jonathan/infra
1
0
Fork 0
Code Actions Activity

add group membership check separately

Browse Source
This commit is contained in:
Jonathan DeMasi
2026-01-24 17:52:16 -07:00
parent 12d379197e
commit efdafe72bb
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
ansible/roles/openldap_directory/tasks/groups.yaml
View File

@@ -13,3 +13,18 @@
bind_dn: "{{ ldap_admin_dn }}" bind_dn: "{{ ldap_admin_dn }}"
bind_pw: "{{ ldap_admin_pw }}" bind_pw: "{{ ldap_admin_pw }}"
start_tls: yes start_tls: yes
- name: Ensure group memberships are correct
community.general.ldap_attrs:
dn: "cn={{ item.name }},ou=Groups,{{ ldap_basedn }}"
attributes:
memberUid: "{{ item.members }}"
state: exact
loop: "{{ ldap_groups }}"
when: item.members is defined and item.members | length > 0
args:
server_uri: "{{ ldap_uri }}"
bind_dn: "{{ ldap_admin_dn }}"
bind_pw: "{{ ldap_admin_pw }}"
start_tls: yes