initial commit, work on opendoor

tasks/ldap_user_inc.yml

@@ -0,0 +1,33 @@
+---
+  - name: add ldap ou
+    community.general.ldap_entry:
+      dn: "ou={{ org }},{{ ldap_base }}"
+      bind_dn: "{{ binddn }}"
+      bind_pw: "{{ bindpwd }}"
+      objectClass:
+       - organizationalUnit
+       - top
+
+  - name: add ldap account
+    vars:
+      firstname: "{{ item.firstname }}"
+      lastname: "{{ item.lastname }}"
+      email: "{{ item.email }}"
+      password: "{{ item.password }}"
+    community.general.ldap_entry:
+      bind_dn: "{{ binddn }}"
+      bind_pw: "{{ bindpwd }}"
+      dn: "uid={{ firstname |lower }}, ou={{ org }},{{ ldap_base }}"
+      state: present
+      objectClass:
+         - inetorgperson
+         - inetLocalMailRecipient
+      attributes:
+        givenName: "{{ firstname }}"
+        sn: "{{ lastname | default( firstname ) }}"
+        cn: "{{ firstname }}"
+        mail: "{{ email }}"
+        uid: "{{ firstname | lower }}"
+        PreferredDeliveryMethod: any
+        displayName: "{{ firstname }} {{ lastname }}"
+        userPassword: "{{ password }}"

tasks/main.yml

@@ -0,0 +1,20 @@
+---
+# ansible-playbook /etc/ansible/Playbooks/new_ldap_user.yml  -K --ask-vault-pass
+# --extra-vars="file=account.csv"
+  - name: set some vars
+    ansible.builtin.set_fact:
+      binddn: "{{ lookup( 'viczem.keepass.keepass', 'opendoor/collidine_ldap_password', 'username' ) }}"
+      bindpwd:  "{{ lookup( 'viczem.keepass.keepass', 'opendoor/collidine_ldap_password', 'password' ) }}"
+    tags: always
+    when: binddn is not defined
+
+  - name: read csv file
+    community.general.read_csv:
+      path: '{{ file|default( "account.csv" ) }}'
+    register: users
+    delegate_to: localhost
+
+  - include_tasks: ldap_user_inc.yml
+    loop: "{{ users.list }}"
+
+