Deploy sane ldap.conf for ldap clients.
This commit is contained in:
parent
1f11072d0f
commit
07ca697e63
@ -38,5 +38,8 @@
|
||||
- name: Create LDAP certificate directory
|
||||
file: path=/etc/ldap/ssl state=directory
|
||||
|
||||
- name: Create LDAP client config
|
||||
template: src=ldap.conf.j2 dest=/etc/ldap/ldap.conf mode=0644
|
||||
|
||||
- name: Copy LDAP certificate
|
||||
copy: src=BKCA.crt dest=/etc/ldap/ssl/BKCA.crt mode=0444
|
||||
|
17
roles/common/templates/ldap.conf.j2
Normal file
17
roles/common/templates/ldap.conf.j2
Normal file
@ -0,0 +1,17 @@
|
||||
#
|
||||
# LDAP Defaults
|
||||
#
|
||||
|
||||
# See ldap.conf(5) for details
|
||||
# This file should be world readable but not world writable.
|
||||
|
||||
BASE {{ ldap_base }}
|
||||
URI {{ ldap_uri }}
|
||||
|
||||
#SIZELIMIT 12
|
||||
#TIMELIMIT 15
|
||||
#DEREF never
|
||||
|
||||
# TLS certificates (needed for GnuTLS)
|
||||
TLS_CACERT /etc/ldap/ssl/BKCA.crt
|
||||
|
Loading…
Reference in New Issue
Block a user