make it work on debian

tasks/import_ldap_schema.yml

@@ -4,6 +4,6 @@
   changed_when: false
 
 - name: import additional schemas
-  command: "ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/{{ schema }}.ldif"
+  command: "ldapadd -Y EXTERNAL -H ldapi:/// -f {{ ldap_config_dir }}/schema/{{ schema }}.ldif"
   when: schema not in ldap_schema_list.stdout
 

tasks/main.yml

@@ -23,7 +23,7 @@
 - name: configure client
   template:
     src: ldap.conf
-    dest: /etc/openldap/ldap.conf
+    dest: "{{ ldap_config_dir }}/ldap.conf"
     mode: 0644
 
 - name: activate service
@@ -36,47 +36,16 @@
   block:
   - name: remove existing acl
     ldap_attr:
-      dn: olcDatabase={2}hdb,cn=config
+      dn: "{{ ldap_database }},cn=config"
       name: olcaccess
       values: []
       state: exact
 
-  - name: admin, suffix and cache
-    ldap_attr:
-      dn: olcDatabase={2}hdb,cn=config
-      name: "{{ item.key }}"
-      values: "{{ item.value }}"
-      state: exact
-    with_dict:
-      olcSuffix: "{{ ldap_suffix }}"
-      olcRootDN: "{{ ldap_admin_dn }}"
-      olcRootPW: "{{ ldap_admin_password }}"
-      olcDbCheckpoint: "{{ ldap_checkpoint }}"
-      olcDbCacheSize: "{{ ldap_cache_size }}"
-      olcDbIDLCacheSize: "{{ ldap_idlcache_size }}"
-      olcAccess:
-        - >-
-          {0}to attrs=userPassword,mail
-          by self write
-          by anonymous auth
-          by * none
-        - >-
-          {1}to dn.sub={{ ldap_suffix }}
-          by users read
-          by * none
-    ignore_errors: true
-
-  - name: remove existing indexes
-    ldap_attr:
-      dn: olcDatabase={2}hdb,cn=config
-      values: []
-      name: olcDbIndex
-      state: exact
-
   - name: add indexes
     ldap_attr:
-      dn: olcDatabase={2}hdb,cn=config
+      dn: "{{ ldap_database }},cn=config"
       name: "olcDbIndex"
+      state: exact
       values: "{{ item }}"
     loop:
       - objectClass pres,eq
@@ -95,6 +64,7 @@
   loop:
   - olcDatabase={0}config,cn=config
   - olcDatabase={1}monitor,cn=config
+  ignore_errors: true
 
 - name: load additionnal schema
   include_tasks: import_ldap_schema.yml

tasks/replication_consumer.yml

@@ -1,7 +1,7 @@
 ---
 - name: add synrepl entry
   ldap_attr:
-    dn: olcDatabase={2}hdb,cn=config
+    dn: "{{ ldap_database }},cn=config"
     name: "{{ item.name }}"
     values: "{{ item.value }}"
   loop:

tasks/replication_provider.yml

@@ -23,7 +23,7 @@
 
 - name: add syncprov overlay config
   ldap_entry:
-    dn: olcOverlay=syncprov,olcDatabase={2}hdb,cn=config
+    dn: "olcOverlay=syncprov,{{ ldap_database }},cn=config"
     objectClass: olcSyncProvConfig
     attributes:
       olcOverlay: syncprov
@@ -38,7 +38,7 @@
 
 - name: add indexes for replication
   ldap_attr:
-    dn: olcdatabase={2}hdb,cn=config
+    dn: "{{ ldap_database }},cn=config"
     name: olcDbIndex
     values:
     - entryUUID eq