From 1c9da5f58212a7fc988c42ea5660d0d40e688866 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sun, 29 Jan 2023 01:58:37 +0000
Subject: [PATCH] ldap_server: Fix SASL authentication

---
 roles/ldap_server/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/ldap_server/tasks/main.yml b/roles/ldap_server/tasks/main.yml
index 6724f25..6f52a25 100644
--- a/roles/ldap_server/tasks/main.yml
+++ b/roles/ldap_server/tasks/main.yml
@@ -118,6 +118,16 @@
     - password
     - secmod.db
 
+- name: Configure SASL
+  ansible.builtin.copy:
+    dest: /etc/sasl2/slapd.conf
+    content: |
+      pwcheck_method: saslauthd
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: Restart slapd
+
 - name: Copy server certificates
   ansible.builtin.copy:
     dest: "{{ tls_certs }}/{{ ldap_server_cert }}.crt"