Comment 2 for bug 1993734

Reviewed: https://review.opendev.org/c/starlingx/stx-puppet/+/862186
Committed: https://opendev.org/starlingx/stx-puppet/commit/f23c001f529113749c9258c585d99cea373c517d
Submitter: "Zuul (22348)"
Branch: master

commit f23c001f529113749c9258c585d99cea373c517d
Author: Andy Ning <email address hidden>
Date: Thu Oct 20 14:38:36 2022 -0400

    Fix ldapsearch require sudo

    Currently ldapsearch with non-root user will query openldap on
    the insecure port (389), ldapsearch with "-H ldaps://<domain>"
    will fail. This is because when non-root user runs ldapsearch,
    it will look for a user specific configuration file (rather
    than the system wide one at /etc/ldap/ldap.conf), and if there
    is no one, it will use internal default.

    This change added a ldap configuration file for sysadmin.

    Test Plan:
    PASS: system deployment
    PASS: On AIO-SX system, query openldap users as sysadmin by
          ldapsearch -xH ldaps://controller -b "ou=People,
          dc=cgcs,dc=local"
          Verify the query complete successfully.
    PASS: On AIO-SX system, query openldap users as sysadmin by
          ldapsearch -x -b "ou=People,dc=cgcs,dc=local -d 1"
          Verify the query is on secure port (636) and complete
          successfully.
    PASS: On DC subcloud, query openldap users as sysadmin by
          ldapsearch -xH ldaps://<system controller mgmt IP>
          -b "ou=People,dc=cgcs,dc=local"
          Verify the query complete successfully.
    PASS: On DC subcloud, query openldap users as sysadmin by
          ldapsearch -x -b "ou=People,dc=cgcs,dc=local -d 1"
          Verify the query is on secure port (636) and complete
          successfully.

    Closes-Bug: 1993734
    Signed-off-by: Andy Ning <email address hidden>
    Change-Id: I25e49235cfc743fc2938f973cf0cc4b3859a4d49