Hi all,
I go my first steps with slapd and ldap role. As far as I understood I
set up first an slapd server. This just installs openldap and configures
schema and admin users.
After running
debops service/slapd -l
ldap.example.org
I end up with an running openldap and there are two passwords stored in
ansible/secret/slapd/credentials/
But with none of these passswords I can bind to the server:
/usr/bin/ldapsearch -H
ldaps://ldap.example.org -D
"cn=admin,dc=example,dc=org" -b "dc=example,dc=org" -W
passwords are created here (roles/slapd/defaults/main.yml):
slapd__superuser_config_password: '{{ "{CRYPT}" +
lookup("password",
secret + "/slapd/credentials/" + slapd__config_rootdn | to_uuid +
".password"+ " encrypt=sha512_crypt length=32") }}'
I understand: "DebOps uses the "to_uuid" Ansible filter to convert LDAP
Distinguished Names". Is there any possibility to convert uuids back to
ldap dn's to know which one is which?
My understanding is further that first steps for initialize the
directory works with
debops ldap/init-directory -l
ldap.example.org
I get:
ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials'}
Thanks for help and kind regards
Jan