ansible / ansible.builtin / v2.4.6.0-1 / module / ldap_entry Add or remove LDAP entries. | "added in version" 2.3 of ansible.builtin" Authors: Jiri Tyr (@jtyr) preview | supported by communityansible.builtin.ldap_entry (v2.4.6.0-1) — module
pip
Install with pip install ansible==2.4.6.0.post1
Add or remove LDAP entries. This module only asserts the existence or non-existence of an LDAP entry, not its attributes. To assert the attribute values of an entry, see M(ldap_attr).
- name: Make sure we have a parent entry for users ldap_entry: dn: ou=users,dc=example,dc=com objectClass: organizationalUnit
- name: Make sure we have an admin user ldap_entry: dn: cn=admin,dc=example,dc=com objectClass: - simpleSecurityObject - organizationalRole attributes: description: An LDAP administrator userPassword: "{SSHA}tabyipcHzhwESzRaGA7oQ/SDoBZQOGND"
- name: Get rid of an old entry ldap_entry: dn: ou=stuff,dc=example,dc=com state: absent server_uri: ldap://localhost/ bind_dn: cn=admin,dc=example,dc=com bind_pw: password
# # The same as in the previous example but with the authentication details # stored in the ldap_auth variable: # # ldap_auth: # server_uri: ldap://localhost/ # bind_dn: cn=admin,dc=example,dc=com # bind_pw: password - name: Get rid of an old entry ldap_entry: dn: ou=stuff,dc=example,dc=com state: absent params: "{{ ldap_auth }}"
dn: description: - The DN of the entry to add or remove. required: true state: choices: - present - absent default: present description: - The target state of the entry. required: false params: default: null description: - List of options which allows to overwrite any of the task or the I(attributes) options. To remove an option, set the value of the option to C(null). required: false bind_dn: default: null description: - A DN to bind with. If this is omitted, we'll try a SASL bind with the EXTERNAL mechanism. If this is blank, we'll use an anonymous bind. required: false bind_pw: default: null description: - The password to use with I(bind_dn). required: false start_tls: choices: - 'yes' - 'no' default: 'no' description: - If true, we'll use the START_TLS LDAP extension. required: false attributes: default: null description: - If I(state=present), attributes necessary to create an entry. Existing entries are never modified. To assert specific attribute values on an existing entry, use M(ldap_attr) module instead. required: false server_uri: default: ldapi:/// description: - A URI to the LDAP server. The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location. required: false objectClass: default: null description: - If I(state=present), value or list of values to use when creating the entry. It can either be a string or an actual list of strings. required: false validate_certs: choices: - 'yes' - 'no' default: 'yes' description: - If C(no), SSL certificates will not be validated. This should only be used on sites using self-signed certificates. required: false version_added: '2.4' version_added_collection: ansible.builtin