Changeset - f7fe8adec8d3
Parent rev.
Child rev.
[Not reviewed]
0 2 0
Branko Majic (branko) - 9 years ago 2015-03-08 11:22:38
branko@majic.rs
MAR-1: Updated documentation about memberof overlay. Updated configuration of the memberof overlay.
2 files changed with 8 insertions and 0 deletions:
docs/rolereference.rst
5
roles/ldap_server/tasks/main.yml
3
0 comments (0 inline, 0 general)
docs/rolereference.rst
Show inline comments
 
@@ -348,6 +348,11 @@ The role implements the following:
 
* Configures OpenLDAP server (base DN - domain, organisation, TLS, SSF, log levels).
 
* Sets-up separate log file for OpenLDAP server at ``/var/log/slapd.log`` (with
 
  log rotation included).
 
* Enables the ``memberof`` overlay on top of default database. The overlay is
 
  configured to keep track of membership changes for object class
 
  ``groupOfUniqueNames`` via attribute ``uniqueMember``. Enforcement of
 
  referential integrity is turned on as well (modifications of ``memberof``
 
  attribute will update corresponding group as well.
 
* Configures permissions.
 
* Creates LDAP entries.
 

			




        

    


    
    

    

        

                

                    roles/ldap_server/tasks/main.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -54,6 +54,9 @@

			




	
	
	
		
 
      - olcMemberOf

			




	
	
	
		
 
      - olcOverlayConfig

			




	
	
	
		
 
    olcOverlay: memberof

			




	
	
	
		
 
    olcMemberOfRefInt: "TRUE"

			




	
	
	
		
 
    olcMemberOfGroupOC: groupOfUniqueNames

			




	
	
	
		
 
    olcMemberOfMemberAD: uniqueMember

			




	
	
	
		
 

			




	
	
	
		
 
- name: Apply database permissions

			




	
	
	
		
 
  ldap_permissions:

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.