1
00:00:00,660 --> 00:00:06,180
Now that we have created a user, George, in our last playbook.

2
00:00:06,450 --> 00:00:11,610
Now, what about the password that will be used to log into George?

3
00:00:11,970 --> 00:00:18,960
Now, one thing you could do is you could go into your client as root and then you could change the

4
00:00:18,960 --> 00:00:20,360
password for George.

5
00:00:20,370 --> 00:00:25,770
But of course, this is going to be cumbersome again and you have to do it.

6
00:00:25,770 --> 00:00:28,470
So many remote clients.

7
00:00:28,890 --> 00:00:29,220
All right.

8
00:00:29,220 --> 00:00:30,120
So what do we do?

9
00:00:30,150 --> 00:00:32,690
We go back to Ansible to do that for us.

10
00:00:32,700 --> 00:00:41,640
So the playbook in this video will add or update a password for user George.

11
00:00:42,780 --> 00:00:50,370
Please note Ansible does not allow us to pass a clear text password through the user module.

12
00:00:50,370 --> 00:00:58,500
So when we are in the editor and we are writing a playbook, we cannot specify a clear text password

13
00:00:58,500 --> 00:01:01,920
inside of the module, so we have to pass it through the variable.

14
00:01:01,920 --> 00:01:03,900
So we'll see that in a second.

15
00:01:03,900 --> 00:01:06,260
So our playbook will look like this.

16
00:01:06,270 --> 00:01:14,880
We'll do the editor and we'll name a change pass YAML file so it will have the name of the playbook,

17
00:01:14,880 --> 00:01:19,920
the host where you want it to execute that playbook at the task.

18
00:01:20,760 --> 00:01:26,990
The first, the name of the task is Change your password or whoever the user wanted to change the password,

19
00:01:27,000 --> 00:01:27,900
it doesn't really matter.

20
00:01:27,900 --> 00:01:29,400
This is just a simple text.

21
00:01:29,700 --> 00:01:34,980
The module that we will be using is a user module, same module we use to create the user.

22
00:01:35,370 --> 00:01:37,730
Now here you have to define the name.

23
00:01:37,950 --> 00:01:39,570
Who is the user you're talking about?

24
00:01:39,600 --> 00:01:40,800
You're talking about George.

25
00:01:41,160 --> 00:01:41,550
All right.

26
00:01:41,550 --> 00:01:42,420
What are we doing?

27
00:01:42,420 --> 00:01:42,780
What?

28
00:01:42,780 --> 00:01:47,130
What are the options, the parameters that we have to define for that module?

29
00:01:47,220 --> 00:01:49,140
We have to update password.

30
00:01:49,140 --> 00:01:53,100
So update, underscore password, colon space.

31
00:01:53,100 --> 00:01:54,060
Always.

32
00:01:54,510 --> 00:01:55,890
All right, now the password.

33
00:01:55,890 --> 00:01:59,490
What do you want it to define or put the password as well?

34
00:01:59,520 --> 00:02:03,600
Here are here is the exact syntax that you have to use.

35
00:02:04,080 --> 00:02:08,460
Double code, curly braces, curly braces, space, new password.

36
00:02:08,460 --> 00:02:10,380
Just this, just a variable.

37
00:02:10,860 --> 00:02:16,680
If you put an update password or my password, this will be just a variable.

38
00:02:16,680 --> 00:02:19,560
It is not the password itself.

39
00:02:19,950 --> 00:02:24,600
Then pipe then put in password underscore hash.

40
00:02:24,600 --> 00:02:31,170
This is the encryption to encrypt the password while the ansible is going to the remote client and updating

41
00:02:31,170 --> 00:02:36,540
the password so the traffic cannot be visible to other users.

42
00:02:36,840 --> 00:02:37,230
All right.

43
00:02:37,380 --> 00:02:42,780
And the hash we are using is as a 512.

44
00:02:43,050 --> 00:02:49,890
Make sure you're using the exact same syntax, then parentheses, parentheses, close space, curly

45
00:02:49,890 --> 00:02:54,180
braces close, curly braces close and double code close.

