:
description: 'Events to log.'
type: list
choices:
- none
- protocol-error
- profile-missing
- context-missing
- accounting-stop-missed
- accounting-event
- radiusd-other
- endpoint-block
rsso-log-period:
type: int
description: 'Time interval in seconds that group event log messages will be generated for dynamic profile events.'
rsso-radius-response:
type: str
description: 'Enable/disable sending RADIUS response packets after receiving Start and Stop records.'
choices:
- 'disable'
- 'enable'
rsso-radius-server-port:
type: int
description: 'UDP port to listen on for RADIUS Start and Stop records.'
rsso-secret:
description: 'RADIUS secret used by the RADIUS accounting server.'
type: str
rsso-validate-request-secret:
type: str
description: 'Enable/disable validating the RADIUS request shared secret in the Start or End record.'
choices:
- 'disable'
- 'enable'
secondary-secret:
description: 'Secret key to access the secondary server.'
type: str
secondary-server:
type: str
description: '{<name_str|ip_str>} secondary RADIUS CN domain name or IP.'
secret:
description: 'Pre-shared secret key used to access the primary RADIUS server.'
type: str
server:
type: str
description: 'Primary RADIUS server CN domain name or IP address.'
source-ip:
type: str
description: 'Source IP address for communications to the RADIUS server.'
sso-attribute:
type: str
description: 'RADIUS attribute that contains the profile group name to be extracted from the RADIUS Start record.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
sso-attribute-key:
type: str
description: 'Key prefix for SSO group value in the SSO attribute.'
sso-attribute-value-override:
type: str
description: 'Enable/disable override old attribute value with new value for the same endpoint.'
choices:
- 'disable'
- 'enable'
tertiary-secret:
description: 'Secret key to access the tertiary server.'
type: str
tertiary-server:
type: str
description: '{<name_str|ip_str>} tertiary RADIUS CN domain name or IP.'
timeout:
type: int
description: 'Time in seconds between re-sending authentication requests.'
use-group-for-profile:
type: str
description: 'Use-Group-For-Profile.'
choices:
- 'disable'
- 'enable'
use-management-vdom:
type: str
description: 'Enable/disable using management VDOM to send requests.'
choices:
- 'disable'
- 'enable'
username-case-sensitive:
type: str
description: 'Enable/disable case sensitive user names.'
choices:
- 'disable'
- 'enable'
interface:
type: str
description: 'Specify outgoing interface to reach server.'
interface-select-method:
type: str
description: 'Specify how to select outgoing interface to reach server.'
choices:
- 'auto'
- 'sdwan'
- 'specify'
group-override-attr-type:
type: str
description: 'Group-Override-Attr-Type.'
choices:
- 'filter-Id'
- 'class'
switch-controller-acct-fast-framedip-detect:
type: int
description: 'Switch-Controller-Acct-Fast-Framedip-Detect.'
accounting-server:
description: 'Accounting-Server.'
type: list
suboptions:
id:
type: int
description: 'ID (0 - 4294967295).'
interface:
type: str
description: 'Specify outgoing interface to reach server.'
interface-select-method:
type: str
description: 'Specify how to select outgoing interface to reach server.'
choices:
- 'auto'
- 'sdwan'
- 'specify'
port:
type: int
description: 'RADIUS accounting port number.'
secret:
description: 'Secret key.'
type: str
server:
type: str
description: '{<name_str|ip_str>} Server CN domain name or IP.'
source-ip:
type: str
description: 'Source IP address for communications to the RADIUS server.'
status:
type: str
description: 'Status.'
choices:
- 'disable'
- 'enable'
switch-controller-service-type:
description: 'Switch-Controller-Service-Type.'
type: list
choices:
- login
- framed
- callback-login
- callback-framed
- outbound
- administrative
- nas-prompt
- authenticate-only
- callback-nas-prompt
- call-check
- callback-administrative
h3c-compatibility:
type: str
description: 'Enable/disable compatibility with the H3C, a mechanism that performs security checking for authentication.'
choices:
- 'disable'
- 'enable'
name:
type: str
description: 'RADIUS server entry name.'
nas-ip:
type: str
description: 'IP address used to communicate with the RADIUS server and used as NAS-IP-Address and Called-Station-ID attributes.'
