ansible_ldap_inventory
ansible_ldap_inventory copied to clipboard
joshinryz
Error "list index out of range" when listing inventory
Hi, I've set up the ldap inventory plugin as described over a few other issues in this project, but I'm receiving an error when listing the hosts from the inventory.
Current configuration:
My directory structure looks like this:
My ansible.cfg contains:
[defaults]
inventory_plugins=~/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory:./plugins/inventory
My ldap_inventory.yaml contains:
---
plugin: ldap_inventory
domain: "infra-1.####.###"
username: "####\\Administrator"
password: "############"
search_ou: "CN=Linux,CN=Computers,DC=lab,DC=home"
validate_certs: False
scheme: ldap
port: 389
group_membership: True
auth_type: simple
Ansible version:
The problem:
When I run ansible-inventory -i ldap_inventory.yaml --list -vvv I get the following error:
Please note, this is only for listing computers inside of a CN, if they're in an OU it seems to work just fine:
Hey @draxxy9 , I never wrote this to support CNs, as best practice they are meant to be OUs. Let me review and see how hard it would be to support.
Discussed this with others , I'd love some idea of why we should support CNs. Usually this is a bad practice from my experience.
I would love this - at the moment I am trying to cobble together an inventory for 7 AD domains and the OU structure is not the same in each one... I'm therefore essentially hoping to be able to search on "DC=Test,DC=com" and then apply the ldap_filter: "(&(objectCategory=computer)(operatingSystem=*server*))" line in the YAML config.. (This would get me all Windows Servers in the AD domain for example)
I know a DC isn't a CN but maybe its a similar issue? with regards to why implementing CN support is 'bad practice' - the default AD behaviour is to dump all computer objects into CN=computers so whilst I would agree its not an ideal place for them to go it is very likely that computer objects will be present there and as such should be catered for...
