| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- #
- # LDAP related stuff (Salt managed)
- #
- apply Service "ldaps" {
- import "generic-service"
- check_command = "ldap"
- vars.ldap_address = host.vars.ldap_fqdn
- vars.ldap_base = "dc=ffho,dc=net"
- vars.ldap_ssl = true
- vars.ldap_v3 = true
- assign where host.vars.ldap_fqdn && "ldap-master" in host.vars.roles
- assign where host.vars.ldap_fqdn && "ldap-replica" in host.vars.roles
- }
- apply Service "ldap_replication" {
- import "generic-service"
- check_command = "ldap_replication"
- vars.ldap_master = "ldaps://ldap-master.srv.in.ffho.net"
- vars.ldap_mirror = "ldaps://" + host.vars.ldap_fqdn
- vars.ldap_sync_base = "ou=sync-check,dc=ffho,dc=net"
- vars.ldap_bind_dn = "uid=sync-check,ou=accounts,dc=ffho,dc=net"
- assign where host.vars.ldap_fqdn && "ldap-replica" in host.vars.roles
- }
- apply Service "ldap_syncrepl_extended" {
- import "generic-service"
- check_command = "syncrepl_extended"
- vars.provider = "ldaps://ldap-master.srv.in.ffho.net"
- vars.consumer = "ldaps://" + host.vars.ldap_fqdn
- vars.base_dn = "dc=ffho,dc=net"
- vars.bind_dn = "uid=sync-check,ou=accounts,dc=ffho,dc=net"
- vars.bind_password = LdapSyncReplBindPassword
- assign where host.vars.ldap_fqdn && "ldap-replica" in host.vars.roles
- }
|