password-encoding:
type: str
description: 'Password encoding.'
choices:
- 'ISO-8859-1'
- 'auto'
password-renewal:
type: str
description: 'Enable/disable password renewal.'
choices:
- 'disable'
- 'enable'
radius-coa:
type: str
description: 'Enable to allow a mechanism to change the attributes of an authentication, authorization, and accounting session after it is a...'
choices:
- 'disable'
- 'enable'
radius-port:
type: int
description: 'RADIUS service port number.'
rsso:
type: str
description: 'Enable/disable RADIUS based single sign on feature.'
choices:
- 'disable'
- 'enable'
rsso-context-timeout:
type: int
description: 'Time in seconds before the logged out user is removed from the "user context list" of logged on users.'
rsso-endpoint-attribute:
type: str
description: 'RADIUS attributes used to extract the user end point identifer from the RADIUS Start record.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
rsso-endpoint-block-attribute:
type: str
description: 'RADIUS attributes used to block a user.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
rsso-ep-one-ip-only:
type: str
description: 'Enable/disable the replacement of old IP addresses with new ones for the same endpoint on RADIUS accounting Start messages.'
choices:
- 'disable'
- 'enable'
rsso-flush-ip-session:
type: str
description: 'Enable/disable flushing user IP sessions on RADIUS accounting Stop messages.'
choices:
- 'disable'
- 'enable'
rsso-log-flags:
description: 'Events to log.'
type: list
choices:
- none
- protocol-error
- profile-missing
- context-missing
- accounting-stop-missed
- accounting-event
- radiusd-other
- endpoint-block
rsso-log-period:
type: int
description: 'Time interval in seconds that group event log messages will be generated for dynamic profile events.'
rsso-radius-response:
type: str
description: 'Enable/disable sending RADIUS response packets after receiving Start and Stop records.'
choices:
- 'disable'
- 'enable'
rsso-radius-server-port:
type: int
description: 'UDP port to listen on for RADIUS Start and Stop records.'
rsso-secret:
description: 'RADIUS secret used by the RADIUS accounting server.'
type: str
rsso-validate-request-secret:
type: str
description: 'Enable/disable validating the RADIUS request shared secret in the Start or End record.'
choices:
- 'disable'
- 'enable'
secondary-secret:
description: 'Secret key to access the secondary server.'
type: str
secondary-server:
type: str
description: '{<name_str|ip_str>} secondary RADIUS CN domain name or IP.'
secret:
description: 'Pre-shared secret key used to access the primary RADIUS server.'
type: str
server:
type: str
description: 'Primary RADIUS server CN domain name or IP address.'
source-ip:
type: str
description: 'Source IP address for communications to the RADIUS server.'
sso-attribute:
type: str
description: 'RADIUS attribute that contains the profile group name to be extracted from the RADIUS Start record.'
choices:
- 'User-Name'
- 'User-Password'
- 'CHAP-Password'
- 'NAS-IP-Address'
- 'NAS-Port'
- 'Service-Type'
- 'Framed-Protocol'
- 'Framed-IP-Address'
- 'Framed-IP-Netmask'
- 'Framed-Routing'
- 'Filter-Id'
- 'Framed-MTU'
- 'Framed-Compression'
- 'Login-IP-Host'
- 'Login-Service'
- 'Login-TCP-Port'
- 'Reply-Message'
- 'Callback-Number'
- 'Callback-Id'
- 'Framed-Route'
- 'Framed-IPX-Network'
- 'State'
- 'Class'
- 'Session-Timeout'
- 'Idle-Timeout'
- 'Termination-Action'
- 'Called-Station-Id'
- 'Calling-Station-Id'
- 'NAS-Identifier'
- 'Proxy-State'
- 'Login-LAT-Service'
- 'Login-LAT-Node'
- 'Login-LAT-Group'
- 'Framed-AppleTalk-Link'
- 'Framed-AppleTalk-Network'
- 'Framed-AppleTalk-Zone'
- 'Acct-Status-Type'
- 'Acct-Delay-Time'
- 'Acct-Input-Octets'
- 'Acct-Output-Octets'
- 'Acct-Session-Id'
- 'Acct-Authentic'
- 'Acct-Session-Time'
- 'Acct-Input-Packets'
- 'Acct-Output-Packets'
- 'Acct-Terminate-Cause'
- 'Acct-Multi-Session-Id'
- 'Acct-Link-Count'
- 'CHAP-Challenge'
- 'NAS-Port-Type'
- 'Port-Limit'
- 'Login-LAT-Port'
sso-attribute-key:
type: str
description: 'Key prefix for SSO group value in the SSO attribute.'
