From 9534838714894a1c744db8e52357299f90f9ce06 Mon Sep 17 00:00:00 2001
From: Nicolas Lastra <lastra.nikos@gmail.com>
Date: Wed, 17 Nov 2021 15:22:16 -0300
Subject: [PATCH] authd-update-in-ossec-conf

---
 .../ansible-wazuh-manager/defaults/main.yml   |  7 +++--
 .../var-ossec-etc-ossec-server.conf.j2        | 28 +++++++++++++++----
 2 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
index 4a2442d4..4c7a95fd 100644
--- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml
@@ -351,8 +351,11 @@ wazuh_manager_authd:
   enable: true
   port: 1515
   use_source_ip: 'no'
-  force_insert: 'yes'
-  force_time: 0
+  force:
+    enabled: yes
+    key_mismatch: yes
+    disconnected_time: '1h'
+    after_registration_time: '1h'
   purge: 'yes'
   use_password: 'no'
   ciphers: 'HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH'
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index 3242e88b..0c4eee1b 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -623,12 +623,28 @@
     {% if wazuh_manager_config.authd.use_source_ip is not none %}
     <use_source_ip>{{wazuh_manager_config.authd.use_source_ip}}</use_source_ip>
     {% endif %}
-    {% if wazuh_manager_config.authd.force_insert is not none %}
-    <force_insert>{{wazuh_manager_config.authd.force_insert}}</force_insert>
-    {% endif %}
-    {% if wazuh_manager_config.authd.force_time is not none %}
-    <force_time>{{wazuh_manager_config.authd.force_time}}</force_time>
-    {% endif %}
+    <force>
+      {% if wazuh_manager_config.authd.force.enabled is not none %}
+      <enabled>{{wazuh_manager_config.authd.port}}</enabled>
+      {% else %}
+      <enabledport>yes</enabled>
+      {% endif %}
+      {% if wazuh_manager_config.authd.force.key_mismatch is not none %}
+      <key_mismatch>{{wazuh_manager_config.authd.port}}</key_mismatch>
+      {% else %}
+      <key_mismatch>yes</key_mismatch>
+      {% endif %}
+      {% if wazuh_manager_config.authd.force.disconnected_time is not none %}
+      <disconnected_time>{{wazuh_manager_config.authd.port}}</disconnected_time>
+      {% else %}
+      <disconnected_time>1h</disconnected_time>
+      {% endif %}
+      {% if wazuh_manager_config.authd.force.after_registration_time is not none %}
+      <after_registration_time>{{wazuh_manager_config.authd.port}}</after_registration_time>
+      {% else %}
+      <after_registration_time>1h</after_registration_time>
+      {% endif %}
+    </force>
     {% if wazuh_manager_config.authd.purge is not none %}
     <purge>{{wazuh_manager_config.authd.purge}}</purge>
     {% endif %}