39 lines
1.2 KiB
YAML
39 lines
1.2 KiB
YAML
---
|
|
- name: set vars
|
|
ansible.builtin.set_fact:
|
|
firstname: "{{ item.firstname }}"
|
|
lastname: "{{ item.lastname }}"
|
|
email: "{{ item.email }}"
|
|
dn: "uid={{ item.firstname |lower }}, ou={{ org }},{{ ldap_base }}"
|
|
password: "{{ (item.password=='')| ternary(lookup('community.general.random_string', min_lower=1, min_upper=1, special=false,min_numeric=1, length=14), item.password ) }}"
|
|
|
|
- name: "add ldap account {{dn }}"
|
|
community.general.ldap_entry:
|
|
bind_dn: "{{ binddn }}"
|
|
bind_pw: "{{ bindpwd }}"
|
|
dn: "{{ dn }} "
|
|
state: present
|
|
objectClass:
|
|
- inetorgperson
|
|
- inetLocalMailRecipient
|
|
attributes:
|
|
givenName: "{{ firstname }}"
|
|
sn: "{{ lastname | default( firstname ) }}"
|
|
cn: "{{ firstname }}"
|
|
mail: "{{ email }}"
|
|
uid: "{{ firstname | lower }}"
|
|
PreferredDeliveryMethod: any
|
|
displayName: "{{ firstname }} {{ lastname }}"
|
|
userPassword: "{{ password }}"
|
|
register: result
|
|
|
|
- name: "account recap"
|
|
ansible.builtin.lineinfile:
|
|
path: "tmppassword.csv"
|
|
state: present
|
|
create: true
|
|
line: "{{ firstname | lower }},{{ password }}"
|
|
delegate_to: localhost
|
|
become: false
|
|
when: result.changed
|