netscaler.adc.aaaparameter module – Configuration for AAA parameter resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.aaaparameter.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for AAA parameter resource.

Parameters

Parameter

Comments

aaadloglevel

any

AAAD log level, which specifies the types of AAAD events to log in nsvpn.log.

Available values function as follows:

* EMERGENCY - Events that indicate an immediate crisis on the server.

* ALERT - Events that might require action.

* CRITICAL - Events that indicate an imminent server crisis.

* ERROR - Events that indicate some type of error.

* WARNING - Events that require action in the near future.

* NOTICE - Events that the administrator should know about.

* INFORMATIONAL - All but low-level events.

* DEBUG - All events, in extreme detail.

Choices:

  • "EMERGENCY"

  • "ALERT"

  • "CRITICAL"

  • "ERROR"

  • "WARNING"

  • "NOTICE"

  • "INFORMATIONAL"

  • "DEBUG"

aaadnatip

any

Source IP address to use for traffic that is sent to the authentication server.

aaasessionloglevel

any

Audit log level, which specifies the types of events to log for cli executed commands.

Available values function as follows:

* EMERGENCY - Events that indicate an immediate crisis on the server.

* ALERT - Events that might require action.

* CRITICAL - Events that indicate an imminent server crisis.

* ERROR - Events that indicate some type of error.

* WARNING - Events that require action in the near future.

* NOTICE - Events that the administrator should know about.

* INFORMATIONAL - All but low-level events.

* DEBUG - All events, in extreme detail.

Choices:

  • "EMERGENCY"

  • "ALERT"

  • "CRITICAL"

  • "ERROR"

  • "WARNING"

  • "NOTICE"

  • "INFORMATIONAL"

  • "DEBUG"

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

apitokencache

any

Option to enable/disable API cache feature.

Choices:

  • "ENABLED"

  • "DISABLED"

defaultauthtype

any

The default authentication server type.

Choices:

  • "LOCAL"

  • "LDAP"

  • "RADIUS"

  • "TACACS"

  • "CERT"

defaultcspheader

any

Parameter to enable/disable default CSP header

Choices:

  • "ENABLED"

  • "DISABLED"

dynaddr

any

Set by the DHCP client when the IP address was fetched dynamically.

Choices:

  • "ON"

  • "OFF"

enableenhancedauthfeedback

any

Enhanced auth feedback provides more information to the end user about the reason for an authentication failure. The default value is set to NO.

Choices:

  • "YES"

  • "NO"

enablesessionstickiness

any

Enables/Disables stickiness to authentication servers

Choices:

  • "YES"

  • "NO"

enablestaticpagecaching

any

The default state of VPN Static Page caching. Static Page caching is enabled by default.

Choices:

  • "YES"

  • "NO"

failedlogintimeout

float

Number of minutes an account will be locked if user exceeds maximum permissible attempts

ftmode

any

First time user mode determines which configuration options are shown by default when logging in to the GUI. This setting is controlled by the GUI.

Choices:

  • "ON"

  • "HA"

  • "OFF"

httponlycookie

any

Parameter to set/reset HttpOnly Flag for NSC_AAAC/NSC_TMAS cookies in nfactor

Choices:

  • "ENABLED"

  • "DISABLED"

loginencryption

any

Parameter to encrypt login information for nFactor flow

Choices:

  • "ENABLED"

  • "DISABLED"

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

maxaaausers

any

Maximum number of concurrent users allowed to log on to VPN simultaneously.

maxkbquestions

any

This will set maximum number of Questions to be asked for KB Validation. Default value is 2, Max Value is 6

maxloginattempts

any

Maximum Number of login Attempts

maxsamldeflatesize

any

This will set the maximum deflate size in case of SAML Redirect binding.

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

persistentloginattempts

any

Persistent storage of unsuccessful user login attempts

Choices:

  • "ENABLED"

  • "DISABLED"

pwdexpirynotificationdays

any

This will set the threshold time in days for password expiry notification. Default value is 0, which means no notification is sent

samesite

any

SameSite attribute value for Cookies generated in AAATM context. This attribute value will be appended only for the cookies which are specified in the builtin patset ns_cookies_samesite

Choices:

  • "None"

  • "LAX"

  • "STRICT"

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "unset"

tokenintrospectioninterval

any

Frequency at which a token must be verified at the Authorization Server (AS) despite being found in cache.

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Notes

Note

Examples

---
- name: Sample Playbook
  hosts: localhost
  gather_facts: false
  tasks:
    - name: Sample Task | aaaparameter
      delegate_to: localhost
      netscaler.adc.aaaparameter:
        state: present
        maxaaausers: '4294967295'

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)