playbooks/trixie
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implement posix group for all users in LDAP.

Browse source
This commit is contained in:
Andreas B. Mundt 2019-12-01 18:21:24 +01:00
parent 43cb4dcf13
commit 8c896c90e6
2 changed files with 36 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

19
roles/ldap/tasks/main.yml
View file

@ -92,6 +92,16 @@
bind_dn: "cn=admin,{{ basedn }}"
bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
- name: add group for all ldapusers
ldap_entry:
dn: "cn=ldapuser,ou=groups,{{ basedn }}"
objectClass:
- posixGroup
attributes:
gidNumber: 18000
bind_dn: "cn=admin,{{ basedn }}"
bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
- name: provide simple script to manage ldap/kdc
template:
src: debian-lan.j2
@ -128,6 +138,15 @@
bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
when: foo_pwd is defined and foo_pwd | length > 0
- name: add dummy user foo to group ldapuser
ldap_attr:
dn: "cn=ldapuser,ou=groups,{{ basedn }}"
name: memberUid
values: foo
bind_dn: "cn=admin,{{ basedn }}"
bind_pw: "{{ ldap_admin_pwd['content'] | b64decode | replace('\n', '') }}"
when: foo_pwd is defined and foo_pwd | length > 0
- name: allow ldap service in firewalld
firewalld:
zone: internal