ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-04-22 02:11:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

Optimize ldap modules auth note in a doc fragment (#9486)

Browse source 
Optimize ldap auth doc fragment
This commit is contained in:
Philippe Duveau 2024-12-30 23:39:41 +01:00 committed by GitHub
parent d81f56e10b
commit 01244237a1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 4 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

3
plugins/modules/ldap_attrs.py
View file

@ -19,9 +19,6 @@ description:
- Add or remove multiple LDAP attribute values.
notes:
- This only deals with attributes on existing entries. To add or remove whole entries, see M(community.general.ldap_entry).
- The default authentication settings will attempt to use a SASL EXTERNAL bind over a UNIX domain socket. This works well with the default Ubuntu
install for example, which includes a C(cn=peercred,cn=external,cn=auth) ACL rule allowing root to modify the server configuration. If you need
to use a simple bind to access your server, pass the credentials in O(bind_dn) and O(bind_pw).
- For O(state=present) and O(state=absent), all value comparisons are performed on the server for maximum accuracy. For O(state=exact), values
have to be compared in Python, which obviously ignores LDAP matching rules. This should work out in most cases, but it is theoretically possible
to see spurious changes when target and actual values are semantically identical but lexically distinct.