2022-03-08 19:42:28 +01:00
|
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
|
|
|
|
|
|
<rougail version="0.10">
|
|
|
|
<services>
|
|
|
|
<service name="ldap_client" manage="False">
|
|
|
|
<file source="ldap.conf" file_type="variable">ldap_client_file</file>
|
|
|
|
<file source="ca_LDAP.crt" file_type="variable">ldap_ca_file</file>
|
|
|
|
<file source="ldap_client.crt" file_type="variable">ldap_cert_file</file>
|
|
|
|
<file source="ldap_client.key" file_type="variable" owner_type="variable" owner="ldap_key_file_owner" group_type="variable" group="ldap_key_file_group" mode="440">ldap_key_file</file>
|
|
|
|
</service>
|
|
|
|
</services>
|
|
|
|
<variables>
|
2022-06-24 19:00:16 +02:00
|
|
|
<family name="annuaire" description="Annuaire OpenLDAP">
|
|
|
|
<family name="server" description="Serveur">
|
|
|
|
<variable name='ldap_server_address' type='domainname' description="Nom DNS du serveur LDAP" mandatory='True'/>
|
|
|
|
<variable name='ldap_port' type='port' description='Port du serveur LDAP' hidden="True">
|
|
|
|
<value>636</value>
|
|
|
|
</variable>
|
|
|
|
</family>
|
|
|
|
<family name="client" description="Client">
|
|
|
|
<variable name='ldapclient_family' type='unix_user' description="Nom de la famille LDAP"/>
|
|
|
|
<variable name='ldapclient_user' type='string' description="DN de l'utilisateur LDAP" mandatory='False' hidden="True"/>
|
|
|
|
<variable name='ldapclient_user_password' type='password' description="Mot de passe de l'utilisateur LDAP" mandatory='True' hidden="True"/>
|
|
|
|
<variable name='ldapclient_base_dn' type='string' description="Base DN de l'annuaire des utilisateurs" mandatory="False"/>
|
|
|
|
<variable name="ldap_ca_file" type="filename" description="Fichier de l'autorité de certification LDAP" hidden="True"/>
|
|
|
|
<variable name="ldap_cert_file" type="filename" description="Fichier du certificate LDAP" hidden="True"/>
|
|
|
|
<variable name="ldap_key_file" type="filename" description="Fichier de la clef privée LDAP" hidden="True"/>
|
|
|
|
<variable name="ldap_key_file_owner" type="unix_user" description="Propriétaire du fichier de la clef privée LDAP" hidden="True">
|
|
|
|
<value>root</value>
|
|
|
|
</variable>
|
|
|
|
<variable name="ldap_key_file_group" type="unix_user" description="Groupe du fichier de la clef privée LDAP" hidden="True">
|
|
|
|
<value>root</value>
|
|
|
|
</variable>
|
|
|
|
</family>
|
2022-03-08 19:42:28 +01:00
|
|
|
</family>
|
|
|
|
</variables>
|
|
|
|
<constraints>
|
|
|
|
<check name='valid_base_dn'>
|
2022-05-04 10:29:03 +02:00
|
|
|
<target>ldapclient_base_dn</target>
|
2022-06-24 19:00:16 +02:00
|
|
|
</check>
|
2022-03-08 19:42:28 +01:00
|
|
|
<fill name="calc_value">
|
|
|
|
<param type="variable">tls_ca_directory</param>
|
|
|
|
<param>ca_LDAP.crt</param>
|
|
|
|
<param name="join">/</param>
|
|
|
|
<target>ldap_ca_file</target>
|
|
|
|
</fill>
|
|
|
|
<fill name="calc_value">
|
|
|
|
<param type="variable">tls_cert_directory</param>
|
|
|
|
<param>ldap_client.crt</param>
|
|
|
|
<param name="join">/</param>
|
|
|
|
<target>ldap_cert_file</target>
|
|
|
|
</fill>
|
|
|
|
<fill name="calc_value">
|
|
|
|
<param type="variable">tls_key_directory</param>
|
|
|
|
<param>ldap_client.key</param>
|
|
|
|
<param name="join">/</param>
|
|
|
|
<target>ldap_key_file</target>
|
|
|
|
</fill>
|
2022-06-24 19:00:16 +02:00
|
|
|
<fill name="set_linked_multi_variables">
|
|
|
|
<param type="variable">ldap_server_address</param>
|
|
|
|
<param name="linked_provider_0">clients</param>
|
|
|
|
<param name="linked_value_0" type="variable">domain_name_eth0</param>
|
|
|
|
<param name="linked_provider_1">client_family</param>
|
|
|
|
<param name="linked_value_1" type="variable">ldapclient_family</param>
|
|
|
|
<param name="allow_none_1" type="boolean">True</param>
|
2022-03-08 19:42:28 +01:00
|
|
|
<param name="linked_returns">dn</param>
|
2022-06-24 19:00:16 +02:00
|
|
|
<target>ldapclient_user</target>
|
2022-03-08 19:42:28 +01:00
|
|
|
</fill>
|
2022-06-24 19:00:16 +02:00
|
|
|
<fill name="get_password">
|
|
|
|
<param name="server_name" type="variable">ldap_server_address</param>
|
|
|
|
<param name="username" type="variable">ldapclient_user</param>
|
|
|
|
<param name="description">remote account</param>
|
|
|
|
<param name="type">cleartext</param>
|
|
|
|
<param name="hide" type="variable">hide_secret</param>
|
|
|
|
<param name="temporary" type="boolean">True</param>
|
|
|
|
<target>ldapclient_user_password</target>
|
2022-03-08 19:42:28 +01:00
|
|
|
</fill>
|
2022-06-24 19:00:16 +02:00
|
|
|
<fill name="set_linked_multi_variables">
|
|
|
|
<param type="variable">ldap_server_address</param>
|
|
|
|
<param name="linked_provider_0">client_password</param>
|
|
|
|
<param name="linked_value_0" type="variable">ldapclient_user_password</param>
|
|
|
|
<param name="linked_returns">base_dn</param>
|
2022-05-04 10:29:03 +02:00
|
|
|
<param name="dynamic" type="variable">domain_name_eth0</param>
|
2022-06-24 19:00:16 +02:00
|
|
|
<target>ldapclient_base_dn</target>
|
|
|
|
</fill>
|
2022-03-08 19:42:28 +01:00
|
|
|
</constraints>
|
|
|
|
</rougail>
|