All HowTo's Ansible Ansible & Terraform Automation

How to Expire (disable) a User Account using Ansible

This article explains how to disbale user accounts to prevent them logging in via SSH (for example). This will apply to password logins and key-based logins.

This is a mini-HowTo demonstrating how to disable or expire a user using Ansible. Put the following into a file called “playbook-expire-user.yml”.

- hosts: all

  sudo: yes


  - name: Expire an existing user
     name: myusername
     expires : 1486509032

The above would be executed using the following command. Make sure the file “hosts” is populated with a list (one IP or FQDN per line) of hosts to target with this Ansible run. My advice is to do one host first as a test and then do the others when you know it works.

ansible-playbook playbook-expire-user.yml -i hosts

Notice the “expires” line in the YAML file above. It’s the time the account should be expired from. It’s in Epoch time. To get the NOW time in this format, go to “”.


  1. Hi Andrew,
    a lot thanks for your explanation.

    but how you are giving the value for expires.

    expires : 1486509032

Leave a Reply

Your email address will not be published. Required fields are marked *