From 09bbc3f16b613bc3d4d11ed96bdbc8f1ba102fec Mon Sep 17 00:00:00 2001
From: Jupiter Hu <jupiter.hu@monash.edu>
Date: Thu, 11 Aug 2016 15:39:07 +1000
Subject: [PATCH] add acl groups

Former-commit-id: 48ce3fb9b5096dc56da7b1db2581e5daf2c9f840
---
 roles/ldapserver/tasks/main.yml               | 13 +++++++++++++
 roles/ldapserver/templates/acl_groups_ldif.j2 |  2 ++
 2 files changed, 15 insertions(+)
 create mode 100644 roles/ldapserver/templates/acl_groups_ldif.j2

diff --git a/roles/ldapserver/tasks/main.yml b/roles/ldapserver/tasks/main.yml
index bb56de39..be3d545b 100644
--- a/roles/ldapserver/tasks/main.yml
+++ b/roles/ldapserver/tasks/main.yml
@@ -51,6 +51,9 @@
 - name: template ssl.ldif
   template: src=ssl_ldif.j2 dest=/tmp/ssl.ldif mode=600
 
+- name: template acl_groups.ldif
+  template: src=acl_groups_ldif.j2 dest=/tmp/acl_groups.ldif mode=600
+
 - name: template load_memberof.ldif
   template: src=load_memberof_ldif.j2 dest=/tmp/load_memberof.ldif mode=600
 
@@ -262,6 +265,16 @@
   shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/groups.ldif
   when: groupsConfigured|failed
 
+- name: check aclroups config
+  shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapAclGroupBase }} -x -H ldap://localhost objectClass=*"
+  ignore_errors: true
+  register: aclgroupsConfigured
+
+- name: add aclgroups OU
+  shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/acl_groups.ldif
+  when: aclgroupsConfigured|failed
+
+
 - name: check Accounts config
   shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapUserBase }} -x -H ldap://localhost objectClass=*"
   ignore_errors: true
diff --git a/roles/ldapserver/templates/acl_groups_ldif.j2 b/roles/ldapserver/templates/acl_groups_ldif.j2
new file mode 100644
index 00000000..980f11d8
--- /dev/null
+++ b/roles/ldapserver/templates/acl_groups_ldif.j2
@@ -0,0 +1,2 @@
+dn: {{ ldapAclGroupBase }}
+objectClass: organizationalUnit
-- 
GitLab