'LDAP Client installation using ansible

We need to install LDAP client over 156 machines. So we want to use ansible to complete this task. 

apt-get install ldap-utils libpam-ldapd libnss-ldapd nscd

But when we install it asked lot of question in response (popup box) and we are facing issue how we can handle those response in playbook.

I have used expect module but it was working well when we see question/response on screen not in popup box like below:

- name: run command to install rubyencoder
    expect:
      chdir: /home/ubuntu/rubyencoder-evaluation/bin
      command: /home/ubuntu/rubyencoder-evaluation/bin/rubyencoder
      responses:
        '.*Press return key to continue.*': ""
        '.*type \"I AGREE\".*': "I AGREE"
        '.*Your RubyEncoder profile e-mail.*': "[email protected]"
        '.*Your RubyEncoder profile password.*': ""

Above config handle response properly but same method is not working in ldap client installation.

I am using below playbook:

---
- hosts: test1
  become: true
#  remote_user: dagar
#  sudo: yes
  tasks:
  - name: install ldap client packages
    expect:
     command: apt-get install ldap-utils libpam-ldapd libnss-ldapd nscd
     responses:
      '.*Do you want to continue?.*': ""
      '.*LDAP server URI.*': "Ok"
      '.*LDAP server search base.*': "Ok"
      '.*Name servives to configure.*': "Ok"
      '.*Restart services during package upgrades without asking?.*': "No"
      '.*Services to restart to make them use the new libraries.*': "Ok"

Can anybody please help me on above issue.

Any help or guidance will be appriciated.

Thanks.

ansibleldap


Solution 1:[1]

This accepted answer may help: How to do an initial setup of slapd OLC with ldapmodify

It uses slapd and a heredoc to define the answers for debconf-set-selections to consume.

Solution 2:[2]

I run a one line command to join nodes to ldap (assuming the packages are installed and relevant services started. I use nslcd)

authconfig --enableldapauth --ldapserver="ldapserver.example.com" --ldapbasedn="dc=example,dc=com" --update

So Ansible method would be:

- name: This command will join a node to an LDAP server
  ansible.builtin.shell:
    cmd: authconfig --enableldapauth --ldapserver="ldapserver.example.com" --ldapbasedn="dc=example,dc=com" --update

That should also update /etc/nsswitch.conf, but if not, you can always replace the file with ansible

Solution 3:[3]

I'm not sure how to do this with only ansible, but since you are already using expect for automating script responses you could use something like autohotkeys or sikuli to answer popups. You could have ansible run your expect script to answer the scripted responses and run the autohotkeys script to answer the popup. Or perhaps you can just modify whatever script you are running for the install in order to not make a popup.

You can see more info:

https://github.com/sikuli/sikuli https://www.autohotkey.com/docs/Hotkeys.htm

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 sqqqrly
Solution 2 β.εηοιτ.βε
Solution 3 user7379804

Related Questions