EX294 · Question #15
EX294 Question #15: Real Exam Question with Answer & Explanation
Sign in or unlock EX294 to reveal the answer and full explanation for question #15. The question stem and answer options stay visible for context.
Question
15. Create User Accounts Utilize the password vault created at another location /home/greg/ansible/locker.yml. Create a playbook named /home/greg/ansible/users.yml to create user accounts according to the following instructions: Users with the job description "developer" should: - Be created on managed nodes in the dev and test host groups. - Be assigned passwords from the pw_developer variable. - Have passwords with a maximum validity period of 30 days. - Be members of the supplementary group devops. - Users with the job description "manager" should: - Be created on managed nodes in the prod host group. - Be assigned passwords from the pw_manager variable. - Have passwords with a maximum validity period of 30 days. - Be members of the supplementary group opsmgr. - Passwords should use the sha512 hash format. Explanation/Reference: Solution: [greg@control ansible]$ cat user_list.yml [greg@control ansible]$ vim /home/greg/ansible/users.yml --- - name: Create User1 hosts: dev,test vars_files: - /home/greg/ansible/locker.yml - /home/greg/ansible/user_list.yml tasks: - name: Add group1 group: name: devops state: present - name: Add user1 user: name: "{{ item.name }}" groups: devops password: "{{ pw_developer | password_hash('sha512') }}" password_expire_max: "{{ item.password_expire_max }}" when: item.job == 'developer' - name: Create User2 hosts: prod vars_files: - /home/greg/ansible/locker.yml - /home/greg/ansible/user_list.yml tasks: - name: Add group2 group: name: opsmgr state: present - name: Add user2 user: name: "{{ item.name }}" groups: opsmgr password: "{{ pw_manager | password_hash('sha512') }}" password_expire_max: "{{ item.password_expire_max }}" loop: "{{ users }}" when: item.job == 'manager' [greg@control ansible]$ ansible-navigator run users.yml -m stdout # Verification: Ensure bob and fred exist on dev and test as required (mandatory) # Ensure sally exists on prod (node3 and node4) as required (mandatory) [greg@control ansible]$ ansible dev,test -m shell -a 'id bob; id sally; id fred' [greg@control ansible]$ ansible prod -m shell -a 'id fred; id bob; id sally' [greg@control ansible]$ ssh [email protected] [email protected]\'s password: `Imadev` <Ctrl-D> [greg@control ansible]$ ssh [email protected] [email protected]\'s password: `Imamgr` <Ctrl-D>
Unlock EX294 to see the answer
You've previewed enough free EX294 questions. Unlock EX294 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.