From 4c695a8e7ae8e7d742cc0efe5c300d0d111e7eb7 Mon Sep 17 00:00:00 2001
From: Chris Hines <chris.hines@monash.edu>
Date: Wed, 3 Jan 2018 16:29:03 +1100
Subject: [PATCH] fix an error detecting the ppolicy and enable the
 auxposixgroup schema

Former-commit-id: 7519d863d4ea8449fe1bef2e3ecada18989f5669
---
 roles/ldapserver/files/auxposixgroup.ldif |  4 ++++
 roles/ldapserver/tasks/main.yml           | 24 ++++++++++++++++++-----
 2 files changed, 23 insertions(+), 5 deletions(-)
 create mode 100644 roles/ldapserver/files/auxposixgroup.ldif

diff --git a/roles/ldapserver/files/auxposixgroup.ldif b/roles/ldapserver/files/auxposixgroup.ldif
new file mode 100644
index 00000000..0ddab790
--- /dev/null
+++ b/roles/ldapserver/files/auxposixgroup.ldif
@@ -0,0 +1,4 @@
+dn: cn=auxPosixGroup,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: auxPosixGroup
+olcObjectClasses: ( 1.3.6.1.4.1.1.1.1.2.1 NAME 'auxPosixGroup' DESC 'Abstraction of a group of accounts' SUP top AUXILIARY MUST gidNumber MAY ( userPassword $ memberUid $ description ) )
diff --git a/roles/ldapserver/tasks/main.yml b/roles/ldapserver/tasks/main.yml
index be3d545b..f7e0edf0 100644
--- a/roles/ldapserver/tasks/main.yml
+++ b/roles/ldapserver/tasks/main.yml
@@ -1,18 +1,22 @@
 ---
+- name: include vars
+  include_vars: 
+    file: "{{ ansible_distribution }}_{{ ansible_distribution_version }}_{{ ansible_architecture }}.yml"
 
-- include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_version }}_{{ ansible_architecture }}.yml"
-- include_vars: "{{ ansible_distribution }}.yml"
+- name: include vars2
+  include_vars: 
+    file: "{{ ansible_distribution }}.yml"
 
 - name: install system packages apt
   apt: name={{ item }} state=installed update_cache=true
   sudo: true
-  with_items: system_packages
+  with_items: "{{ system_packages }}"
   when: ansible_os_family == 'Debian'
 
 - name: install system packages yum
   yum: name={{ item }} state=installed
   sudo: true
-  with_items: system_packages
+  with_items: "{{ system_packages }}"
   when: ansible_os_family == 'RedHat'
 
 - name: Fixed default configuration 
@@ -139,6 +143,16 @@
    - inetorgperson
   ignore_errors: true
   sudo: true
+
+- name: copy the auxposixgroup schema
+  copy: src="files/auxposixgroup.ldif" dest="{{ ldapDir }}/schema/auxposixgroup.ldif"
+  become: True
+  become_user: root
+
+- name: load the auxposixgroup schema
+  shell: ldapadd -Y EXTERNAL -H ldapi:/// -f "{{ ldapDir }}/schema/auxposixgroup.ldif" -D cn=config
+  become_user: root
+  become: True
       
 - name: check ppolicy module loaded
   shell: slapcat -b cn=config | grep "olcModuleLoad. {.*}ppolicy"
@@ -152,7 +166,7 @@
   when: ppolicyModuleLoaded|failed
 
 - name: check ppolicy overlay config
-  shell: "slapcat -b cn=config | grep 'dn: olcOverlay=ppolicy,olcDatabase={.*}.db,cn=config'"
+  shell: "slapcat -b cn=config | grep 'dn: olcOverlay={.*}ppolicy,olcDatabase={.*}.db,cn=config'"
   ignore_errors: true
   sudo: true
   register: ppolicyOverlayConfigured
-- 
GitLab