search

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0
84 stars 48 forks source link

fortinet.fortios.fortios.fortios_system_global vdom_mode not in versioned_schema (fortios v7.0.11) #254

Open devd4n opened 1 year ago

devd4n commented 1 year ago

Problem

can't use the vdom_mode parameter in the fortios_system_global module in Mature Version fortios v7.0.11. The Module is needed for basic configuration of a vdom deployment.

Plattform

(Hardware) Fortigate 60F

Reproduce Procedure

ansible version: core 2.14.6 collection-version: 2.3.0 fortios-version: 7.0.11

Task:

- name: Configure global attributes.
  fortios_system_global:
    access_token: "{{ fortios_access_token }}"
    system_global:
      vdom_mode: "multi-vdom"

Error

.... "meta": { "build": 489, "http_method": "POST", "http_status": 405, "name": "global", "path": "system", "serial": "FGT60F", "status": "error", "vdom": "root", "version": "v7.0.11" }, "msg": "Error in repo", "version_check_warning": { "matched": false, "mismatches": [ "option vdom_mode(multi-vdom) not supported since v6.4.4, before v7.2.0" ], "system_version": "v7.0.11" } ...

File: fortinet-ansible-dev/ansible-galaxy-fortios-collection/tree/main/plugins/modules/fortios_system_global.py

 "vdom_mode": {
            "revisions": {
                "v7.2.4": True,
                "v7.2.2": False,
                "v7.2.1": False,
                "v7.2.0": True,
                                        <===== Missing for v7.0.9 - v7.0.11
                "v7.0.8": False, <===== 
                "v7.0.7": False,
                "v7.0.6": False,
                "v7.0.5": False,
                "v7.0.4": False,
                "v7.0.3": False,
                "v7.0.2": False,
                "v7.0.1": False,
                "v7.0.0": False,
                "v6.4.4": True,
                "v6.4.1": True,
                "v6.4.0": True,
                "v6.2.7": True,
                "v6.2.5": True,
                "v6.2.3": True,
                "v6.2.0": True,
                "v6.0.5": False,
                "v6.0.11": False,
                "v6.0.0": False,
            },

Related Issues or Commits

219

MaxxLiu22 commented 1 year ago

@devd4n,

Thank you for raising this issue, I only receive a mismatch warning, that should be fixed, but successfully deploy on a 7.0.11 VM, May I know you use a VM or a physical machine, and what platform it run on?

Thanks, Maxx

devd4n commented 1 year ago

@devd4n,

Thank you for raising this issue, I only receive a mismatch warning, that should be fixed, but successfully deploy on a 7.0.11 VM, May I know you use a VM or a physical machine, and what platform it run on?

Thanks, Maxx

updated the initial Message.

MaxxLiu22 commented 1 year ago

Hi @devd4n,

This issue may be caused by not giving a full permission to your user, vdom-mode setting can only be edit through API user with pre-defined super_admin accprofile, or admin user. Could you try these two users method to change vdom-mode, let me know if that doesn't solve your problem.

Thanks, Maxx

devd4n commented 1 year ago

Hi @devd4n,

This issue may be caused by not giving a full permission to your user, vdom-mode setting can only be edit through API user with pre-defined super_admin accprofile, or admin user. Could you try these two users method to change vdom-mode, let me know if that doesn't solve your problem.

Thanks, Maxx

Hi Maxx, i can't verify if it was really not implemented on the fortgate v7.0.11. I only saw the error which resolved in a "failed" state of the ansible role.

meanwhile i've updated the fortigate v7.2.4 and if i follow your advice to assign the api-user to the group "super_admin" it works on that version like expected.

I hope nevertheless that the missmatch Warning will be fixed for the version 7.0.11.

Thank you for your support :)