--- ldap_conf: /etc/openldap/ldap.conf slapd_conf: /etc/openldap/slapd.conf ldap_db_config_example: /usr/share/openldap-servers/DB_CONFIG.example ldap_db_dir: /var/lib/ldap ldap_db_config: "{{ ldap_db_dir }}/DB_CONFIG" ldap_user: ldap ldap_group: ldap ldap_root_passwd: ldap ldap_user_passwd: ldap ldif_dir: /etc/openldap/ldif ldif_root_passwd_file: "root_pw.ldif" ldif_manager_passwd_file: "manager_pw.ldif" ldif_config_file: "config.ldif" ldif_base_file: "base.ldif" ldif_user_file: "user.ldif" ldif_group_file: "group.ldif" # note: if a new user is added. group.ldif.j2 needs to be updeted too! ldap_users: - uid: ernie uidNumber: 1000 givenName: Ernie - uid: bert uidNumber: 1001 givenName: Bert - uid: oskar uidNumber: 1002 givenName: Oskar ldap_schemas: - /etc/openldap/schema/cosine.ldif - /etc/openldap/schema/nis.ldif - /etc/openldap/schema/inetorgperson.ldif access_manager_ldap_config: - option: "custom.security.ldap.enabled" line: "custom.security.ldap.enabled=true" - option: "custom.security.ldap.url" line: "custom.security.ldap.url=ldap\\://{{ current_host_config.ldap_server_ip }}\\:389" - option: "custom.security.ldap.root-dn" line: "custom.security.ldap.root-dn=dc\\=tixel,dc\\=it" - option: "custom.security.ldap.user-search-base" line: "custom.security.ldap.user-search-base=ou\\=Users" - option: "custom.security.ldap.group-base-search" line: "custom.security.ldap.group-base-search=ou\\=Groups" - option: "custom.security.ldap.user-search-filter" line: "custom.security.ldap.user-search-filter=(uid\\={0})" - option: "custom.security.ldap.group-search-filter" line: "custom.security.ldap.group-search-filter=uniqueMember\\={0}" - option: "custom.security.ldap.group-role-attribute" line: "custom.security.ldap.group-role-attribute=cn" - option: "custom.security.ldap.email-attribute" line: "custom.security.ldap.email-attribute=email" - option: "custom.security.ldap.fullname-attribute" line: "custom.security.ldap.fullname-attribute=cn" # vim:ft=ansible