mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-09-24 19:16:26 +02:00
35 lines
1.2 KiB
YAML
35 lines
1.2 KiB
YAML
- name: Gather all users with their current objectClass list
|
|
community.general.ldap_search:
|
|
server_uri: "{{ OPENLDAP_SERVER_URI }}"
|
|
bind_dn: "{{ LDAP.DN.ADMINISTRATOR.DATA }}"
|
|
bind_pw: "{{ LDAP.BIND_CREDENTIAL }}"
|
|
dn: "{{ LDAP.DN.OU.USERS }}"
|
|
scope: subordinate
|
|
filter: "{{ LDAP.FILTERS.USERS.ALL }}"
|
|
attrs:
|
|
- dn
|
|
- objectClass
|
|
- "{{ LDAP.USER.ATTRIBUTES.ID }}"
|
|
register: ldap_users_with_classes
|
|
|
|
- name: Add only missing auxiliary classes
|
|
community.general.ldap_attrs:
|
|
server_uri: "{{ OPENLDAP_SERVER_URI }}"
|
|
bind_dn: "{{ LDAP.DN.ADMINISTRATOR.DATA }}"
|
|
bind_pw: "{{ LDAP.BIND_CREDENTIAL }}"
|
|
dn: "{{ item.dn }}"
|
|
attributes:
|
|
objectClass: "{{ missing_auxiliary }}"
|
|
state: present
|
|
async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
|
|
poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
|
|
loop: "{{ ldap_users_with_classes.results }}"
|
|
loop_control:
|
|
label: "{{ item.dn }}"
|
|
vars:
|
|
missing_auxiliary: >-
|
|
{{ (LDAP.USER.OBJECTS.AUXILIARY.values() | list)
|
|
| difference(item.objectClass | default([]))
|
|
}}
|
|
when: missing_auxiliary | length > 0
|