LDAP: Update role to Debian Buster.

author: Guilhem Moulin <guilhem@fripost.org> 2020-05-19 06:11:29 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2020-05-19 06:36:36 +0200
commit: 7249ebbf9237afe6cccb6069d8c910b4a5975cdf (patch)
tree: e784d680fe08acc2bb0bb68d769a4b9e5eb53cbc /roles/LDAP-provider/tasks/main.yml
parent: c9ecd815b4b77a57589f3588eba6c7d8ddfac020 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/roles/LDAP-provider/tasks/main.yml b/roles/LDAP-provider/tasks/main.yml
index af46c51..9bc227e 100644
--- a/roles/LDAP-provider/tasks/main.yml
+++ b/roles/LDAP-provider/tasks/main.yml
@@ -1,18 +1,21 @@
 - name: Load and configure the syncprov overlay
   openldap: module=syncprov
             suffix=dc=fripost,dc=org
             target=etc/ldap/syncprov.ldif
             local=file
 
+## XXX should be /etc/sasl2/slapd.conf ideally, but it doesn't work with
+## Stretch, cf #211156 and #798462:
+##   ldapsearch -LLLx -H ldapi:// -b "" -s base supportedSASLMechanisms
 - name: Enable the EXTERNAL SASL mechanism
   lineinfile: dest=/usr/lib/sasl2/slapd.conf
               regexp='^mech_list{{':'}}'
               line='mech_list{{':'}} EXTERNAL'
               create=yes
               owner=root group=root
               mode=0644
 
 #- name: Load dyngroup schema
 #  openldap: target=/etc/ldap/schema/dyngroup.ldif
 
 # TODO: authz constraint
author	Guilhem Moulin <guilhem@fripost.org>	2020-05-19 06:11:29 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2020-05-19 06:36:36 +0200
commit	7249ebbf9237afe6cccb6069d8c910b4a5975cdf (patch)
tree	e784d680fe08acc2bb0bb68d769a4b9e5eb53cbc /roles/LDAP-provider/tasks/main.yml
parent	c9ecd815b4b77a57589f3588eba6c7d8ddfac020 (diff)