sso-attribute-value-override:
type: str
description: 'Enable/disable override old attribute value with new value for the same endpoint.'
choices:
- 'disable'
- 'enable'
tertiary-secret:
description: 'Secret key to access the tertiary server.'
type: str
tertiary-server:
type: str
description: '{<name_str|ip_str>} tertiary RADIUS CN domain name or IP.'
timeout:
type: int
description: 'Time in seconds between re-sending authentication requests.'
use-management-vdom:
type: str
description: 'Enable/disable using management VDOM to send requests.'
choices:
- 'disable'
- 'enable'
username-case-sensitive:
type: str
description: 'Enable/disable case sensitive user names.'
choices:
- 'disable'
- 'enable'
interface:
type: str
description: 'Specify outgoing interface to reach server.'
interface-select-method:
type: str
description: 'Specify how to select outgoing interface to reach server.'
choices:
- 'auto'
- 'sdwan'
- 'specify'
group-override-attr-type:
type: str
description: 'RADIUS attribute type to override user group information.'
choices:
- 'filter-Id'
- 'class'
switch-controller-acct-fast-framedip-detect:
type: int
description: 'Switch controller accounting message Framed-IP detection from DHCP snooping (seconds, default=2).'
switch-controller-service-type:
description: 'RADIUS service type.'
type: list
choices:
- login
- framed
- callback-login
- callback-framed
- outbound
- administrative
- nas-prompt
- authenticate-only
- callback-nas-prompt
- call-check
- callback-administrative
'''
EXAMPLES = '''
- name: gathering fortimanager facts
hosts: fortimanager00
gather_facts: no
connection: httpapi
collections:
- fortinet.fortimanager
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: retrieve all the RADIUS server entries
fmgr_fact:
facts:
selector: 'user_radius'
params:
adom: 'ansible'
radius: ''
- hosts: fortimanager00
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure RADIUS server entries.
fmgr_user_radius:
bypass_validation: False
adom: ansible
state: present
user_radius:
name: ansible-test-radius
server: ansible
timeout: 200
'''
RETURN = '''
request_url:
description: The full url requested
returned: always
type: str
sample: /sys/login/user
response_code:
description: The status of api request
returned: always
type: int
sample: 0
response_message:
description: The descriptive message of the api response
type: str
returned: always
sample: OK.
'''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.connection import Connection
from ansible_collections.fortinet.fortimanager.plugins.module_utils.napi import NAPIManager
from ansible_collections.fortinet.fortimanager.plugins.module_utils.napi import check_galaxy_version
from ansible_collections.fortinet.fortimanager.plugins.module_utils.napi import check_parameter_bypass
def main():
jrpc_urls = [
'/pm/config/adom/{adom}/obj/user/radius',
'/pm/config/global/obj/user/radius'
]
perobject_jrpc_urls = [
'/pm/config/adom/{adom}/obj/user/radius/{radius}',
'/pm/config/global/obj/user/radius/{radius}'
]
url_params = ['adom']
module_primary_key = 'name'
module_arg_spec = {
'enable_log': {
'type': 'bool',
'required': False,
'default': False
},
'forticloud_access_token': {
'type': 'str',
'required': False,
'no_log': True
},
'proposed_method': {
'type': 'str',
'required': False,
'choices': [
'set',
'update',
'add'
]
},
'bypass_validation': {
'type': 'bool',
'required': False,
'default': False
},
'workspace_locking_adom': {
'type': 'str',
'required': False
},
'workspace_locking_timeout': {
'type': 'int',
'required': False,
'default': 300
},
'rc_succeeded': {
'required': False,
'type': 'list'
},
'rc_failed': {
'required': False,
'type': 'list'
},
'state': {
'type': 'str',
'required': True,
'choices': [
'present',
'absent'
]
},
'adom': {
'required': True,
'type': 'str'
},
'user_radius': {
'required': False,
'type': 'dict',
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'options': {
'accounting-server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'options': {
'id': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'port': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'source-ip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'status': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'interface': {
'required': False,
'revision': {
'6.2.5': True,
'6.4.0': False,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'interface-select-method': {
'required': False,
'revision': {
'6.2.5': True,
'6.4.0': False,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'auto',
'sdwan',
'specify'
],
'type': 'str'
}
}
},
'acct-all-servers': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'acct-interim-interval': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'all-usergroup': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'auth-type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'pap',
'chap',
'ms_chap',
'ms_chap_v2',
'auto'
],
'type': 'str'
},
'class': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'dynamic_mapping': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'options': {
'_scope': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'options': {
'name': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'vdom': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
}
}
},
'acct-all-servers': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'acct-interim-interval': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'all-usergroup': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'auth-type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'pap',
'chap',
'ms_chap',
'ms_chap_v2',
'auto'
],
'type': 'str'
},
