Setting ldap_rootpw for ldapadmin in the OBM database

[recid]

This operation is necessary cause the automaton use the ldapadmin password defined in the obm database. However in the ldap role we define a password for ldapadmin. So we have 2 choices : 1/ Either we set in the slapd.conf template the SSHA footprint containing the default ldapadmin usersystem_password 2/ Or on the ldap role, we define a task which updates the ldaproot passwd directly in the database.

On the point 2/, we have to setup the openldap-clients packages or develop a postgresql module which launches SQL queries. The point 1/ is the fastest solution to implement

What do we do ?

[recid]

For the moment we choose the solution 1.

[max-k]

In my opinion, the better option is this one :

• Set passwords in config.yml [only if we need to statically set them]
• Generate them automatically with Ansible Lookups if they are not set. (This must be done in group_vars/all).
• Generate dynamically ldap password SSHA footprint and set it in slapd.conf template
• Update passwords in obm database in obm-db-pg role.

But this can be done later.