All Linux HowTo's

How to Expire (disable) a User Account using Ansible

I dare you to find just one other article explaining how to expire a user account using Ansible. You didn’t and that’s why you’re here. An amazingly undocumented (well, there is doco but it’s rubbish) facility that’s more important than creating the user account in the first place.

This is a mini-HowTo demonstrating how to disable or expire a user using Ansible. Put the following into a file called “playbook-expire-user.yml”.

---
- hosts: all

  sudo: yes

  tasks:

  - name: Expire an existing user
    user:
     name: myusername
     expires : 1486509032

The above would be executed using the following command. Make sure the file “hosts” is populated with a list (one IP or FQDN per line) of hosts to target with this Ansible run. My advice is to do one host first as a test and then do the others when you know it works.

ansible-playbook playbook-expire-user.yml -i hosts

Notice the “expires” line in the YAML file above. It’s the time the account should be expired from. It’s in Epoch time. To get the NOW time in this format, go to “http://www.epochconverter.com/”.

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *