now we can set up server uri, group and user branches

README.md

@@ -12,8 +12,10 @@ Role Variables
 --------------
 
   * org: no default
-  * ldap_base - from group variables
-  * ldap_group_dn - from group variables
+  * nlu_ldap_base - from group variables
+  * nlu_ldap_group_dn - from group variables
+  * nlu_ldap_user_dn - default to ou={{ org }},{{ nlu_ldap_base }}
+  * nlu_ldap_uri - default ldapi:///
   * nlu_dn_attribute - firstname or email - default to email
   * binddn - from group variables
   * bindpwd - from group variables

defaults/main.yml

@@ -1,3 +1,5 @@
 ---
 # defaults file for tco.new_ldap_user
 nlu_dn_attribute: email
+nlu_ldap_uri: ldapi:///
+nlu_ldap_user_dn: "ou={{ org }},{{ nlu_ldap_base }}"

tasks/ldap_user_inc.yml

@@ -5,13 +5,14 @@
       lastname: "{{ item.lastname }}"
       email: "{{ item.email }}"
       group: "{{ item.group | default ('') }}"
-      dn: "uid={{ item[ nlu_dn_attribute ] |lower }},ou={{ org }},{{ ldap_base }}"
+      dn: "uid={{ item[ nlu_dn_attribute ] |lower }},{{ nlu_ldap_user_dn }}"
       password: "{{ (item.password=='')| ternary(lookup('community.general.random_string', min_lower=1, min_upper=1, special=false,min_numeric=1, length=14), item.password ) }}"
 
   - name: "add ldap account {{dn }}"
     community.general.ldap_entry:
-      bind_dn: "{{ ldap_binddn }}"
-      bind_pw: "{{ ldap_bindpwd }}"
+      server_uri: "{{ nlu_ldap_uri }}"
+      bind_dn: "{{ nlu_ldap_binddn }}"
+      bind_pw: "{{ nlu_ldap_bindpw }}"
       dn: "{{ dn }} "
       state: present
       objectClass:
@@ -27,16 +28,13 @@
         userPassword: "{{ password }}"
     register: result
 
-  - name: debug
-    ansible.builtin.debug:
-      msg: "group is =={{ group }}=="
-
   - name: "add account to group"
     when: group != ""
     community.general.ldap_attrs:
-      dn: "cn={{ group }},{{ ldap_group_dn }}"
-      bind_dn: "{{ ldap_binddn }}"
-      bind_pw: "{{ ldap_bindpwd }}"
+      server_uri: "{{ nlu_ldap_uri }}"
+      dn: "cn={{ group }},{{ nlu_ldap_group_dn }}"
+      bind_dn: "{{ nlu_ldap_binddn }}"
+      bind_pw: "{{ nlu_ldap_bindpw }}"
       attributes:
         member: "{{ dn }}"
 
@@ -45,7 +43,7 @@
       path: "tmppassword.csv"
       state: present
       create: true
-      line: "{{ firstname | lower }},{{ password }}"
+      line: "{{ item[ nlu_dn_attribute ] }},{{ password }}"
     delegate_to: localhost
     become: false
     when: result.changed

tasks/main.yml

@@ -1,9 +1,10 @@
 ---
   - name: "add ldap ou ou={{ org }},{{ ldap_base }}"
     community.general.ldap_entry:
-      dn: "ou={{ org }},{{ ldap_base }}"
-      bind_dn: "{{ ldap_binddn }}"
-      bind_pw: "{{ ldap_bindpwd }}"
+      server_uri: "{{ nlu_ldap_uri }}"
+      dn: "ou={{ org }},{{ nlu_ldap_base }}"
+      bind_dn: "{{ nlu_ldap_binddn }}"
+      bind_pw: "{{ nlu_ldap_bindpw }}"
       objectClass:
        - organizationalUnit
        - top