- ---
- - name: 'renewing admin password - generation'
- gen_passwd: 'length=32'
- register: new_passwd
- no_log: true
-
- - name: 'renewing admin password - set fact'
- set_fact:
- ldap_passwd: '{{ new_passwd.passwd }}'
- no_log: true
-
- - name: 'renewing admin password - hashing'
- shell: >
- slappasswd
- -o module-load=pw-sha2
- -h "{SSHA512}"
- -s {{ ldap_passwd | quote }}
- register: new_passwd_hash
- no_log: true
-
- - name: 'renewing admin password - setting RootPW'
- ldap_attr:
- dn: 'olcDatabase={1}mdb,cn=config'
- name: 'olcRootPW'
- values: >-
- {{ new_passwd_hash.stdout }}
- state: 'exact'
- diff: false
- no_log: true
-
- - name: 'renewing admin password - calling ldappasswd'
- ldap_passwd:
- dn: 'cn=admin,{{ ldap_basedn }}'
- passwd: '{{ ldap_passwd }}'
- bind_dn: 'cn=admin,{{ ldap_basedn }}'
- bind_pw: '{{ ldap_passwd }}'
- ...
|