Files
@ e3eaa053564d
Branch filter:
Location: majic-ansible-roles/roles/ldap_server/defaults/main.yml - annotation
e3eaa053564d
1022 B
text/x-yaml
MAR-162: Make the ldap_server_tls_certificate ldap_server_tls_key parameters mandatory:
- Updated release notes.
- Updated role reference documentation.
- Updated usage instructions to cover set-up of CA hierarchy earlier on
in the process.
- Updated release notes.
- Updated role reference documentation.
- Updated usage instructions to cover set-up of CA hierarchy earlier on
in the process.
99edcba90842 99edcba90842 c082a26b62ff 99edcba90842 ddfeb485fb84 99edcba90842 99edcba90842 99edcba90842 99edcba90842 99edcba90842 9f804c9501da 9f804c9501da 99edcba90842 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 63d26c0b3d86 55dd00900508 63d26c0b3d86 430eb250e244 c082a26b62ff c082a26b62ff | ---
enable_backup: false
ldap_entries: []
ldap_server_domain: "{{ ansible_domain }}"
# Internal value, base DN.
ldap_server_int_basedn: "{{ ldap_server_domain | regex_replace('\\.', ',dc=') | regex_replace('^', 'dc=') }}"
ldap_server_organization: "Private"
ldap_server_log_level: 256
ldap_server_ssf: 128
ldap_server_consumers: []
ldap_server_groups: []
ldap_permissions:
- >
to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by dn="cn=admin,{{ ldap_server_int_basedn }}" manage
by * break
- >
to attrs=userPassword,shadowLastChange
by self write
by anonymous auth
by * none
- >
to dn.base=""
by * read
- >
to *
by self write
by dn="cn=admin,{{ ldap_server_int_basedn }}" write
by users read
by * none
ldap_tls_ciphers: "NONE:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:\
+SIGN-RSA-SHA512:+DHE-RSA:+ECDHE-RSA:+SHA256:+SHA384:+AEAD:+AES-128-GCM:+AES-128-CBC:+AES-256-GCM:+AES-256-CBC:+CURVE-ALL"
|