2019-02-19 11:10:05 +01:00
|
|
|
# {{ ansible_managed }}
|
2019-02-05 08:35:45 +01:00
|
|
|
|
|
|
|
# The user and group nslcd should run as.
|
|
|
|
uid nslcd
|
|
|
|
gid nslcd
|
|
|
|
|
|
|
|
# The location at which the LDAP server(s) should be reachable.
|
2020-02-20 18:42:34 +01:00
|
|
|
{% if 'fleming_vm' in group_names or 'fleming_pve' in group_names %}
|
|
|
|
{% for uri in groups['ldap_replica_fleming'] %}
|
2020-03-22 19:06:38 +01:00
|
|
|
uri ldap://{{ uri }}
|
2019-02-05 08:35:45 +01:00
|
|
|
{% endfor %}
|
|
|
|
{% endif %}
|
2020-11-09 18:53:36 +01:00
|
|
|
{% if 'rives_vm' in group_names or 'rives_pve' in group_names %}
|
|
|
|
{% for uri in groups['ldap_replica_rives'] %}
|
|
|
|
uri ldap://{{ uri }}
|
|
|
|
{% endfor %}
|
|
|
|
{% endif %}
|
2020-02-20 18:42:34 +01:00
|
|
|
{% if 'pacaterie_vm' in group_names or 'pacaterie_pve' in group_names %}
|
|
|
|
{% for uri in groups['ldap_replica_pacaterie'] %}
|
|
|
|
uri ldap://{{ uri }}
|
|
|
|
{% endfor %}
|
|
|
|
{% endif %}
|
2020-10-17 19:48:17 +02:00
|
|
|
{% if 'edc_vm' in group_names or 'edc_pve' in group_names or 'edc_server' in group_names %}
|
2020-03-22 18:42:00 +01:00
|
|
|
{% for uri in groups['ldap_replica_edc'] %}
|
2020-03-22 19:06:38 +01:00
|
|
|
uri ldap://{{ uri }}
|
2020-03-22 18:42:00 +01:00
|
|
|
{% endfor %}
|
|
|
|
{% endif %}
|
|
|
|
{% if 'gs_vm' in group_names or 'gs_pve' in group_names %}
|
|
|
|
{% for uri in groups['ldap_replica_gs'] %}
|
2020-03-22 19:06:38 +01:00
|
|
|
uri ldap://{{ uri }}
|
2020-03-22 18:42:00 +01:00
|
|
|
{% endfor %}
|
|
|
|
{% endif %}
|
2020-11-03 14:21:26 +01:00
|
|
|
{% if 'ovh_vm' in group_names or 'ovh_container' in group_names or 'ovh_pve' in group_names %}
|
|
|
|
{% for uri in groups['ldap_replica_ovh'] %}
|
|
|
|
uri ldap://{{ uri }}
|
|
|
|
{% endfor %}
|
|
|
|
{% endif %}
|
2019-02-05 08:35:45 +01:00
|
|
|
uri {{ ldap_master_uri }}
|
|
|
|
|
|
|
|
# The search base that will be used for all queries.
|
|
|
|
base {{ ldap_base }}
|
|
|
|
base passwd cn=Utilisateurs,{{ ldap_base }}
|
|
|
|
base shadow cn=Utilisateurs,{{ ldap_base }}
|
|
|
|
base group ou=posix,ou=groups,{{ ldap_base }}
|
|
|
|
|
|
|
|
# The LDAP protocol version to use.
|
|
|
|
ldap_version 3
|
|
|
|
|
|
|
|
# The DN to bind with for normal lookups.
|
|
|
|
binddn {{ ldap_nslcd_bind_dn }}
|
|
|
|
bindpw {{ ldap_nslcd_passwd }}
|
|
|
|
|
|
|
|
# The DN used for password modifications by root.
|
|
|
|
#rootpwmoddn cn=admin,dc=example,dc=com
|
|
|
|
|
|
|
|
# SSL options
|
|
|
|
#ssl off
|
|
|
|
#tls_reqcert never
|
|
|
|
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
|
|
|
|
|
|
|
|
# The search scope.
|
|
|
|
#scope sub
|