Revamp LDAP roles

[baszoetekouw]

The current ldap roles are kind of a mess:

• The separation between ldap and ldap_services has become blurry. Either clearly separate them or move them into a single role (maybe we can split out the main.yml into multiple takas files with logical grouping
• Recent ansibles have implemented the ldap_attrs which is much more powerful than the old ldap_attr and should allow us to get rid of the manual runs of ldapmodify

Please revamp these roles and clean them up again. Reviewing the ldap config at the same time is an added bonus ;)

[mrvanes]

Een eerste voorzichtige conclusie is dat ldap_attrs en ldap_entry (nog) niet geschikt zijn om de SRAM provisioning van de LDAP server te evenaren: https://github.com/ansible-collections/community.general/issues/3559 https://github.com/ansible-collections/community.general/issues/977

[mrvanes]

Eerste aanzet https://github.com/SURFscz/SRAM-deploy/tree/fix-ldap-roles

[baszoetekouw]

ldap changes doen we in oktober

[mrvanes]

Afzonderlijke producer en syncrepl consumers cn=Monitor toegevoegd https://code.stroeder.com/ldap/slapdcheck