ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-04-24 03:11:24 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

ldap_search: switch off client-chasing referrals (#1618)

Browse source 
* switch off client-chasing referrals

* Add changelog fragment

* Add comment to module

* Sanity check

* Update changelogs/fragments/1618-ldap_search-switch-off-cheasing-referrals.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add module ref_chasing param to ldap module_utils

* test acces token gitlab

* test acces token gitlab: revert

* Complete referrals_chasing parameter documentation

* Fix parameter value check

* Fix issue #963

* fix sanity check

* Update plugins/doc_fragments/ldap.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update changelogs/fragments/1618-ldap_search-switch-off-cheasing-referrals.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/doc_fragments/ldap.py

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Mickael Foucher <mikael.foucher@groupama.com>
This commit is contained in:
flammike 2021-01-27 07:56:07 +01:00 committed by GitHub
parent bb323ab12f
commit cd022c3e2a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 27 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
plugins/module_utils/ldap.py
View file

@ -26,6 +26,7 @@ def gen_specs(**specs):
'bind_dn': dict(),
'bind_pw': dict(default='', no_log=True),
'dn': dict(required=True),
'referrals_chasing': dict(type='str', default='anonymous', choices=['disabled', 'anonymous']),
'server_uri': dict(default='ldapi:///'),
'start_tls': dict(default=False, type='bool'),
'validate_certs': dict(default=True, type='bool'),
@ -41,6 +42,7 @@ class LdapGeneric(object):
self.bind_dn = self.module.params['bind_dn']
self.bind_pw = self.module.params['bind_pw']
self.dn = self.module.params['dn']
self.referrals_chasing = self.module.params['referrals_chasing']
self.server_uri = self.module.params['server_uri']
self.start_tls = self.module.params['start_tls']
self.verify_cert = self.module.params['validate_certs']
@ -61,6 +63,10 @@ class LdapGeneric(object):
connection = ldap.initialize(self.server_uri)
if self.referrals_chasing == 'disabled':
# Switch off chasing of referrals (https://github.com/ansible-collections/community.general/issues/1067)
connection.set_option(ldap.OPT_REFERRALS, 0)
if self.start_tls:
try:
connection.start_tls_s()