---
  - name: verify if openldap is installed
    stat:
      path: /usr/sbin/slapd
    register: slapd_installed

  - name: install openldap
    yum:
      enablerepo: plus 
      name:
        - openldap-servers
        - openldap-clients
      state: installed

#  - name: copy DB_CONFIG
#    shell: "{{ item }}"
#    with_items:
#      - "cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG"
#      - "chown ldap:ldap /var/lib/ldap/DB_CONFIG"
#    changed_when: false
  
  - name: start and enable the openldap service
    systemd_service:
      state: started
      name: slapd
      enabled: true

  - name: create manager passwd
    shell: slappasswd -s {{ plain_ldapmanager_passwd }}
    register: ldapmanager_passwd

  - name: copy chrootpw.ldif files
    template:
      src: ldap/chdomain.ldif.j2
      dest: /root/chdomain.ldif

  - name: create admin cyrus passwd
    shell: "slappasswd -v -s {{ plain_admincyrus_passwd }}"
    register: admincyrus_passwd

  - name: create mail admin passwd
    shell: "slappasswd -v -s {{ plain_mailadmin_passwd }}"
    register: mailadmin_passwd

  - name: create ldap admin passwd
    shell: "slappasswd -v -s {{ plain_ldapadmin_passwd }}"
    register: ldapadmin_passwd

  - name: create ldap access passwd
    shell: "slappasswd -v -s {{ plain_ldapaccess_passwd }}"
    register: ldapaccess_passwd

  - name: create ldap access passwd
    shell: "slappasswd -v -s {{ plain_ldap_passwd }}"
    register: ldap_passwd

  - name: copy users.ldif files
    template:
      src: ldap/users.ldif.j2
      dest: /root/users.ldif

  - name: copy ldif files
    copy:
      src: "ldap/{{ item }}"
      dest: "/root/{{ item }}"
    with_items:
      - base.ldif
 
#  
  - name: import schema, config, base and users
    shell: "{{ item }}"
    with_items:
      - "ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif"
      - "ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif"
      - "ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif"
      - "ldapmodify -Y EXTERNAL -H ldapi:/// -f /root/chdomain.ldif" 
      - "ldapadd -x -D cn=Manager,dc=stage-ge,dc=org -w {{ plain_ldapmanager_passwd }} -f /root/base.ldif"
      - "ldapadd -x -D cn=Manager,dc=stage-ge,dc=org -w {{ plain_ldapmanager_passwd }} -f /root/users.ldif"
    when: not slapd_installed.stat.exists
    notify: restart_slapd
#