90 lines
2.2 KiB
Plaintext
90 lines
2.2 KiB
Plaintext
version: 1
|
|
|
|
dn: ou=People,{{ldap_base}}
|
|
objectClass: organizationalUnit
|
|
ou: People
|
|
|
|
dn: ou=Groups,{{ldap_base}}
|
|
objectClass: organizationalUnit
|
|
ou: Groups
|
|
|
|
|
|
# Entry 1: cn=ldapclient service,ou=Groups,{{ldap_base}}
|
|
dn: cn=ldapclient service,ou=Groups,{{ldap_base}}
|
|
cn: ldapclient service
|
|
gidnumber: 1499
|
|
objectclass: posixGroup
|
|
objectclass: top
|
|
|
|
# Entry 1: cn=ldapclient_service,ou=People,{{ldap_base}}
|
|
dn: cn=ldapclient_service,ou=People,{{ldap_base}}
|
|
cn: ldapclient_service
|
|
gidnumber: 1499
|
|
givenname: ldapclient
|
|
homedirectory: /home/ldapclient
|
|
loginshell: /bin/bash
|
|
objectclass: inetOrgPerson
|
|
objectclass: posixAccount
|
|
objectclass: top
|
|
sn: service
|
|
uid: ldapclient
|
|
uidnumber: 1499
|
|
userpassword: {MD5}{{ldpad_client_password_md5}}
|
|
|
|
|
|
# Entry 1: cn={{user_uid}},ou=Groups,{{ldap_base}}
|
|
dn: cn={{user_uid}},ou=Groups,{{ldap_base}}
|
|
cn: {{user_uid}}
|
|
gidnumber: 1500
|
|
objectclass: posixGroup
|
|
objectclass: top
|
|
|
|
# Entry 1: cn={{user_uid}},ou=People,{{ldap_base}}
|
|
dn: cn={{user_uid}},ou=People,{{ldap_base}}
|
|
cn: {{user_uid}}
|
|
gidnumber: 1500
|
|
givenname: {{user_first_name}}
|
|
homedirectory: /home/{{user_uid}}
|
|
loginshell: /bin/bash
|
|
mail: {{user_email}}
|
|
objectclass: inetOrgPerson
|
|
objectclass: posixAccount
|
|
objectclass: top
|
|
objectclass: ldapPublicKey
|
|
objectclass: sudoRole
|
|
sudocommand: ALL
|
|
sudohost: ALL
|
|
sudouser: {{uid}}
|
|
sn: {{user_last_name}}
|
|
uid: {{user_uid}}
|
|
uidnumber: 1500
|
|
userpassword: {MD5}{{user_password_md5}}
|
|
|
|
|
|
# Entry 1: cn=app_sso_admin,ou=Groups,{{ldap_base}}
|
|
dn: cn=app_sso_admin,ou=Groups,{{ldap_base}}
|
|
cn: app_sso_admin
|
|
description: Admin access for SSO app
|
|
member: cn={{user_uid}},ou=People,{{ldap_base}}
|
|
objectclass: groupOfNames
|
|
objectclass: top
|
|
owner: cn={{user_uid}},ou=People,{{ldap_base}}
|
|
|
|
# Entry 1: cn=host_access,ou=Groups,{{ldap_base}}
|
|
dn: cn=host_access,ou=Groups,{{ldap_base}}
|
|
cn: host_access
|
|
description: PAM Access to all hosts
|
|
member: cn={{user_uid}},ou=People,{{ldap_base}}
|
|
objectclass: groupOfNames
|
|
objectclass: top
|
|
owner: cn={{user_uid}},ou=People,{{ldap_base}}
|
|
|
|
# Entry 1: cn=host_admin,ou=Groups,{{ldap_base}}
|
|
dn: cn=host_admin,ou=Groups,{{ldap_base}}
|
|
cn: host_admin
|
|
description: sudo on all hosts
|
|
member: cn={{user_uid}},ou=People,{{ldap_base}}
|
|
objectclass: groupOfNames
|
|
objectclass: top
|
|
owner: cn={{user_uid}},ou=People,{{ldap_base}}
|