- hosts: servers
# hosts: localhost
become: True
become_user: root
# gather_facts: false
vars:
# Password
ldap_password_line: 'bindpw <PASSWORD, CHANGE ME!>'
# BindDN
ldap_binddn_line: 'binddn <CHANGE ME!>'
rhel5_files:
- file: /etc/ldap.conf_new
files:
- file: /etc/pam_ldap.conf_new
- file: /etc/nslcd.conf_new
files_ldap:
- dest: '/etc/ldap.conf_new'
regexp: '^binddn'
line: "{{ ldap_binddn_line }}"
- dest: '/etc/ldap.conf_new'
regexp: '^bindpw'
line: "{{ ldap_password_line }}"
files_pam_ldap:
- dest: '/etc/pam_ldap.conf_new'
regexp: '^binddn'
line: "{{ ldap_binddn_line }}"
- dest: '/etc/pam_ldap.conf_new'
regexp: '^bindpw'
line: "{{ ldap_password_line }}"
files_nslcd:
- dest: '/etc/nslcd.conf_new'
regexp: '^binddn'
line: "{{ ldap_binddn_line }}"
- dest: '/etc/nslcd.conf_new'
regexp: '^bindpw'
line: "{{ ldap_password_line }}"
############
# Clean files
############
# RHEL 5 Remove existing lines in ldap.conf_new
- name: RHEL 5 Remove existing lines in ldap.conf_new
become: yes
lineinfile:
dest: "{{ item.dest }}"
state: absent
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
when: "ansible_distribution_major_version == '5'"
with_items: "{{ files_ldap }}"
# RHEL 6 and 7 Remove existing lines in pam_ldap.conf_new
- name: RHEL 6 and 7 Remove existing lines in pam_ldap.conf_new
become: yes
lineinfile:
dest: "{{ item.dest }}"
state: absent
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
when: (ansible_facts['distribution_major_version'] == "6") or (ansible_facts['distribution_major_version'] == "7")
with_items: "{{ files_pam_ldap }}"
# RHEL 6 and 7 Remove existing lines in /etc/nslcd.conf_new
- name: RHEL 6 and 7 Remove existing lines in /etc/nslcd.conf_new
become: yes
lineinfile:
dest: "{{ item.dest }}"
state: absent
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
when: (ansible_facts['distribution_major_version'] == "6") or (ansible_facts['distribution_major_version'] == "7")
with_items: "{{ files_nslcd }}"