From 8a2b513e3b5714ba0d4c35eda27fd3b3cc1ce7fe Mon Sep 17 00:00:00 2001
From: Jonathan DeMasi <jrdemasi@gmail.com>
Date: Sat, 24 Jan 2026 17:09:16 -0700
Subject: [PATCH] our base dn doesn't exist apparently

---
 .../roles/openldap_directory/tasks/base.yaml    | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/ansible/roles/openldap_directory/tasks/base.yaml b/ansible/roles/openldap_directory/tasks/base.yaml
index cd07022..ceca82b 100644
--- a/ansible/roles/openldap_directory/tasks/base.yaml
+++ b/ansible/roles/openldap_directory/tasks/base.yaml
@@ -1,3 +1,20 @@
+- name: Ensure base DN exists
+  community.general.ldap_entry:
+    dn: "{{ ldap_basedn }}"
+    state: present
+    objectClass:
+      - top
+      - dcObject
+      - organization
+    attributes:
+      dc: "{{ ldap_basedn.split(',')[0].split('=')[1] }}"
+      o: "{{ ldap_org_name }}"
+  args:
+    server_uri: "{{ ldap_uri }}"
+    bind_dn: "{{ ldap_directory_bind_dn }}"
+    bind_pw: "{{ ldap_directory_bind_pw }}"
+    start_tls: yes
+
 - name: Create base OUs
   community.general.ldap_entry:
     dn: "{{ item }}"