polish open ldap client

roles/openLdapClient/defaults/main.yml

@@ -14,4 +14,4 @@ ldapCaCertFileSource: "/etc/openldap/certs"
 cacertFile: "ca.pem"
 ldapRfc2307: ""
 ldapRfc2307Pam: ""
-
+ldapServerHost: "10.0.0.1 ldapserver.com"

roles/openLdapClient/handlers/main.yml

 ---
-  - name: restart sssd 
-    service: name=sssd state=restarted
+- name: auth config
+  shell: authconfig --updateall
+  sudo: true
+
+- name: restart sssd 
+  service: name=sssd state=restarted
+  sudo: true

roles/openLdapClient/tasks/configLdapClient.yml

@@ -16,9 +16,7 @@
   sudo: true
 
 - name: "Insert LDAP IP address LDAP to /etc/hosts"
-  lineinfile: dest=/etc/hosts line='130.220.209.234 m2-w.massive.org.au' state=present insertafter=EOF
-#  lineinfile: dest=/etc/hosts regexp=^130.220.209.234 line=130.220.209.234 m2-w.massive.org.au state=present insertafter=EOF
-#  lineinfile: dest=/etc/hosts regexp=^130.220.209.234 line=130.220.209.234 m2-w.massive.org.au state=present 
+  lineinfile: dest=/etc/hosts line="{{ ldapServerHost }}" state=present insertafter=EOF
   sudo: true
 
 - name: "Copy ldap.conf file "
@@ -26,12 +24,12 @@
   sudo: true
 
 - name: "Copy ldap cacert file"
-  copy: src={{ ldapCaCertFileSource }}/cacert.pem dest=/etc/openldap/certs/cacert.pem owner=root group=root mode=0644
+  copy: src={{ ldapCaCertFileSource }} dest={{ tlsCaCertFile }} owner=root group=root mode=0644
   sudo: true
 
 - name: "Copy sssd.conf to ldap client"
   template: src=sssd.j2 dest=/etc/sssd/sssd.conf owner=root group=root mode=600
   sudo: true
-  notify: restart sssd 
+  notify: auth config