---
# Install LDAP client packages
- name: Install LDAP client packages
  apt:
    update_cache: true
    name:
      - libnss-ldapd
      - libpam-ldapd
    state: present
  register: apt_result
  retries: 3
  until: apt_result is succeeded

# Configure /etc/nslcd.conf
- name: Configure nslcd
  template:
    src: nslcd.conf.j2
    dest: /etc/nslcd.conf
    mode: 0600
  notify: Restart nslcd service

# Configure /etc/nsswitch.conf
- name: Configure NSS to use LDAP
  lineinfile:
    dest: /etc/nsswitch.conf
    regexp: "^{{ item }}"
    line: "{{ item }}         files systemd ldap"
  loop:
    - "passwd:"
    - "group: "
  notify: Restart nslcd service

- name: Configure NSS to use LDAP
  lineinfile:
    dest: /etc/nsswitch.conf
    regexp: "^{{ item }}"
    line: "{{ item }}       files ldap"
  loop:
    - "shadow:  "
    - "networks:"
  notify: Restart nslcd service

- name: Configure NSS to use LDAP
  lineinfile:
    dest: /etc/nsswitch.conf
    regexp: "^{{ item }}"
    line: "{{ item }}          files ldap dns"
  loop:
    - "hosts:"
  notify: Restart nslcd service