Th3G4mbl3r
commented
5 years ago Closing as realised there is a task for the first time authentication. So the issue is resolved by including that in the playbook.
Closed Th3G4mbl3r closed 5 years ago
Th3G4mbl3r
commented
5 years ago Closing as realised there is a task for the first time authentication. So the issue is resolved by including that in the playbook.
When trying to attach an access control policy using config_policy_attachments, if the appliance is brand new and no resource definitions exist on the server then the attachment fails with error FBTRBA420E The create failed because the domain value was not supplied. This is because at this point the AAC has not done a pdadmin authentication and established a credential against a domain. This is documented in https://www-01.ibm.com/support/docview.wss?uid=swg21989582.
So ideally prior to the actual call to the ISAM action ibmsecurity.isam.aac.access_control.policy_attachments.config in the underlying python module, the role should call ibmsecurity.isam.aac.access_control.policy_attachments.authenticate.