roles/sssd/tasks/main.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

---
- name: Install packages
  apt:
    name:
      - sssd
      - libpam-sss
      - libnss-sss
  become: yes

- name: Install SSSD Config file
  template:
    src: sssd.conf.j2
    dest: /etc/sssd/sssd.conf
    mode: '600'
  become: yes
  notify: Restart sssd

- name: Create LDAP Config dir
  file:
    path: /etc/ldap
    state: directory
  become: yes

- name: Install ldap.conf
  copy:
    content: 'TLS_CACERT      /etc/ssl/certs/ca-certificates.crt'
    dest: /etc/ldap/ldap.conf
  become: yes
  notify: Restart sssd

- name: Auto-create Homedir
  lineinfile:
    path: /etc/pam.d/common-session
    regex: '^session required pam_mkhomedir\.so'
    line: 'session required pam_mkhomedir.so skel=/etc/skel/ umask=0022'
    insertafter: '^session optional pam_sss\.so'
  become: yes