bennojoy / openldap_server Goto Github PK

The "Role Variables" section in the README is missing underscores after openldap_server in every variable. The examples below it are correct.

OS: CentOS 7
Ansible: 2.7
Python: 3.7

Been testing a new configuration and using this role has gotten me closer to anything else. My only issue is the default "bdb" backend has been causing a number of issues, especially on the last task ("add the base domain").

After a few hours of searching, decided to try changing the backend to "mdb" and everything works well. Re-running this role with the "slapd.conf.j2" file updated to use a different backend has resolved the issue.

Deployed a xenial droplet on digitalocean, installed python, created ansible.cfg so I could specify the user and private key file, installed python to bypass first error, now this...

failed: [###.###.###.###] (item=[u'openldap_server_pkgs']) => {"failed": true, "item": ["openldap_server_pkgs"], "msg": "No package matching 'openldap_server_pkgs' is available"}

I believe it's called slapd in xenial, I'll try to take a look and PR when I have some time

My current challenge is installing the Client and I'm not clear which certificate file needs to be copied onto the client. Do you have an ansible playbook or role you can share for install on an Amazon Linux box so the client can authenticate against the OpenLdap Server?

So in centos7, it can't start ldap/slapd service properly.

TASK: [bennojoy.openldap_server | start the slapd service] ********************
failed: [localhost] => {"failed": true}
msg: no service or tool found for: slapd

FATAL: all hosts have already failed -- aborting

PLAY RECAP ********************************************************************
           to retry, use: --limit @/root/openldap.retry

I confirm, start it manually by command `slapd -h "ldaps:///" is fine.

Hello,

I'm facing this error :

TASK [openldap_server : add the base domain] ********************************************************************************************************************************************************************************************************************************************************************************
fatal: [hdp-master]: FAILED! => {"changed": true, "cmd": "ldapadd -x -D "cn=Manager,dc=opstake,dc=com" -w passme -f /tmp/domain.ldif && touch /etc/openldap//rootdn_created", "delta": "0:00:00.006919", "end": "2017-07-19 03:21:03.280388", "failed": true, "rc": 255, "start": "2017-07-19 03:21:03.273469", "stderr": "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)", "stderr_lines": ["ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"], "stdout": "", "stdout_lines": []}

• CentOS Linux release 7.3.1611 (Core)
• ansible 2.3.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]

Best regards,
Yasser

Ideally some sort of build testing (eg: TravisCI) should be implemented to validate that any PR's to this repository result in a functional role.

There is a task that copies ldap file when ldaps is enabled.
copy: src=ldap dest=/etc/sysconfig/ldap mode=0755

Generated private key has 644 permissions.