missing defaults

2026-01-25 22:24:47 -07:00
parent 107fcf3cf0
commit 5a1e0bf333
1 changed files with 18 additions and 0 deletions
--- a/ansible/roles/openldap_directory/tasks/sudo.yaml
+++ b/ansible/roles/openldap_directory/tasks/sudo.yaml
@@ -1,3 +1,21 @@
 - name: Ensure sudo defaults entry exists
  community.general.ldap_entry:
    dn: "cn=defaults,ou=SUDOers,dc=example,dc=com"
    objectClass:
      - top
      - sudoRole
    attributes:
      cn: defaults
      sudoOption:
        - env_reset
    state: present
  args:
    server_uri: "{{ ldap_uri }}"
    bind_dn: "{{ ldap_admin_dn }}"
    bind_pw: "{{ ldap_admin_pw }}"
    start_tls: yes
 - name: Admin sudo rule
  community.general.ldap_entry:
    dn: "cn=admins-all,{{ ldap_sudo_ou }}"