community.general.ldap_attrs attributes

tasks/main.yml

@@ -10,41 +10,37 @@
 
 - name: fix acl
   community.general.ldap_attrs:
-    name: olcAccess
     dn: olcDatabase={1}mdb,cn=config
     state: exact
-    values:
+    attributes:
-    - >-
+      olcAccess:
-      {0}to attrs=userPassword,shadowLastChange
+      - >-
-      by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth write
+        {0}to attrs=userPassword,shadowLastChange
-      by self write
+        by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth write
-      by anonymous auth
+        by self write
-      by * none
+        by anonymous auth
-    - >-
+        by * none
-      {1}to dn.base="" by * read
+      - >-
-    - >-
+        {1}to dn.base="" by * read
-      {2}to *
+      - >-
-      by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth write
+        {2}to *
-      by * read
+        by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth write
+        by * read
 - name: set crypto
   community.general.ldap_attrs:
     dn: cn=config
-    name: "{{item.key}}"
     state: exact
-    values: "{{item.value}}"
+    attributes:
-  with_dict:
+      olcPasswordHash: '{CRYPT}'
-    olcPasswordHash: '{CRYPT}'
+      olcPasswordCryptSaltFormat: "$6$rounds=8000$%.16s"
-    olcPasswordCryptSaltFormat: "$6$rounds=8000$%.16s"
 
 - name: set base DN
   community.general.ldap_attrs:
     dn: 'olcDatabase={{"{"+(ldap_database_index|default(1)|string)+"}"}}mdb,cn=config'
-    name: "{{item.key}}"
     state: exact
-    values: "{{item.value}}"
+    attributes:
-  with_dict:
+      olcSuffix: "{{ldap_basedn}}"
-    olcSuffix: "{{ldap_basedn}}"
+      olcRootDN: "cn=root,{{ldap_basedn}}"
-    olcRootDN: "cn=root,{{ldap_basedn}}"
 
 - name: base DN exists?
   shell: ldapsearch -H ldapi:// -Y external -LLL -b {{ldap_basedn|quote}}