0

To deploy the ldap.conf with Ansible, I have to create one variable from an array, to use in a template ldap.conf.j2:

nss_base_group          {{ ldap_base_group }}

The variable array:

---
ldap_groups: [ 'ORACLE', 'MY_SQL', 'POSTGR' ]

This has to result in one parameter, enhanced with al lot of static characters:

ldap_base_group:"dc=foo,dc=com?sub?(&(|(memberof:1.2.654.123456.1.5.2468:=cn=ORACLE,ou=Groups,dc=foo,dc=com)(memberof:1.2.654.123456.1.5.2468:=cn=MY_SQL,ou=Groups,dc=foo,dc=com)(memberof:1.2.654.123456.1.5.2468:=cn=POSTGR,ou=Groups,dc=foo,dc=com))(!(userAccountControl:1.2.654.123456.1.5.654:=2)))"

This is the same parameter made readable (not usable because of newlines, spaces etc):

ldap_base_group: "dc=foo,dc=com?sub?
(&
    (|
            (memberof:1.2.654.123456.1.5.2468:=cn=ORACLE,ou=Groups,dc=foo,dc=com)
            (memberof:1.2.654.123456.1.5.2468:=cn=MY_SQL,ou=Groups,dc=foo,dc=com)
            (memberof:1.2.654.123456.1.5.2468:=cn=POSTGR,ou=Groups,dc=foo,dc=com)
    )
    (!
            (userAccountControl:1.2.654.123456.1.5.654:=2)
    )
)"

Does anyone has found a nice solution to do this in Ansible? Maybe there is an other way to do this, I am eager to know alternatives too.

Improve this question

1 Answer 1

Reset to default
2

If you template this you should be able to do something along these lines:

ldap_base_group: "dc=foo,dc=com?sub?
(&
    (|
    {% for group in ldap_groups %}
            (memberof:1.2.654.123456.1.5.2468:=cn={{ group }},ou=Groups,dc=foo,dc=com)
    {% endfor %}
    )
    (!
            (userAccountControl:1.2.654.123456.1.5.654:=2)
    )
)"

If you need everything in a single line then just flattening this out should work fine.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks a lot! I've put it in the vars-dir and removed the newlines and the spaces outside the {{ }}. It works perfect!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.