Newer
Older
ansible-ldap
************
Ansible role for installing OpenLDAP, phpLDAPadmin and daily backup.
Requirements
------------
- Debian Jessie.
Role Variables
--------------
::
organization: '{{ ansible_domain }}' #Organization name, defaults to the domain name.
domain: '{{ ansible_domain }}' #LDAP domain, converted to ldap formatted. Defaults to the domain name of the machine.
basedn: #LDAP base distinguished name, defaults to machine's domain converted to LDAP format.
nimrod
committed
password: #Password for admin account, if blank a random password will be generated and saved under files/ldap_password.
tls_cert: #Certificate for LDAPS, if blank the self-signed snakeoil cert is used. Intermediate certs need to be included in this file.
tls_key: #Key for LDAPS, if blank the self-signed snakeoil key is used.
Dependencies
------------
None.
Example Playbook
----------------
::
- hosts: servers
roles:
- ansible-ldap
License
-------
MIT
Author Information
------------------
Nimrod Adar.
Restore procedure
-----------------
Deleting existing basedn: ::
nimrod
committed
ldapdelete -Y EXTERNAL -H ldapi:/// -rD "cn=admin,dc=example,dc=com" #Run as root, no password needed.
ldapdelete -rxWD "cn=admin,dc=example,dc=com" #Run as any user, asks for OpenLDAP admin password.
nimrod
committed
ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=admin,dc=example,dc=com -f backup.ldif #Run as root, no password needed.
ldapadd -xWD "cn=admin,dc=example,dc=com -f backup.ldif #Run as any user, asks for OpenLDAP admin password.