Merge branch 'addCentosSupportForLdap' into 'master'

Add centos support for ldap

See merge request !2

defaults/main.yml

 ---
 # defaults file for sti_it.ldap_authentication
-sssd_simple_group_access: sti_cluster_team
+sssd_simple_group_access: sti_cluster_LRSE sti_cluster_team

tasks/main.yml

 ---
 # tasks file for sti_it.ldap_authentication
 - name: install required packages
-  apt: 
+  apt:
     name: "{{ item }}"
     update_cache: yes
     state: present
@@ -14,6 +14,34 @@
     - ldap-utils
   when: ansible_os_family == 'Debian'
 
+- name: install required packages
+  yum:
+    name: "{{ item }}"
+    update_cache: yes
+    state: present
+  loop:
+    - authconfig
+    - sssd
+    - realmd
+    - oddjob
+    - oddjob-mkhomedir
+    - adcli
+    - samba-common
+    - samba-common-tools
+    - openldap-clients
+    - policycoreutils-python
+    - nfs4-acl-tools
+    - nfs-utils
+    - libnfsidmap
+    - libsss_idmap
+    - sssd-winbind-idmap
+    - sudo
+    - openldap
+    - openldap-clients
+    - pam_ldap
+    - nss-pam-ldapd
+  when: ansible_distribution == "CentOS"
+
 - name: make sure that the CA certs path exists
   file:
     path: /etc/openldap/cacerts
@@ -51,6 +79,9 @@
   notify:
     - restart sssd
 
+
+
+
 # - name: ensure that ldap automount is added to nsswitch.conf
 #   lineinfile:
 #     line: 'automount:      ldap'
@@ -59,7 +90,7 @@
 #   notify:
 #     - restart sssd
 
-- name: generate ldap.conf
+- name: generate ldap.conf for Debian
   template:
     src: ldap.conf
     dest: /etc/ldap/ldap.conf
@@ -67,13 +98,30 @@
     group: root
   notify:
     - restart sssd
+  when: ansible_os_family == 'Debian'
+
+- name: generate ldap.conf for Centos
+  template:
+    src: ldap.conf
+    dest: /etc/openldap/ldap.conf
+    owner: root
+    group: root
+  notify:
+    - restart sssd
+  when: ansible_distribution == "CentOS"
 
 # As per documentation at https://docs.google.com/document/d/1sfBkcqaGm4M3U6_uqVWSZ1MxKvnH5FK1U4OXr_HDU-w/edit#heading=h.tdhi5uogtedq
 # and at https://help.ubuntu.com/community/LDAPClientAuthentication#Automatically_create_home_folders
-- name: automate the homedir creation process
+- name: automate the homedir creation process for Debian
   template:
     src: my_mkhomedir
     dest: /usr/share/pam-configs/my_mkhomedir
+  when: ansible_os_family == 'Debian'
+
+
+- name: automate the homedir creation process for CentOS
+  shell: authconfig --enablemkhomedir --update
+  when: ansible_distribution == "CentOS"
 
 - name: activate the creation of the homedir
   lineinfile:
@@ -82,3 +130,7 @@
     insertafter: EOF
   notify:
     - restart sssd
+  when: ansible_os_family == 'Debian'
+- name: join Ldap Centos
+  shell: authconfig --kickstart --enableshadow --enablemd5 --passalgo=sha512 --enableldap --ldapserver=ldap.epfl.ch --ldapbasedn=o=epfl,c=ch --enableldapauth --enableforcelegacy --enableldaptls --disablefingerprint --updateall
+  when: ansible_distribution == "CentOS"