Note
This plugin is part of the community.general collection.
To install it use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.ldap_entry
.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
attributes string | If state=present, attributes necessary to create an entry. Existing entries are never modified. To assert specific attribute values on an existing entry, use community.general.ldap_attr module instead. | |
bind_dn string | A DN to bind with. If this is omitted, we'll try a SASL bind with the EXTERNAL mechanism. If this is blank, we'll use an anonymous bind. | |
bind_pw string | The password to use with bind_dn. | |
dn string / required | The DN of the entry to add or remove. | |
objectClass string | If state=present, value or list of values to use when creating the entry. It can either be a string or an actual list of strings. | |
server_uri string | Default: "ldapi:///" | A URI to the LDAP server. The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location. |
start_tls boolean |
| If true, we'll use the START_TLS LDAP extension. |
state string |
| The target state of the entry. |
validate_certs boolean |
| If set to no , SSL certificates will not be validated.This should only be used on sites using self-signed certificates. |
Note
- name: Make sure we have a parent entry for users community.general.ldap_entry: dn: ou=users,dc=example,dc=com objectClass: organizationalUnit - name: Make sure we have an admin user community.general.ldap_entry: dn: cn=admin,dc=example,dc=com objectClass: - simpleSecurityObject - organizationalRole attributes: description: An LDAP administrator userPassword: "{SSHA}tabyipcHzhwESzRaGA7oQ/SDoBZQOGND" - name: Get rid of an old entry community.general.ldap_entry: dn: ou=stuff,dc=example,dc=com state: absent server_uri: ldap://localhost/ bind_dn: cn=admin,dc=example,dc=com bind_pw: password # # The same as in the previous example but with the authentication details # stored in the ldap_auth variable: # # ldap_auth: # server_uri: ldap://localhost/ # bind_dn: cn=admin,dc=example,dc=com # bind_pw: password # # In the example below, 'args' is a task keyword, passed at the same level as the module - name: Get rid of an old entry community.general.ldap_entry: dn: ou=stuff,dc=example,dc=com state: absent args: "{{ ldap_auth }}"
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/general/ldap_entry_module.html