Ansible Playbook for unlocking/resetting user's passwords work for RHEL8 not RHEL7
I have the following Ansible Playbook that unlocks and resets a user's password, based on their User ID input and then they can enter their password. We run this against RHEL 8 and 7 workstations. None of these workstations are on a Windows domain. It individual logins, thru the Ansible Playbook.
--- - hosts: become: yes vars_prompt: - name: Username prompt: enter user id that you want to unlock/password reset private: no - name: Password prompt: enter in a new password for your user account private: yes confirm: yes tasks: - name: unlocking user id and generating new password ansible.builtin.user: name: "{{ Username | trim }}" password_lock: false password: "{{ Password | password_hash('sha512', 'mysecretsalt') }}" - name: confirm user account is unlocked and can log in debug: msg: - "user account is unlocked and password has been reset"
This playbook works with no issues against RHEL8, however when it comes to RHEL7, it won't make the changes that are being asked. I'm seeing the following in /var/log/secure like the following:
reprocess config line 71: Deprecated option RhostsRSAAuthentication pam_unix (sshd:account): account user_a has expired (failed to change password) pam_sss (sshd:account): Access denied for user user_a: 10 (User not known to underlying authentication module)
thanks
Responses