From b0c0e8c4bb2e533a00611276bc36344ba76052f4 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Mon, 28 Nov 2016 11:13:22 +0000
Subject: [PATCH] DM password not needed

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 inventory/group_vars/ipa        | 2 +-
 inventory/group_vars/ipa-stg    | 2 +-
 roles/ipa/server/tasks/main.yml | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/inventory/group_vars/ipa b/inventory/group_vars/ipa
index 7c21b2d4bc..d7bb466605 100644
--- a/inventory/group_vars/ipa
+++ b/inventory/group_vars/ipa
@@ -15,4 +15,4 @@ fas_client_groups: sysadmin-main,sysadmin-accounts
 nrpe_procs_warn: 300
 nrpe_procs_crit: 500
 
-ipa_dm_password: "{{ ipa_prod_dm_password }}"
+ipa_ldap_socket: ldapi://%2fvar%2frun%2fslapd-FEDORAPROJECT-ORG.socket
diff --git a/inventory/group_vars/ipa-stg b/inventory/group_vars/ipa-stg
index 6a42d8c73e..44111aeff1 100644
--- a/inventory/group_vars/ipa-stg
+++ b/inventory/group_vars/ipa-stg
@@ -11,4 +11,4 @@ fas_client_groups: sysadmin-main,sysadmin-accounts
 nrpe_procs_warn: 300
 nrpe_procs_crit: 500
 
-ipa_dm_password: "{{ ipa_stg_dm_password }}"
+ipa_ldap_socket: ldapi://%2fvar%2frun%2fslapd-STG-FEDORAPROJECT-ORG.socket
diff --git a/roles/ipa/server/tasks/main.yml b/roles/ipa/server/tasks/main.yml
index 5740dde9c7..87cdaf05fa 100644
--- a/roles/ipa/server/tasks/main.yml
+++ b/roles/ipa/server/tasks/main.yml
@@ -200,7 +200,7 @@
   - config
 
 - name: Apply LDIF files
-  command: ldapmodify -Y EXTERNAL -H ldapi://%2fvar%2frun%2fslapd-FEDORAPROJECT-ORG.socket
+  command: ldapmodify -Y EXTERNAL -H {{ ipa_ldap_socket }}
            -f /root/ldif/{{item}}.ldif
   with_items:
   - grant_fas_sync
@@ -214,7 +214,7 @@
 
 # This is a special one, in that it needs to apply on each master since it's non-replicated.
 - name: Grant access to replication status
-  command: ldapmodify -Y EXTERNAL -H ldapi://%2fvar%2frun%2fslapd-FEDORAPROJECT-ORG.socket
+  command: ldapmodify -Y EXTERNAL -H {{ ipa_ldap_socket }}
            -f /root/ldif/grant_anonymous_replication_view.ldif
   tags:
   - ipa/server