Defined Type: yp::ldap::directory

Defined in:
manifests/ldap/directory.pp

Overview

Define an LDAP directory for ypldap to poll.

Examples:

Define a directory

::yp::ldap::directory { 'dc=example,dc=com':
  server  => '192.0.2.1',
  bind_dn => 'cn=ypldap,dc=example,dc=com',
  bind_pw => 'secret',
}

Parameters:

  • base_dn (Bodgitlib::LDAP::DN) (defaults to: $title)

    The base DN from which to perform all LDAP queries.

  • server (Bodgitlib::Host)

    The LDAP server to use.

  • bind_dn (Optional[Bodgitlib::LDAP::DN]) (defaults to: undef)

    The DN to use to bind to the LDAP server.

  • bind_pw (Optional[String]) (defaults to: undef)

    The password to use when binding to the LDAP server.

  • fixed_attributes (Hash[YP::LDAP::Attribute, String]) (defaults to: { 'passwd' => '*', 'change' => '0', 'expire' => '0', 'class' => 'ldap', 'grouppasswd' => '*', })

    A hash of YP map attributes that should not be looked up from LDAP, but hardcoded to a particular value.

  • group_dn (Optional[Bodgitlib::LDAP::DN]) (defaults to: undef)

    The base DN from which to perform group queries, if different from base_dn.

  • group_filter (Bodgitlib::LDAP::Filter) (defaults to: '(objectClass=posixGroup)')

    The LDAP search filter to use when searching for groups.

  • ldap_attributes (Hash[YP::LDAP::Attribute, String]) (defaults to: { 'name' => 'uid', 'uid' => 'uidNumber', 'gid' => 'gidNumber', 'gecos' => 'cn', 'home' => 'homeDirectory', 'shell' => 'loginShell', 'groupname' => 'cn', 'groupgid' => 'gidNumber', })

    A hash of YP map attributes that should be looked up from regular LDAP attributes.

  • list_attributes (Hash[YP::LDAP::Attribute, String]) (defaults to: { 'groupmembers' => 'memberUid', })

    A hash of YP map attributes that should be looked up from regular LDAP attributes but in the case of multiple values should be joined together with ,.

  • mode (Optional[Enum['tls', 'ldaps']]) (defaults to: undef)
  • port (Optional[Bodgitlib::Port]) (defaults to: undef)
  • user_filter (Bodgitlib::LDAP::Filter) (defaults to: '(objectClass=posixAccount)')

    The LDAP search filter to use when searching for users.

See Also:

Since:

  • 3.0.0



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'manifests/ldap/directory.pp', line 31

define yp::ldap::directory (
  Bodgitlib::Host                   $server,
  Bodgitlib::LDAP::DN               $base_dn          = $title,
  Optional[Bodgitlib::LDAP::DN]     $bind_dn          = undef,
  Optional[String]                  $bind_pw          = undef,
  Hash[YP::LDAP::Attribute, String] $fixed_attributes = {
    'passwd'      => '*',
    'change'      => '0',
    'expire'      => '0',
    'class'       => 'ldap',
    'grouppasswd' => '*',
  },
  Optional[Bodgitlib::LDAP::DN]     $group_dn         = undef,
  Bodgitlib::LDAP::Filter           $group_filter     = '(objectClass=posixGroup)',
  Hash[YP::LDAP::Attribute, String] $ldap_attributes  = {
    'name'      => 'uid',
    'uid'       => 'uidNumber',
    'gid'       => 'gidNumber',
    'gecos'     => 'cn',
    'home'      => 'homeDirectory',
    'shell'     => 'loginShell',
    'groupname' => 'cn',
    'groupgid'  => 'gidNumber',
  },
  Hash[YP::LDAP::Attribute, String] $list_attributes  = {
    'groupmembers' => 'memberUid',
  },
  Optional[Enum['tls', 'ldaps']]    $mode             = undef,
  Optional[Bodgitlib::Port]         $port             = undef,
  Bodgitlib::LDAP::Filter           $user_filter      = '(objectClass=posixAccount)',
) {

  if ! defined(Class['yp::ldap']) {
    fail('You must include the yp::ldap base class before using any yp::ldap defined resources')
  }

  ::concat::fragment { "${::yp::ldap::conf_file} ${base_dn}":
    order   => '10',
    content => template("${module_name}/ypldap.conf.directory.erb"),
    target  => $::yp::ldap::conf_file,
  }
}