Skip to content

Instantly share code, notes, and snippets.

@cmsj

cmsj/smbpassword-ansible.md

Created August 24, 2023 23:37
Show Gist options
  • Save cmsj/5557c45ca5fa4779e81394105be204e1 to your computer and use it in GitHub Desktop.
Save cmsj/5557c45ca5fa4779e81394105be204e1 to your computer and use it in GitHub Desktop.
Download ZIP
Setting Samba passwords with Ansible
Raw
smbpassword-ansible.md

Scenario: You want to create a user in Linux, and set a Samba password for it, all from Ansible:

Notes:

  • This will not update the Samba password if you change the variable.

To create the encrypted vault string, run: ansible-vault encrypt_string --ask-vault-password 'some_password'

- name: Create OS group
  group:
    name: smbgroup
    state: present
    system: no

- name: Create OS user
  user:
    name: smbuser
    group: smbgroup
    createhome: no
    system: no
    state: present
    shell: /sbin/nologin

- name: Fetch current smbpasswd users
  command: /usr/bin/pdbedit -L
  register: pdb_users

- name: Set Samba password for smbuser
  shell: echo '{{ smbuser_password }}' | /usr/bin/smbpasswd -s -a smbuser
  when: pdb_users.stdout.find('smbuser') == -1
  vars:
    smbuser_password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          123456encryptedblah
          goeshere123456
@cmsj
Copy link
Author

cmsj commented Aug 25, 2023

Ooh yes, that's definitely nicer! Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment