Forum Discussion

Altostratus

Jan 07, 2022

Ansible bigip - confirm only two local user accounts

Greetings. For security compliance purposes I'm trying to confirm that only two local user accounts exist on each F5 but not having any luck. Below are the two methods I've tried and the error messag...

Altostratus

Jan 11, 2022

Well I found one way to do it. Instead of counting the occurrence of a specific string/word in the output, you can just count the length of the output. The length of two local user accounts is 6. So if someone tried to secretly create another user account the length would be greater than 6.

- name: local users
      bigip_device_info:
        gather_subset:
          - users
        provider: "{{ providerA }}"
      register: user_output
 
    - name: count the length of user_output.users
      debug:
        msg: "User-ouput.users length is: {{ user_output.users | length }}"
      failed_when: user_output.users|length > 2

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Ansible bigip - confirm only two local user accounts

Recent Discussions

Earth Simnavaz

Problem with lets encrypt and redirect after update

Should config via cli rather than gui?

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

question about getting hsl data to be formatted properly in splunk

Related Content

Create a DevCentral account

Power of tmsh commands using Ansible

F5 Automation with Ansible Tips and Tricks

DevCentral to Require Multi-Factor Authentication for Account Login from September 26

Ansible module to update BIG-IP root/admin passwords

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS