simp_ds389::instances::accounts: Create a 389ds instance with a common organizational LDIF for user accounts
Create a 389ds instance with a common organizational LDIF for user accounts
The following parameters are available in the simp_ds389::instances::accounts class:
instance_namebase_dnroot_dnroot_pwbind_dnbind_pwlisten_addressenable_tlsfirewalltrusted_netsportsecure_porttls_paramsinstance_paramspassword_policyusers_group_idadministrators_group_id
Data type: String[1]
The unique name of the instance.
Default value: 'accounts'
Data type: String[2]
The base Distinguished Name of the directory server.
Default value: simplib::lookup('simp_options::ldap::base_dn', { 'default_value' => sprintf(simplib::ldap::domain_to_dn($facts.get('networking.domain'), true)) })
Data type: String[2]
The default administrator Distinguished Name for the directory server.
- NOTE: To work around certain application bugs, items with spaces may not be used in this field.
Default value: 'cn=Directory_Manager'
Data type: String[2]
The password for the the $root_dn.
- NOTE: To work around certain application bugs, items with spaces may not be used in this field.
Default value: simplib::passgen('simp_ds389-rootdn_accounts', { 'length' => 64, 'complexity' => 0 })
Data type: String[2]
The bind Distinguished Name of the directory server.
Default value: simplib::lookup('simp_options::ldap::bind_dn', { 'default_value' => "cn=hostAuth,ou=Hosts,${base_dn}" })
Data type: String[1]
The bind password.
Default value: simplib::lookup('simp_options::ldap::bind_pw', { 'default_value' => simplib::passgen("ds389_${instance_name}_bindpw", {'length' => 64})})
Data type: Simplib::IP
The IP address upon which to listen.
Default value: '0.0.0.0'
Data type: Variant[Boolean, Enum['simp']]
Whether to configure the server to use TLS and also how to copy the pki certificates.
- simp => Will enable TLS and copy the certificates out from the puppetserver.
- true => Will enable TLS and copy the certificates from a local directory on the server.
- false => Will not enable TLS
Default value: simplib::lookup('simp_options::pki', { 'default_value' => false })
Data type: Boolean
Whether to configure access through the firewall.
Default value: simplib::lookup('simp_options::firewall', { 'default_value' => false })
Data type: Simplib::Netlist
Which networks to all access through the firewall.
Default value: simplib::lookup('simp_options::trusted_nets', {'default_value' => ['127.0.0.1/32'] })
Data type: Simplib::Port
The port upon which to accept normal/STARTTLS connections
Default value: 389
Data type: Simplib::Port
The port upon which to accept LDAPS connections.
Default value: 636
Data type: Hash
Parameters to pass to the TLS module.
Default value: {}
Data type: Hash
Any other arguments that you wish to pass through directly to the
ds389::instance Defined Type.
Default value: {}
Data type: Ds389::ConfigItem
Settings for the password policy. The defaults in the module data are set to meet most compliance standards.
Data type: Integer[1]
The group ID of the "users" group created in the install.
Default value: 100
Data type: Integer[500]
The group ID of the "administrators" group created in the install. The pupmod-simp-simp module configures permissions on systems using simp with the admin.pp manifest.
Default value: 700