[[servers]]
host = "ldap.foo.sh"
port = 636
use_ssl = true
ssl_skip_verify = false
client_cert = "/etc/ssl/certs/{{ inventory_hostname }}.crt"
client_key = "/etc/ssl/private/{{ inventory_hostname }}.key"
search_filter = "(uid=%s)"
search_base_dns = ["{{ ldap_basedn }}"]
bind_dn = "uid=%s,ou=People,{{ ldap_basedn }}"

group_search_filter = "(&(objectClass=groupOfUniqueNames)(uniqueMember=%s))"
group_search_base_dns = ["ou=Groups,{{ ldap_basedn }}"]
group_search_filter_user_attribute = "dn"

[[servers.group_mappings]]
group_dn = "cn=sysadm,ou=Groups,{{ ldap_basedn }}"
org_role = "Admin"

[servers.attributes]
name = "givenName"
surname = "sn"
username = "uid"
email = "mail"