46
00:02:54,750 --> 00:02:55,290
All right.

47
00:02:55,380 --> 00:02:58,590
To run this playbook, run the command as below.

48
00:02:58,590 --> 00:03:01,800
This will input the new password variable.

49
00:03:01,800 --> 00:03:05,760
This is the variable that will be used by our playbook.

50
00:03:05,760 --> 00:03:11,760
And the command that we will use is Ansible Playbook and the Playbook name.

51
00:03:11,760 --> 00:03:13,260
We all are familiar with this.

52
00:03:13,260 --> 00:03:22,770
Now here are the extra parameters you have to specify dash, dash, extra dash bars, which is telling

53
00:03:22,770 --> 00:03:27,930
the playbook that use extra variables which is new password.

54
00:03:27,930 --> 00:03:33,810
This is the name of the variable we defined equal a, b, c, 1 to 3.

55
00:03:33,810 --> 00:03:38,070
Now this is the password that I am choosing for the user.

56
00:03:38,070 --> 00:03:44,250
George, you could pick any password of your choice, but whatever the password you are defining, you

57
00:03:44,250 --> 00:03:46,290
have to write down right here.

58
00:03:46,290 --> 00:03:54,630
When you're running this entire command, you cannot take this password and just put it in to your YAML

59
00:03:54,630 --> 00:03:55,890
file and put it in here.

60
00:03:56,010 --> 00:03:56,880
It won't work.

61
00:03:56,880 --> 00:04:02,430
You have to define the variable and then pass it along to the variable in the command.

62
00:04:02,610 --> 00:04:03,210
All right.

63
00:04:03,600 --> 00:04:05,400
Let's go to our.

64
00:04:06,940 --> 00:04:13,180
Control node and we are in at Ansible Playbooks directory.

65
00:04:14,110 --> 00:04:15,820
We are logged in as route.

66
00:04:15,850 --> 00:04:23,110
Let's do them ed change, pass yaml or whatever the name that you want to define.

67
00:04:23,110 --> 00:04:30,130
Dash, dash, dash, name, add or update user password.

68
00:04:31,030 --> 00:04:34,610
All right, host, where do you want to run that against all?

69
00:04:34,630 --> 00:04:39,000
So we only have one remote client our tasks.

70
00:04:39,010 --> 00:04:40,440
What do you want it to do?

71
00:04:40,450 --> 00:04:42,370
Let's put the name of the task.

72
00:04:43,820 --> 00:04:44,750
Change.

73
00:04:45,920 --> 00:04:46,940
George.

74
00:04:48,640 --> 00:04:49,390
Password.

75
00:04:50,570 --> 00:04:51,470
User.

76
00:04:52,360 --> 00:04:54,580
Now we're going to use the user module.

77
00:04:54,850 --> 00:04:58,180
The name will be George.

78
00:04:59,670 --> 00:05:02,700
Update underscore password.

79
00:05:02,760 --> 00:05:06,780
This is the exact same syntax you have to use always.

80
00:05:06,930 --> 00:05:11,910
And the password here will define double code.

81
00:05:11,940 --> 00:05:12,810
Curly braces.

82
00:05:12,810 --> 00:05:13,470
Curly braces.

83
00:05:13,470 --> 00:05:15,330
Space, new password.

84
00:05:15,330 --> 00:05:16,800
This is the variable.

85
00:05:17,700 --> 00:05:24,390
You could have any variable name that you want, but that variable name has to be the same exact right

86
00:05:24,390 --> 00:05:25,740
here when we're running the command.

87
00:05:25,830 --> 00:05:27,090
All right, then.

88
00:05:27,330 --> 00:05:31,410
Password underscore hash.

89
00:05:32,880 --> 00:05:34,500
And let's move it up a little.

90
00:05:34,500 --> 00:05:35,820
So we'll see.

91
00:05:36,360 --> 00:05:42,990
Hash parentheses, single code as a 512.

92
00:05:43,080 --> 00:05:46,590
Single code, close parentheses, close space.

93
00:05:47,100 --> 00:05:48,720
Double curly braces.

94
00:05:48,720 --> 00:05:52,170
Close, curly braces closed and double code.

