This guide installs and bootstraps a 389 Directory Server LDAP instance.
dscreate- name: Install 389 Directory Server on Debian family
hosts: ds389_debian
become: true
vars:
ds389_instance_name: "ldap1"
ds389_suffix: "dc=example,dc=com"
ds389_root_dn: "cn=Directory Manager"
ds389_root_password: "change-me"
tasks:
- name: Install 389 DS packages
ansible.builtin.apt:
update_cache: true
name:
- 389-ds
- 389-ds-base
- ldap-utils
state: present
failed_when: false
- name: Write dscreate INF file
ansible.builtin.copy:
dest: /root/dscreate.inf
mode: "0600"
content: |
[general]
config_version = 2
[slapd]
instance_name = {{ ds389_instance_name }}
root_dn = {{ ds389_root_dn }}
root_password = {{ ds389_root_password }}
suffix = {{ ds389_suffix }}
- name: Create LDAP instance if missing
ansible.builtin.command: dscreate from-file /root/dscreate.inf
args:
creates: "/etc/dirsrv/slapd-{{ ds389_instance_name }}"
failed_when: false
- name: Enable and start directory service
ansible.builtin.systemd:
name: "dirsrv@{{ ds389_instance_name }}"
enabled: true
state: started
- name: Verify LDAP service
ansible.builtin.command: ss -lntp
changed_when: false
register: ds389_ports
- name: Show listening ports
ansible.builtin.debug:
var: ds389_ports.stdout_lines
- name: Install 389 Directory Server on RHEL family
hosts: ds389_rhel
become: true
vars:
ds389_instance_name: "ldap1"
ds389_suffix: "dc=example,dc=com"
ds389_root_dn: "cn=Directory Manager"
ds389_root_password: "change-me"
tasks:
- name: Install 389 DS packages
ansible.builtin.dnf:
name:
- 389-ds-base
- openldap-clients
state: present
- name: Write dscreate INF file
ansible.builtin.copy:
dest: /root/dscreate.inf
mode: "0600"
content: |
[general]
config_version = 2
[slapd]
instance_name = {{ ds389_instance_name }}
root_dn = {{ ds389_root_dn }}
root_password = {{ ds389_root_password }}
suffix = {{ ds389_suffix }}
- name: Create LDAP instance if missing
ansible.builtin.command: dscreate from-file /root/dscreate.inf
args:
creates: "/etc/dirsrv/slapd-{{ ds389_instance_name }}"
- name: Enable and start directory service
ansible.builtin.systemd:
name: "dirsrv@{{ ds389_instance_name }}"
enabled: true
state: started
- name: Verify LDAP service
ansible.builtin.command: ss -lntp
changed_when: false
register: ds389_ports
- name: Show listening ports
ansible.builtin.debug:
var: ds389_ports.stdout_lines
ansible-playbook -i inventory.ini 389ds-install.yml
ds389_debian.We develop tailored automation solutions for:
Let’s discuss your requirements: office@linux-server-admin.com | Contact