README.rst

ansible-openldap
################

Ansible role for installing OpenLDAP, phpLDAPadmin and daily backup.

Requirements
------------

- Debian Jessie.

Role Variables
--------------

::

    openldap_organization: '{{ ansible_domain }}' #Organization name, defaults to the domain name.
    openldap_domain: '{{ ansible_domain }}' #LDAP domain, converted to ldap formatted. Defaults to the domain name of the machine.
    openldap_basedn: #LDAP base distinguished name, defaults to machine's domain converted to LDAP format.
    openldap_password: #Password for admin account, must be set.

Dependencies
------------

None.

Example Playbook
----------------

::

    - hosts: servers
      roles:
         - ansible-openldap

License
-------

MIT

Author Information
------------------

Nimrod Adar.

Restore procedure
-----------------

Deleting existing basedn: ::

    ldapdelete -Y EXTERNAL -r #Run as root, no password needed.
    ldapdelete -rxWD "cn=admin,dc=example,dc=com" #Run as any user, asks for OpenLDAP admin password.

Restoring from backup: ::

    ldapadd -Y EXTERNAL -f backup.ldif #Run as root, no password needed.
    ldapadd -xWD "cn=admin,dc=example,dc=com -f backup.ldif #Run as any user, asks for OpenLDAP admin password.

TODO
----

- ldapadd/ modify import of ldaps.ldif fails (and ldaps is unavailable as a
  result).
- Log to syslog (Apache as well).
- Metrics (also Apache).
- Testing (ldaps, backup and restore).
- Remove all preseeding, configure via ldap modules.