Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add LDAP lookup plugin #52899

Open
wants to merge 1 commit into
base: devel
from

Conversation

Projects
None yet
2 participants
@nome
Copy link

nome commented Feb 24, 2019

SUMMARY

Add a lookup plugin which allows querying information from LDAP.

An alternative implementation is given in #27358. I'm suggesting a different API here, which is more consistent with that of existing lookup plugins (such as dig), and which in many cases requires only a minimal amount of input (usually the search filter).

In contrast to the ldap_{entry,attr,passwd} modules, the default behavior when no bind_dn/bind_pw is specified is to use the underlying LDAP library's defaults (usually from /etc/ldap/ldap.conf or ~/.ldaprc) rather than attempting a SASL bind via unix domain socket. This is intentional, since the lookup plugin runs on the control host, which will usually be different from the LDAP server. By relying on this configuration (which often already exists for use by other tools), the number of options that need to be repeated for every invocation can be kept minimal.

Fixes #34733

ISSUE TYPE
  • New Module Pull Request
COMPONENT NAME

ldap

ADDITIONAL INFORMATION

See documentation included in the plugin.

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Feb 24, 2019

The test ansible-test sanity --test ansible-doc --python 2.6 [explain] failed with 1 error:

lib/ansible/plugins/lookup/ldap.py:0:0: has a documentation error formatting or is missing documentation.

The test ansible-test sanity --test compile --python 2.6 [explain] failed with 1 error:

lib/ansible/plugins/lookup/ldap.py:143:55: SyntaxError: result.extend(dict({k: read_attr(v) for k, v in attrs.items()}, dn=dn)

The test ansible-test sanity --test pep8 [explain] failed with 2 errors:

lib/ansible/plugins/lookup/ldap.py:17:161: E501 line too long (293 > 160 characters)
lib/ansible/plugins/lookup/ldap.py:20:161: E501 line too long (173 > 160 characters)

click here for bot help

@nome nome force-pushed the nome:lookup_ldap branch from d812c8c to f14387c Feb 25, 2019

@ansibot ansibot added the stale_ci label Mar 6, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.