Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
infra
ansible-shared
samba
Commits
dbd12429
Commit
dbd12429
authored
Apr 01, 2015
by
Lars Beckers
Browse files
doing some dull work
parent
01529ecb
Changes
5
Hide whitespace changes
Inline
Side-by-side
ad-auth/files/sudo/admin
0 → 100644
View file @
dbd12429
%admin ALL=(ALL:ALL) ALL
ad-auth/tasks/main.yml
View file @
dbd12429
...
@@ -6,3 +6,4 @@ tasks:
...
@@ -6,3 +6,4 @@ tasks:
-
include
:
nslcd.yml
-
include
:
nslcd.yml
-
include
:
nscd.yml
-
include
:
nscd.yml
-
include
:
kerberos.yml
-
include
:
kerberos.yml
-
include
:
sudo.yml
ad-auth/tasks/sudo.yml
0 → 100644
View file @
dbd12429
---
# file: roles/ad-auth/tasks/sudo.yml
-
name
:
ensure users of group admin are in the sudoers
copy
:
src=sudo/admin dest=/etc/sudoers.d/admin owner=root group=root mode=0440
tags
:
sudo config
-
name
:
check whole sudo config
command
:
visudo -q -c -f /etc/sudoers
tags
:
sudo test
ad-auth/templates/ldap.conf.j2
View file @
dbd12429
## TODO
#
#
# LDAP Defaults
# LDAP Defaults
#
#
...
@@ -6,11 +5,11 @@
...
@@ -6,11 +5,11 @@
# See ldap.conf(5) for details
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
# This file should be world readable but not world writable.
BASE
dc=fsmpi,dc=rwth-aachen,dc=de
BASE
{{ authbase }}
URI ldaps://
rumo.fsmpi.rwth-aachen.de
URI ldaps://
{{ authserver }}
#SIZELIMIT 12
#SIZELIMIT 12
#TIMELIMIT 15
#TIMELIMIT 15
#DEREF never
#DEREF never
TLS_CACERT
/etc/ssl/certs/rwth_chain.pem
TLS_CACERT
{{ authcacert }}
ad-auth/templates/nslcd.conf.j2
View file @
dbd12429
## TODO
# /etc/nslcd.conf
# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# nslcd configuration file. See nslcd.conf(5)
# for details.
# for details.
...
@@ -8,10 +7,10 @@ uid nslcd
...
@@ -8,10 +7,10 @@ uid nslcd
gid nslcd
gid nslcd
# The location at which the LDAP server(s) should be reachable.
# The location at which the LDAP server(s) should be reachable.
uri ldaps://
rumo.fsmpi.rwth-aachen.de/
uri ldaps://
{{ authserver }}
# The search base that will be used for all queries.
# The search base that will be used for all queries.
base
dc=fsmpi,dc=rwth-aachen,dc=de
base
{{ authbase }}
# The LDAP protocol version to use.
# The LDAP protocol version to use.
#ldap_version 3
#ldap_version 3
...
@@ -25,7 +24,7 @@ base dc=fsmpi,dc=rwth-aachen,dc=de
...
@@ -25,7 +24,7 @@ base dc=fsmpi,dc=rwth-aachen,dc=de
# SSL options
# SSL options
#ssl off
#ssl off
tls_cacertfile
/etc/ssl/certs/rwth_chain.pem
tls_cacertfile
{{ authcacert }}
tls_reqcert demand
tls_reqcert demand
# The search scope.
# The search scope.
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment