Mario Rossi wrote:
Thank you for the information. We use both Puppet and Ansible to
servers. Let me add more details:
1. An admin will build 10 new servers via cobbler and use puppet to deploy
2. The admin will create a ticket to SecurityTeam who manages
openldap to create 10 new ldap entries for the server itself.
Your security team should come up with a good concept how to delegate server
entry creation to the right admins.
There are existing approaches for OpenLDAP to achieve this: