mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
f3ecf4c7f8
* Set up secure ldap server * ldap: Added client cert options Shamelessly copied from https://github.com/andrewshulgin/ldap_search * Added tests for ldap client authentication * Add changelog fragment * Make sure the openssl commands work on older versions of openssl * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> * Remove aliases for new arguments * Add required_together to ldap module declerations --------- Co-authored-by: Felix Fontein <felix@fontein.de>
15 lines
407 B
Text
15 lines
407 B
Text
dn: cn=config
|
|
add: olcTLSCACertificateFile
|
|
olcTLSCACertificateFile: /usr/local/share/ca-certificates/ca.crt
|
|
-
|
|
add: olcTLSCertificateFile
|
|
olcTLSCertificateFile: /etc/ldap/localhost.crt
|
|
-
|
|
add: olcTLSCertificateKeyFile
|
|
olcTLSCertificateKeyFile: /etc/ldap/localhost.key
|
|
-
|
|
add: olcAuthzRegexp
|
|
olcAuthzRegexp: {0}"UID=([^,]*)" uid=$1,ou=users,dc=example,dc=com
|
|
-
|
|
add: olcTLSVerifyClient
|
|
olcTLSVerifyClient: allow
|