Add ldap_user_search_base and ldap_group_search_base variables

Author: Anton Ustyuzhanin

defaults/main.yml

@@ -6,3 +6,7 @@ sssd_ldap_default_authtok: bind_password
 sssd_ldap_user_ssh_public_key: sshPublicKey
 # If you need to override user's primary group you can use `sssd_ldap_override_gid` variable
 # sssd_ldap_override_gid: 500
+
+# The following variables can be defined:
+# sssd_ldap_user_search_base:
+# sssd_ldap_group_search_base:

templates/sssd.conf.j2

@@ -11,6 +11,12 @@ filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd
 id_provider = ldap
 auth_provider = ldap
 ldap_search_base = {{ sssd_ldap_search_base }}
+{% if sssd_ldap_user_search_base is defined %}
+ldap_user_search_base = {{ sssd_ldap_user_search_base }}
+{% endif %}
+{% if sssd_ldap_group_search_base is defined %}
+ldap_group_search_base = {{ sssd_ldap_group_search_base }}
+{% endif %}
 ldap_tls_reqcert = never
 ldap_uri = {{ sssd_ldap_uri }}
 enumerate = true