'class': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'dp-carrier-endpoint-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Vendor-Specific',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'dp-carrier-endpoint-block-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Vendor-Specific',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'dp-context-timeout': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'dp-flush-ip-session': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'dp-hold-time': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'dp-http-header': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'dp-http-header-fallback': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ip-header-address',
'default-profile'
],
'type': 'str'
},
'dp-http-header-status': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'dp-http-header-suppress': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'dp-log-dyn_flags': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'choices': [
'none',
'protocol-error',
'profile-missing',
'context-missing',
'accounting-stop-missed',
'accounting-event',
'radiusd-other',
'endpoint-block'
]
},
'dp-log-period': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'dp-mem-percent': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'dp-profile-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Vendor-Specific',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'dp-profile-attribute-key': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'dp-radius-response': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'dp-radius-server-port': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'dp-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'dp-validate-request-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'dynamic-profile': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'endpoint-translation': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ep-carrier-endpoint-convert-hex': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ep-carrier-endpoint-header': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ep-carrier-endpoint-header-suppress': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ep-carrier-endpoint-prefix': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ep-carrier-endpoint-prefix-range-max': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ep-carrier-endpoint-prefix-range-min': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ep-carrier-endpoint-prefix-string': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ep-carrier-endpoint-source': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'http-header',
'cookie'
],
'type': 'str'
},
'ep-ip-header': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ep-ip-header-suppress': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ep-missing-header-fallback': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'session-ip',
'policy-profile'
],
'type': 'str'
},
'ep-profile-query-type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'session-ip',
'extract-ip',
'extract-carrier-endpoint'
],
'type': 'str'
},
'h3c-compatibility': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'nas-ip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'password-encoding': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ISO-8859-1',
'auto'
],
'type': 'str'
},
'password-renewal': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'radius-coa': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'radius-port': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-context-timeout': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso-endpoint-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'rsso-endpoint-block-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'rsso-ep-one-ip-only': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-flush-ip-session': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-log-flags': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'choices': [
'none',
'protocol-error',
'profile-missing',
'context-missing',
'accounting-stop-missed',
'accounting-event',
'radiusd-other',
'endpoint-block'
]
},
'rsso-log-period': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso-radius-response': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-radius-server-port': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'rsso-validate-request-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'secondary-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'secondary-server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'source-ip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'sso-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'sso-attribute-key': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'sso-attribute-value-override': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'tertiary-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'tertiary-server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'timeout': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'use-group-for-profile': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'use-management-vdom': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'username-case-sensitive': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'interface': {
'required': False,
'revision': {
'6.2.5': True,
'6.4.0': False,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'interface-select-method': {
'required': False,
'revision': {
'6.2.5': True,
'6.4.0': False,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'auto',
'sdwan',
'specify'
],
'type': 'str'
},
'group-override-attr-type': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'filter-Id',
'class'
],
'type': 'str'
},
'switch-controller-acct-fast-framedip-detect': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'accounting-server': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'options': {
