---
glob_sssd:
  primary:
    domain: wall-e.adm.crans.org
    enumerate: "true"
    servers:
      - "ldaps://{{ lookup('ldap', 'ip4', 'wall-e', 'adm') }}/"
      - "ldaps://{{ lookup('ldap', 'ip4', 'sam', 'adm') }}/"
      - "ldaps://{{ lookup('ldap', 'ip4', 'daniel', 'adm') }}/"
      - "ldaps://{{ lookup('ldap', 'ip4', 'jack', 'adm') }}/"
    base: "dc=crans,dc=org"
  secondary:
    domain: yson-partou.adm.crans.org
    enumerate: "false"
    servers:
      - "ldaps://{{ lookup('ldap', 'ip4', 'yson-partou', 'adm') }}/"
      - "ldaps://{{ lookup('ldap', 'ip4', 'terenez', 'adm') }}/"
    base: "dc=crans,dc=org"
    bind:
      dn: "{{ vault.sssd.secondary_ldap.binddn }}"
      passwd: "{{ vault.sssd.secondary_ldap.bindpass }}"