- name: List existing schemas
  command: >
    ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=config dn
  register: ldap_schemas
  changed_when: false

- name: Copy a configuration file to the destination
  ansible.builtin.copy:
    src: files/openssh-lpk.ldif
    dest: /etc/openldap/schemas/openssh-lpk.ldif
    owner: ldap               
    group: ldap              
    mode: '0600'       

#- name: Load cosine schema
#  command: >
#    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
#  when: "'cn=cosine,cn=schema,cn=config' not in ldap_schemas.stdout"
#
#- name: Load inetorgperson schema
#  command: >
#    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
#  when: "'cn=inetorgperson,cn=schema,cn=config' not in ldap_schemas.stdout"
#
#- name: Load nis schema
#  command: >
#    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
#  when: "'cn=nis,cn=schema,cn=config' not in ldap_schemas.stdout"

#- name: Load sudo schema
#  command: >
#    ldapadd -Y EXTERNAL -H ldapi:/// -f /usr/share/doc/sudo/schema.OpenLDAP
#  when: "'cn=sudo,cn=schema,cn=config' not in ldap_schemas.stdout"
#
- name: Load OpenSSH public key schema
  command: >
    ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/openssh-lpk.ldif
  when: "'cn=openssh-lpk,cn=schema,cn=config' not in ldap_schemas.stdout"