- name: Load memberof module from file in OpenLDAP container shell: > docker exec -i {{ OPENLDAP_CONTAINER }} ldapmodify -Y EXTERNAL -H ldapi:/// -f "{{ [OPENLDAP_LDIF_PATH_DOCKER, 'configuration/01_member_of_configuration.ldif' ] | path_join }}" listen: - "Import configuration LDIF files" # @todo Remove the following ignore errors when setting up a new server # Just here because debugging would take to much time ignore_errors: true - name: Refint Module Activation for OpenLDAP shell: > docker exec -i {{ OPENLDAP_CONTAINER }} ldapadd -Y EXTERNAL -H ldapi:/// -f "{{ [ OPENLDAP_LDIF_PATH_DOCKER, 'configuration/02_member_of_configuration.ldif' ] | path_join }}" listen: - "Import configuration LDIF files" register: ldapadd_result failed_when: ldapadd_result.rc not in [0, 68] # @todo Remove the following ignore errors when setting up a new server # Just here because debugging would take to much time ignore_errors: true - name: Refint Overlay Configuration for OpenLDAP shell: > docker exec -i {{ OPENLDAP_CONTAINER }} ldapmodify -Y EXTERNAL -H ldapi:/// -f "{{ [ OPENLDAP_LDIF_PATH_DOCKER, 'configuration/03_member_of_configuration.ldif' ] | path_join }}" listen: - "Import configuration LDIF files" register: ldapadd_result failed_when: ldapadd_result.rc not in [0, 68] # @todo Remove the following ignore errors when setting up a new server # Just here because debugging would take to much time ignore_errors: true - name: "Import users, groups, etc. to LDAP" shell: > docker exec -i {{ OPENLDAP_CONTAINER }} ldapadd -x -D "{{ LDAP.DN.ADMINISTRATOR.DATA }}" -w "{{ LDAP.BIND_CREDENTIAL }}" -c -f "{{ [ OPENLDAP_LDIF_PATH_DOCKER, 'groups', (item | basename | regex_replace('\.j2$', '')) ] | path_join }}" register: ldapadd_result changed_when: "'adding new entry' in ldapadd_result.stdout" failed_when: ldapadd_result.rc not in [0, 20, 68, 65] listen: - "Import groups LDIF files" loop: "{{ query('fileglob', role_path ~ '/templates/ldif/groups/*.j2') | sort }}"