- hosts: servers
# hosts: localhost
become: True
become_user: root
# gather_facts: false
vars:
# Password
ldap_password_line: 'bindpw <PASSWORD, CHANGE ME!>'
# BindDN
ldap_binddn_line: 'binddn <CHANGE ME!>'
rhel5_files:
- file: /etc/ldap.conf_new
files:
- file: /etc/pam_ldap.conf_new
- file: /etc/nslcd.conf_new
files_ldap:
- dest: '/etc/ldap.conf_new'
regexp: '^binddn'
line: "{{ ldap_binddn_line }}"
- dest: '/etc/ldap.conf_new'
regexp: '^bindpw'
line: "{{ ldap_password_line }}"
files_pam_ldap:
- dest: '/etc/pam_ldap.conf_new'
regexp: '^binddn'
line: "{{ ldap_binddn_line }}"
- dest: '/etc/pam_ldap.conf_new'
regexp: '^bindpw'
line: "{{ ldap_password_line }}"
files_nslcd:
- dest: '/etc/nslcd.conf_new'
regexp: '^binddn'
line: "{{ ldap_binddn_line }}"
- dest: '/etc/nslcd.conf_new'
regexp: '^bindpw'
line: "{{ ldap_password_line }}"
##############
# Update files
##############
# RHEL 5 Add new lines in a block in ldap.conf_new
- name: RHEL 5 Add new lines in a block in ldap.conf_new
blockinfile:
dest: "{{ item.file }}"
state: present
create: yes
insertbefore: EOF
marker: "# {mark} MANAGED BY ANSIBLE"
block: |
binddn <CHANGE ME!>
bindpw <PASSWORD, CHANGE ME!>
with_items: "{{ rhel5_files }}"
when: "ansible_distribution_major_version == '5'"
# RHEL 6 and 7 Add new lines in a block in pam_ldap.conf_new and /etc/nslcd.conf_new
- name: RHEL 6 and 7 Add new lines in a block in pam_ldap.conf_new and /etc/nslcd.conf_new
blockinfile:
dest: "{{ item.file }}"
state: present
create: yes
insertbefore: EOF
marker: "# {mark} MANAGED BY ANSIBLE"
block: |
binddn <CHANGE ME!>
bindpw <PASSWORD, CHANGE ME!>
with_items: "{{ files }}"
when: (ansible_facts['distribution_major_version'] == "6") or (ansible_facts['distribution_major_version'] == "7")