community / community.general / 1.3.11 / module / ldap_entry Add or remove LDAP entries. Authors: Jiri Tyr (@jtyr)community.general.ldap_entry (1.3.11) — module
Install with ansible-galaxy collection install community.general:==1.3.11
collections: - name: community.general version: 1.3.11
Add or remove LDAP entries. This module only asserts the existence or non-existence of an LDAP entry, not its attributes. To assert the attribute values of an entry, see M(community.general.ldap_attr).
- name: Make sure we have a parent entry for users community.general.ldap_entry: dn: ou=users,dc=example,dc=com objectClass: organizationalUnit
- name: Make sure we have an admin user community.general.ldap_entry: dn: cn=admin,dc=example,dc=com objectClass: - simpleSecurityObject - organizationalRole attributes: description: An LDAP administrator userPassword: "{SSHA}tabyipcHzhwESzRaGA7oQ/SDoBZQOGND"
- name: Get rid of an old entry community.general.ldap_entry: dn: ou=stuff,dc=example,dc=com state: absent server_uri: ldap://localhost/ bind_dn: cn=admin,dc=example,dc=com bind_pw: password
# # The same as in the previous example but with the authentication details # stored in the ldap_auth variable: # # ldap_auth: # server_uri: ldap://localhost/ # bind_dn: cn=admin,dc=example,dc=com # bind_pw: password # # In the example below, 'args' is a task keyword, passed at the same level as the module - name: Get rid of an old entry community.general.ldap_entry: dn: ou=stuff,dc=example,dc=com state: absent args: "{{ ldap_auth }}"
dn: description: - The DN of the entry to add or remove. required: true type: str state: choices: - present - absent default: present description: - The target state of the entry. bind_dn: description: - A DN to bind with. If this is omitted, we'll try a SASL bind with the EXTERNAL mechanism. - If this is blank, we'll use an anonymous bind. type: str bind_pw: description: - The password to use with I(bind_dn). type: str start_tls: default: false description: - If true, we'll use the START_TLS LDAP extension. type: bool attributes: description: - If I(state=present), attributes necessary to create an entry. Existing entries are never modified. To assert specific attribute values on an existing entry, use M(community.general.ldap_attr) module instead. type: dict server_uri: default: ldapi:/// description: - A URI to the LDAP server. - The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location. type: str objectClass: description: - If I(state=present), value or list of values to use when creating the entry. It can either be a string or an actual list of strings. elements: str type: list validate_certs: default: true description: - If set to C(no), SSL certificates will not be validated. - This should only be used on sites using self-signed certificates. type: bool