ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-04-20 17:31:24 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

[PR #9486/01244237 backport][stable-10] Optimize ldap modules auth note in a doc fragment (#9489)

Browse source 
Optimize ldap modules auth note in a doc fragment (#9486)

Optimize ldap auth doc fragment

(cherry picked from commit 01244237a1)

Co-authored-by: Philippe Duveau <pduvax@gmail.com>
This commit is contained in:
patchback[bot] 2024-12-30 23:49:14 +01:00 committed by GitHub
parent bd4112e87b
commit a3cb344689
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 4 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

3
plugins/modules/ldap_attrs.py
View file

@ -19,9 +19,6 @@ description:
- Add or remove multiple LDAP attribute values.
notes:
- This only deals with attributes on existing entries. To add or remove whole entries, see M(community.general.ldap_entry).
- The default authentication settings will attempt to use a SASL EXTERNAL bind over a UNIX domain socket. This works well with the default Ubuntu
install for example, which includes a C(cn=peercred,cn=external,cn=auth) ACL rule allowing root to modify the server configuration. If you need
to use a simple bind to access your server, pass the credentials in O(bind_dn) and O(bind_pw).
- For O(state=present) and O(state=absent), all value comparisons are performed on the server for maximum accuracy. For O(state=exact), values
have to be compared in Python, which obviously ignores LDAP matching rules. This should work out in most cases, but it is theoretically possible
to see spurious changes when target and actual values are semantically identical but lexically distinct.