thulium_drake.ldap

Panoramica Versioni Approfondimenti

Build Status

LDAP Role

This role helps connect a Debian or RedHat machine to an LDAP directory.

Setup Steps

This role sets up the following programs for LDAP authentication:

  • Oddjob (only for RHEL)
  • OpenLDAP (supports only plain LDAP or STARTTLS)
  • PAM
  • SSSD
  • AutoFS (if enabled)

It also configures sudo permissions for a specific LDAP group. The default permissions for this group is:

ALL=(ALL) ALL:NOPASSWD

Server

You can also use this role to install an LDAP server on Debian 10. Ubuntu 18.04, 20.04, and CentOS 7, 8 are not supported.

The server installation includes good settings for SSL and LDAP security.

The client part of this role works well and can be used immediately.

How to Use

  • Install the role (from Galaxy or GitHub)
  • Copy the defaults file to your inventory (or wherever you store your files) and fill it out
  • Add the role to your main playbook
  • Run Ansible
  • ???
  • Benefit!

Removing Client Configuration

If you need to remove the LDAP setup from a system, you can run the remove.yml tasks to undo what this role did.

If you run this role to remove LDAP configurations, make SURE you can log in as root without sudo.

Informazioni sul progetto

LDAP authentication (client and server)

role ldap authentication pam sssd client server sudo autofs
Installa
ansible-galaxy install thulium_drake.ldap
GitHub repository
3 stelle
2 fork
0 problemi aperti
Licenza
gpl-3.0
Download
1.7k
Proprietario