50 lines
1.6 KiB
YAML
50 lines
1.6 KiB
YAML
---
|
|
- name: set vars
|
|
ansible.builtin.set_fact:
|
|
firstname: "{{ item.firstname }}"
|
|
lastname: "{{ item.lastname }}"
|
|
email: "{{ item.email }}"
|
|
group: "{{ item.group | default ('') }}"
|
|
dn: "uid={{ item[ nlu_dn_attribute ] |lower }},{{ nlu_ldap_user_dn }}"
|
|
password: "{{ (item.password=='')| ternary(lookup('community.general.random_string', min_lower=1, min_upper=1, special=false,min_numeric=1, length=14), item.password ) }}"
|
|
|
|
- name: "add ldap account {{dn }}"
|
|
community.general.ldap_entry:
|
|
server_uri: "{{ nlu_ldap_uri }}"
|
|
bind_dn: "{{ nlu_ldap_binddn }}"
|
|
bind_pw: "{{ nlu_ldap_bindpw }}"
|
|
dn: "{{ dn }} "
|
|
state: present
|
|
objectClass:
|
|
- inetorgperson
|
|
- inetLocalMailRecipient
|
|
attributes:
|
|
givenName: "{{ firstname }}"
|
|
sn: "{{ lastname | default( firstname ) }}"
|
|
cn: "{{ firstname }}"
|
|
mail: "{{ email }}"
|
|
PreferredDeliveryMethod: any
|
|
displayName: "{{ firstname }} {{ lastname }}"
|
|
userPassword: "{{ password }}"
|
|
register: result
|
|
|
|
- name: "add account to group"
|
|
when: group != ""
|
|
community.general.ldap_attrs:
|
|
server_uri: "{{ nlu_ldap_uri }}"
|
|
dn: "cn={{ group }},{{ nlu_ldap_group_dn }}"
|
|
bind_dn: "{{ nlu_ldap_binddn }}"
|
|
bind_pw: "{{ nlu_ldap_bindpw }}"
|
|
attributes:
|
|
member: "{{ dn }}"
|
|
|
|
- name: "account recap"
|
|
ansible.builtin.lineinfile:
|
|
path: "tmppassword.csv"
|
|
state: present
|
|
create: true
|
|
line: "{{ item[ nlu_dn_attribute ] }},{{ password }}"
|
|
delegate_to: localhost
|
|
become: false
|
|
when: result.changed
|