---

- name: install packages
  package:
    name: openldap-clients
    state: installed

- name: configure ldap client
  template:
    dest: /etc/openldap/ldap.conf
    src: ldap.conf.j2
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"

- name: authenticate to ldap with host certs when running as root
  template:
    dest: /root/.ldaprc
    src: ldaprc.j2
    mode: 0600
    owner: root
    group: "{{ ansible_wheel }}"