LDAP Directory Information Tree¶

This document describes how the debops.ldap Ansible role fits in the LDAP directory structure organized by DebOps.

Directory structure¶

DNS (example.org)
- rootDSE -> debops.slapd
  - dc=example,dc=org (LDAP tasks)
    - ou=Hosts
      - dNSDomain=example.org (conditional)
        
        cn=host.example.org (conditional)
        
        uid=dokuwiki -> debops.dokuwiki
        
        uid=dovecot -> debops.dovecot
        
        uid=gitlab -> debops.gitlab
        
        uid=icingaweb -> debops.icinga_web
        
        uid=mailman -> debops.mailman
        
        uid=nslcd -> debops.nslcd
        
        uid=nextcloud -> debops.owncloud
        
        uid=nullmailer -> debops.nullmailer
        
        uid=postfix -> debops.postldap
        
        uid=roundcube -> debops.roundcube
        
        uid=saslauthd -> debops.saslauthd
        
        uid=sshd -> debops.sshd
        
        uid=sudo -> debops.sudo
    - ou=People
    - ou=Groups
      - cn=DokuWiki Administrators -> debops.dokuwiki
    - ou=Machines
    - ou=Services
    - ou=Roles
      - cn=Password Reset Agent (via the ldap/init-directory.yml playbook)
        
        roleOccupant: uid=nextcloud,cn=host.example.org,... -> debops.owncloud

Object Classes and Attributes¶

dNSDomain=example.org
- debops.ldap: Object Classes, Attributes
cn=host.example.org
- debops.ldap: Object Classes, Attributes
- debops.sshd: Object Classes, Attributes (SSH host public keys)

Parent nodes¶

There are no parent nodes defined for the debops.ldap Ansible role.

Child nodes¶