95
00:05:53,150 --> 00:05:53,900
That's it.

96
00:05:53,930 --> 00:05:55,040
It's just that simple.

97
00:05:55,040 --> 00:05:57,360
Save your YAML file.

98
00:05:57,380 --> 00:05:59,990
Now let's run the playbook.

99
00:06:01,130 --> 00:06:02,150
Change.

100
00:06:04,250 --> 00:06:05,750
Past YAML.

101
00:06:06,420 --> 00:06:08,190
Now we define.

102
00:06:09,080 --> 00:06:18,500
These option extra vars, which means extra variable and the variable name a new password.

103
00:06:18,650 --> 00:06:25,010
And now what password do you want to give to George ABC The simple password 1 to 3.

104
00:06:25,010 --> 00:06:28,190
But of course, I recommend that you pick a stronger password.

105
00:06:28,370 --> 00:06:29,840
All right, go ahead and hit enter.

106
00:06:31,220 --> 00:06:31,610
All right.

107
00:06:31,610 --> 00:06:38,420
It's doing the play, the playbook, gathering information for the host and changed.

108
00:06:38,600 --> 00:06:38,970
Okay.

109
00:06:39,080 --> 00:06:41,340
To no error messages.

110
00:06:41,360 --> 00:06:41,840
Beautiful.

111
00:06:41,900 --> 00:06:42,950
I mean, it worked.

112
00:06:42,980 --> 00:06:45,650
Now, to verify if it worked, let's go to our client.

113
00:06:46,700 --> 00:06:48,110
Right here is our client.

114
00:06:48,110 --> 00:06:49,220
Let's log in.

115
00:06:49,250 --> 00:06:50,660
I'm logged in as route.

116
00:06:53,010 --> 00:06:53,790
Or You know what?

117
00:06:53,790 --> 00:06:54,810
Let's make it simple.

118
00:06:54,810 --> 00:07:00,750
Let's cancel it and hit enter and log in as another user.

119
00:07:05,250 --> 00:07:05,940
Okay.

120
00:07:05,970 --> 00:07:09,630
Let's wait for the login screen to come back.

121
00:07:12,020 --> 00:07:12,380
All right.

122
00:07:12,380 --> 00:07:14,420
So now we have the login screen.

123
00:07:14,420 --> 00:07:17,570
This is the user that I created during the OS install.

124
00:07:17,570 --> 00:07:20,480
Now this is the user we created in the last playbook.

125
00:07:20,570 --> 00:07:27,140
Now we have to click on this and put in the password that we define as using this playbook.

126
00:07:27,140 --> 00:07:31,820
So that is a, b, c, one, two, three moment of truth.

127
00:07:31,820 --> 00:07:34,660
Let's hit enter and let's see if it worked.

128
00:07:39,950 --> 00:07:40,740
All right.

129
00:07:40,740 --> 00:07:43,060
Looks like it did work.

130
00:07:43,080 --> 00:07:43,880
Excellent.

131
00:07:43,890 --> 00:07:44,340
All right.

132
00:07:44,340 --> 00:07:49,260
So that's how you go ahead and change passwords to all the users.

133
00:07:49,260 --> 00:07:53,220
I know a lot of companies have their password update policies.

134
00:07:53,220 --> 00:07:57,900
Some of them have six months, some of them have a year password policy.

135
00:07:57,900 --> 00:08:03,570
But whatever the policy is, you don't have to go into every machine and change the password.

136
00:08:03,570 --> 00:08:06,210
That is very, very tedious work.

137
00:08:06,210 --> 00:08:10,050
So you could use Ansible to do that for you.

138
00:08:10,260 --> 00:08:10,800
Excellent.

139
00:08:10,800 --> 00:08:14,970
Just to confirm, we are logged in to the right user.

140
00:08:14,970 --> 00:08:15,390
You could do.

141
00:08:15,420 --> 00:08:16,500
Who am I?

142
00:08:16,860 --> 00:08:17,850
I am George.

143
00:08:17,940 --> 00:08:18,590
Excellent.

144
00:08:18,600 --> 00:08:20,340
All right, great.