Delinea Client Enrollment Playbook

This playbook performs the following tasks:

  • Check if the CentrifyCC package is installed (skip further actions if not installed)

  • Check if a computer is enrolled to a Delinea tenant (skip further actions if already joined)

  • Enroll a computer to the Delinea tenant using a registration code

  • Enroll and manage password for the root account

Playbook example running cenroll using registration code:

Copy 
---
- hosts: all
    become: true
    vars:
    tenant: <YourTenant>.my.centrify.net
    code: <RegistrationCode>
    tasks:

    - name: Check if CentrifyCC is installed
    yum:
    list: 'CentrifyCC'
    register: yum_cmd
    
    - name: Check if computer is enrolled to Delinea Cloud Suite
    command: cinfo
    register: cinfo_cmd
    changed_when: cinfo_cmd.rc == 10
    failed_when:
    - cinfo_cmd.rc != 10
    - cinfo_cmd.rc != 0

    - name: Enroll computer to Delinea Cloud Suite
    block:
    - name: Enroll the computer to Delinea tenant using registration code
    command: cenroll --tenant "{{tenant}}" --code "{{code}}" --features all --force --verbose
    when:
    - yum_cmd.results | selectattr("yumstate", "match", "installed") | list | length == 1
    - cinfo_cmd.rc == 10

Delinea Client Unenrollment Playbook

The playbook performs the following tasks:

  • Check if the CentrifyCC package is installed (skip further actions if not installed)

  • Check if a computer is enrolled with a Delinea tenant (skip further actions if not joined)

  • Unenroll a computer from the Delinea tenant using machine credentials

Playbook example running cunenroll:

Copy 
---
- hosts: all
    become: true
    vars:
    tenant: <YourTenant>.my.centrify.net
    code: <RegistrationCode>
    tasks:
    
    - name: Check if CentrifyCC is installed
    yum:
    list: 'CentrifyCC'
    register: yum_cmd
    
    - name: Check if computer is enrolled to Delinea Cloud Suite
    command: cinfo
    register: cinfo_cmd
    changed_when: cinfo_cmd.rc == 10
    failed_when:
    - cinfo_cmd.rc != 10
    - cinfo_cmd.rc != 0
    
    - name: Enroll computer to Delinea Cloud Suite
    block:
    - name: Enroll the computer to Delinea tenant using registration code
    command: cenroll --tenant "{{tenant}}" --code "{{code}}" --features all --force --verbose
    when:
    - yum_cmd.results | selectattr("yumstate", "match", "installed") | list | length == 1
    - cinfo_cmd.rc == 10