From 2c57b5370c6cd44f700985132f360c15d2664ebf Mon Sep 17 00:00:00 2001 From: Jonas Gunz Date: Sun, 5 Jun 2022 23:26:31 +0200 Subject: openldap: Add custom schema options Allows to specify custom schema entries in config file --- roles/openldap/README.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 roles/openldap/README.md (limited to 'roles/openldap/README.md') diff --git a/roles/openldap/README.md b/roles/openldap/README.md new file mode 100644 index 0000000..ed34f52 --- /dev/null +++ b/roles/openldap/README.md @@ -0,0 +1,34 @@ +# openldap + +Example: + +```yaml +--- +ldap: + o: 'Example Com' + base: 'dc=example,dc=com' + root_dn: 'cn=admin,dc=example,dc=com' + root_pw: 'admin' + root_pw_hash: '{SSHA}T4NWs0yED2vORnKH4fWMSicNH0n0jtwP' + tls: + enable: false + ca: '/etc/ssl/certs/ssl-cert-snakeoil.pem' + key: '/etc/ssl/private/ssl-cert-snakeoil.key' + cert: '/etc/ssl/certs/ssl-cert-snakeoil.pem' + schema: + - cn: openssh-lpk + olcAttributeTypes: "( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' + DESC 'MANDATORY: OpenSSH Public key' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )" + olcObjectClasses: "( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY + DESC 'MANDATORY: OpenSSH LPK objectclass' + MAY ( sshPublicKey $ uid ) + )" + +``` + +## Notes + +Schema have to be manually deleted in `/etc/ldap/slapd.d/cn=config/cn=schema`. +be sure to remove all objects referencing the removed object BEFORE. -- cgit v1.2.3