Commit 48ceffee authored by Imran Hussain's avatar Imran Hussain

Tweak the ldap-server-ssl role to now configure the server to only communicate...

Tweak the ldap-server-ssl role to now configure the server to only communicate via tls, starttls or ldaps
parent 950482dd
dn: cn=config
changetype: modify
replace: olcSecurity
olcSecurity: tls=1
\ No newline at end of file
- name: copy the ldif
- name: copy the ldif to enable tls
copy:
src: ldaps.ldif
dest: /tmp
- name: execute the ldif/change
- name: copy the ldif to force tls
copy:
src: ldaps-force.ldif
dest: /tmp
- name: enable tls
command: ldapmodify -x -D "cn=admin,dc=sucs,dc=org" -w {{ ldap_password }} -f /tmp/ldaps.ldif
- name: force tls
command: ldapmodify -x -D "cn=admin,dc=sucs,dc=org" -w {{ ldap_password }} -f /tmp/ldaps-force.ldif
- name: deploy new sldap file to enable ldaps://
template:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment