ansible-ldap
************

Ansible role for installing OpenLDAP, phpLDAPadmin and daily backup.

Requirements
------------

- Debian Jessie.

Role Variables
--------------

::
    organization: '{{ ansible_domain }}' #Organization name, defaults to the domain name.
    domain: '{{ ansible_domain }}' #LDAP domain, converted to ldap formatted. Defaults to the domain name of the machine.
    basedn: #LDAP base distinguished name, defaults to machine's domain converted to LDAP format.
    password: #Password for admin account, if blank a random password will be generated and saved under files/ldap_password.
    tls_cert: #Certificate for LDAPS, if blank the self-signed snakeoil cert is used. Intermediate certs need to be included in this file.
    tls_key: #Key for LDAPS, if blank the self-signed snakeoil key is used.

Dependencies
------------

None.

Example Playbook
----------------

::
    - hosts: servers
      roles:
         - ansible-ldap

License
-------

MIT

Author Information
------------------

Nimrod Adar.

Restore procedure
-----------------

Deleting existing basedn: ::
    ldapdelete -Y EXTERNAL -H ldapi:/// -rD "cn=admin,dc=example,dc=com" #Run as root, no password needed.
    ldapdelete -rxWD "cn=admin,dc=example,dc=com" #Run as any user, asks for OpenLDAP admin password.

Restoring from backup: ::
    ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=admin,dc=example,dc=com -f backup.ldif #Run as root, no password needed.
    ldapadd -xWD "cn=admin,dc=example,dc=com -f backup.ldif #Run as any user, asks for OpenLDAP admin password.