migrate users

tasks/add_kolab_user.yml

@@ -1,5 +1,15 @@
 ---
 # TODO: Users probably also need to be crated via plain LDAP ldapsearch -x -LLL -h ip -D "cn=Directory Manager" -w "{{ ldap_admin_password }}" -s sub '(alias={{ user.name ~ '@' ~ mailserver_domain }})'
+- name: Find the user by uid
+  community.general.ldap_search:
+    dn: "uid={{ user.name }}"
+    server_uri: ldap://127.0.0.1/
+    bind_dn: "cn=Directory Manager"
+    bind_pw: "{{ ldap_admin_password }}"
+  register: kolab_user_entry
+- name: Display user entry
+  ansible.builtin.debug:
+    var: kolab_user_entry
 - name: Find the user by e-mail alias
   community.general.ldap_search:
     dn: "alias={{ user.name ~ '@' ~ mailserver_domain }}"

tasks/ldap.yml

@@ -1,5 +1,4 @@
 ---
-# TODO: follow https://wiki.archlinux.org/title/LDAP_authentication and apply allowpwchange.ldif
 - name: Configure sssd
   community.general.ini_file:
     path: /etc/sssd/sssd.conf
@@ -133,3 +132,10 @@
     state: present
     backup: yes
   notify: Restart sssd
+- name: Migrate OS data to LDAP
+  ansible.builtin.command: /usr/share/migrationtools/migrate_all_online.sh
+  environment:
+    LDAP_BASEDN: "dc={{ mailserver_domain | split('.') | join(',dc=') }}"
+    LDAPHOST: "{{ mailserver_domain }}"
+    LDAP_BINDDN: "cn=Directory Manager"
+    LDAP_BINDCRED: "{{ ldap_admin_password }}"