'id': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'interface': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'interface-select-method': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'auto',
'sdwan',
'specify'
],
'type': 'str'
},
'port': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'secret': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'server': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'source-ip': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'status': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
}
}
},
'switch-controller-service-type': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'choices': [
'login',
'framed',
'callback-login',
'callback-framed',
'outbound',
'administrative',
'nas-prompt',
'authenticate-only',
'callback-nas-prompt',
'call-check',
'callback-administrative'
]
}
}
},
'h3c-compatibility': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'name': {
'required': True,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'nas-ip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'password-encoding': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ISO-8859-1',
'auto'
],
'type': 'str'
},
'password-renewal': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'radius-coa': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'radius-port': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-context-timeout': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso-endpoint-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'rsso-endpoint-block-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'rsso-ep-one-ip-only': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-flush-ip-session': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-log-flags': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'choices': [
'none',
'protocol-error',
'profile-missing',
'context-missing',
'accounting-stop-missed',
'accounting-event',
'radiusd-other',
'endpoint-block'
]
},
'rsso-log-period': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso-radius-response': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'rsso-radius-server-port': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'rsso-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'rsso-validate-request-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'secondary-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'secondary-server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'source-ip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'sso-attribute': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'User-Name',
'User-Password',
'CHAP-Password',
'NAS-IP-Address',
'NAS-Port',
'Service-Type',
'Framed-Protocol',
'Framed-IP-Address',
'Framed-IP-Netmask',
'Framed-Routing',
'Filter-Id',
'Framed-MTU',
'Framed-Compression',
'Login-IP-Host',
'Login-Service',
'Login-TCP-Port',
'Reply-Message',
'Callback-Number',
'Callback-Id',
'Framed-Route',
'Framed-IPX-Network',
'State',
'Class',
'Session-Timeout',
'Idle-Timeout',
'Termination-Action',
'Called-Station-Id',
'Calling-Station-Id',
'NAS-Identifier',
'Proxy-State',
'Login-LAT-Service',
'Login-LAT-Node',
'Login-LAT-Group',
'Framed-AppleTalk-Link',
'Framed-AppleTalk-Network',
'Framed-AppleTalk-Zone',
'Acct-Status-Type',
'Acct-Delay-Time',
'Acct-Input-Octets',
'Acct-Output-Octets',
'Acct-Session-Id',
'Acct-Authentic',
'Acct-Session-Time',
'Acct-Input-Packets',
'Acct-Output-Packets',
'Acct-Terminate-Cause',
'Acct-Multi-Session-Id',
'Acct-Link-Count',
'CHAP-Challenge',
'NAS-Port-Type',
'Port-Limit',
'Login-LAT-Port'
],
'type': 'str'
},
'sso-attribute-key': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'sso-attribute-value-override': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'tertiary-secret': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'tertiary-server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'timeout': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'use-management-vdom': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'username-case-sensitive': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'interface': {
'required': False,
'revision': {
'6.2.5': True,
'6.4.0': False,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'interface-select-method': {
'required': False,
'revision': {
'6.2.5': True,
'6.4.0': False,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'auto',
'sdwan',
'specify'
],
'type': 'str'
},
'group-override-attr-type': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'filter-Id',
'class'
],
'type': 'str'
},
'switch-controller-acct-fast-framedip-detect': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'switch-controller-service-type': {
'required': False,
'revision': {
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'choices': [
'login',
'framed',
'callback-login',
'callback-framed',
'outbound',
'administrative',
'nas-prompt',
'authenticate-only',
'callback-nas-prompt',
'call-check',
'callback-administrative'
]
}
}
}
}
params_validation_blob = []
check_galaxy_version(module_arg_spec)
module = AnsibleModule(argument_spec=check_parameter_bypass(module_arg_spec, 'user_radius'),
supports_check_mode=False)
fmgr = None
if module._socket_path:
connection = Connection(module._socket_path)
connection.set_option('enable_log', module.params['enable_log'] if 'enable_log' in module.params else False)
connection.set_option('forticloud_access_token',
module.params['forticloud_access_token'] if 'forticloud_access_token' in module.params else None)
fmgr = NAPIManager(jrpc_urls, perobject_jrpc_urls, module_primary_key, url_params, module, connection, top_level_schema_name='data')
fmgr.validate_parameters(params_validation_blob)
fmgr.process_curd(argument_specs=module_arg_spec)
else:
module.fail_json(msg='MUST RUN IN HTTPAPI MODE')
module.exit_json(meta=module.params)
if __name__ == '__main__':
main()