jonathan/infra
1
0
Fork 0
Code Actions Activity

explicitly cast int, add top

Browse Source
This commit is contained in:
Jonathan DeMasi
2026-01-24 18:08:09 -07:00
parent efdafe72bb
commit 8d3a379440
1 changed files with 36 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
ansible/roles/openldap_directory/tasks/groups.yaml
View File

@@ -1,30 +1,48 @@
#- name: Ensure LDAP groups exist
# community.general.ldap_entry:
# dn: "cn={{ item.name }},ou=groups,{{ ldap_basedn }}"
# state: present
# objectClass:
# - posixGroup
# attributes:
# cn: "{{ item.name }}"
# gidNumber: "{{ item.gid }}"
# loop: "{{ ldap_groups }}"
# args:
# server_uri: "{{ ldap_uri }}"
# bind_dn: "{{ ldap_admin_dn }}"
# bind_pw: "{{ ldap_admin_pw }}"
# start_tls: yes
#
#- name: Ensure group memberships are correct
# community.general.ldap_attrs:
# dn: "cn={{ item.name }},ou=Groups,{{ ldap_basedn }}"
# attributes:
# memberUid: "{{ item.members }}"
# state: exact
# loop: "{{ ldap_groups }}"
# when: item.members is defined and item.members | length > 0
# args:
# server_uri: "{{ ldap_uri }}"
# bind_dn: "{{ ldap_admin_dn }}"
# bind_pw: "{{ ldap_admin_pw }}"
# start_tls: yes
#
#
- name: Ensure LDAP groups exist - name: Ensure LDAP groups exist
community.general.ldap_entry: community.general.ldap_entry:
dn: "cn={{ item.name }},ou=groups,{{ ldap_basedn }}" dn: "cn={{ item.name }},ou=Groups,{{ ldap_basedn }}"
state: present state: present
objectClass: objectClass:
- top
- posixGroup - posixGroup
attributes: attributes:
cn: "{{ item.name }}" cn: "{{ item.name }}"
gidNumber: "{{ item.gid }}" gidNumber: "{{ item.gid | int }}"
loop: "{{ ldap_groups }}" loop: "{{ ldap_groups }}"
args: args:
server_uri: "{{ ldap_uri }}" server_uri: "{{ ldap_uri }}"
bind_dn: "{{ ldap_admin_dn }}" bind_dn: "{{ ldap_directory_bind_dn }}"
bind_pw: "{{ ldap_admin_pw }}" bind_pw: "{{ ldap_directory_bind_pw }}"
start_tls: yes
- name: Ensure group memberships are correct
community.general.ldap_attrs:
dn: "cn={{ item.name }},ou=Groups,{{ ldap_basedn }}"
attributes:
memberUid: "{{ item.members }}"
state: exact
loop: "{{ ldap_groups }}"
when: item.members is defined and item.members | length > 0
args:
server_uri: "{{ ldap_uri }}"
bind_dn: "{{ ldap_admin_dn }}"
bind_pw: "{{ ldap_admin_pw }}"
start_tls: yes start_tls: yes