community / community.general / 8.5.0 / module / ldap_search Search for entries in a LDAP server | "added in version" 0.2.0 of community.general" Authors: Sebastian Pfahl (@eryx12o45)community.general.ldap_search (8.5.0) — module
Install with ansible-galaxy collection install community.general:==8.5.0
collections: - name: community.general version: 8.5.0
Return the results of an LDAP search.
- name: Return all entries within the 'groups' organizational unit. community.general.ldap_search: dn: "ou=groups,dc=example,dc=com" register: ldap_groups
- name: Return GIDs for all groups community.general.ldap_search: dn: "ou=groups,dc=example,dc=com" scope: "onelevel" attrs: - "gidNumber" register: ldap_group_gids
dn: description: - The LDAP DN to search in. required: true type: str attrs: description: - A list of attributes for limiting the result. Use an actual list or a comma-separated string. elements: str type: list scope: choices: - base - onelevel - subordinate - children default: base description: - The LDAP scope to use. type: str filter: default: (objectClass=*) description: - Used for filtering the LDAP search result. type: str schema: default: false description: - Set to V(true) to return the full attribute schema of entries, not their attribute values. Overrides O(attrs) when provided. type: bool bind_dn: description: - A DN to bind with. If this is omitted, we'll try a SASL bind with the EXTERNAL mechanism as default. - If this is blank, we'll use an anonymous bind. type: str bind_pw: default: '' description: - The password to use with O(bind_dn). type: str ca_path: description: - Set the path to PEM file with CA certs. type: path version_added: 6.5.0 version_added_collection: community.general page_size: default: 0 description: - The page size when performing a simple paged result search (RFC 2696). This setting can be tuned to reduce issues with timeouts and server limits. - Setting the page size to V(0) (default) disables paged searching. type: int version_added: 7.1.0 version_added_collection: community.general start_tls: default: false description: - If true, we'll use the START_TLS LDAP extension. type: bool client_key: description: - PEM formatted file that contains your private key to be used for SSL client authentication. - Required if O(client_cert) is defined. type: path version_added: 7.1.0 version_added_collection: community.general sasl_class: choices: - external - gssapi default: external description: - The class to use for SASL authentication. type: str version_added: 2.0.0 version_added_collection: community.general server_uri: default: ldapi:/// description: - The O(server_uri) parameter may be a comma- or whitespace-separated list of URIs containing only the schema, the host, and the port fields. - The default value lets the underlying LDAP client library look for a UNIX domain socket in its default location. - Note that when using multiple URIs you cannot determine to which URI your client gets connected. - For URIs containing additional fields, particularly when using commas, behavior is undefined. type: str client_cert: description: - PEM formatted certificate chain file to be used for SSL client authentication. - Required if O(client_key) is defined. type: path version_added: 7.1.0 version_added_collection: community.general validate_certs: default: true description: - If set to V(false), SSL certificates will not be validated. - This should only be used on sites using self-signed certificates. type: bool xorder_discovery: choices: - enable - auto - disable default: auto description: - Set the behavior on how to process Xordered DNs. - V(enable) will perform a C(ONELEVEL) search below the superior RDN to find the matching DN. - V(disable) will always use the DN unmodified (as passed by the O(dn) parameter). - V(auto) will only perform a search if the first RDN does not contain an index number (C({x})). type: str version_added: 6.4.0 version_added_collection: community.general base64_attributes: description: - If provided, all attribute values returned that are listed in this option will be Base64 encoded. - If the special value V(*) appears in this list, all attributes will be Base64 encoded. - All other attribute values will be converted to UTF-8 strings. If they contain binary data, please note that invalid UTF-8 bytes will be omitted. elements: str type: list version_added: 7.0.0 version_added_collection: community.general referrals_chasing: choices: - disabled - anonymous default: anonymous description: - Set the referrals chasing behavior. - V(anonymous) follow referrals anonymously. This is the default behavior. - V(disabled) disable referrals chasing. This sets C(OPT_REFERRALS) to off. type: str version_added: 2.0.0 version_added_collection: community.general