summaryrefslogtreecommitdiffstats
path: root/roles/LDAP-provider/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/LDAP-provider/tasks/main.yml')
-rw-r--r--roles/LDAP-provider/tasks/main.yml10
1 files changed, 8 insertions, 2 deletions
diff --git a/roles/LDAP-provider/tasks/main.yml b/roles/LDAP-provider/tasks/main.yml
index 3f7f29f..9bc227e 100644
--- a/roles/LDAP-provider/tasks/main.yml
+++ b/roles/LDAP-provider/tasks/main.yml
@@ -1,15 +1,21 @@
- name: Load and configure the syncprov overlay
openldap: module=syncprov
suffix=dc=fripost,dc=org
target=etc/ldap/syncprov.ldif
local=file
+## XXX should be /etc/sasl2/slapd.conf ideally, but it doesn't work with
+## Stretch, cf #211156 and #798462:
+## ldapsearch -LLLx -H ldapi:// -b "" -s base supportedSASLMechanisms
- name: Enable the EXTERNAL SASL mechanism
lineinfile: dest=/usr/lib/sasl2/slapd.conf
- regexp='^mech_list'':'
- line=mech_list':'' EXTERNAL'
+ regexp='^mech_list{{':'}}'
+ line='mech_list{{':'}} EXTERNAL'
create=yes
owner=root group=root
mode=0644
+#- name: Load dyngroup schema
+# openldap: target=/etc/ldap/schema/dyngroup.ldif
+
# TODO: authz constraint
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-29 10:19:19 +0000