summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2008-08-19 14:10:14 +1000
committerAndrew Bartlett <abartlet@samba.org>2008-08-19 14:10:14 +1000
commit7ef21658fbb519859aa7d23a614e1fdbcae95693 (patch)
treed75f21082778eeae37f343b62b62f905274cf3fb
parent805dd85291fa55695ee7ae2b8f6d3c168d9186e8 (diff)
downloadsamba-7ef21658fbb519859aa7d23a614e1fdbcae95693.tar.gz
samba-7ef21658fbb519859aa7d23a614e1fdbcae95693.tar.bz2
samba-7ef21658fbb519859aa7d23a614e1fdbcae95693.zip
Fix up new OpenLDAP MMR code.
This changes the MMR password from hard-coded value of 'linux', adds tests and fixes the Fedora DS backend. Currently the MMR password matches the admin password, but we can change this to be another random value if required. Also require the port to be specified on the command line, so we don't hard-code a port of 9000. Andrew Bartlett (This used to be commit 08257c6d6ce809fcd53f9b2b4d558fef616b74ce)
-rw-r--r--source4/scripting/python/samba/provision.py67
-rw-r--r--source4/setup/mmr_serverids.conf3
-rw-r--r--source4/setup/mmr_syncrepl.conf6
-rw-r--r--source4/setup/slapd.conf6
-rwxr-xr-xsource4/setup/tests/blackbox_provision-backend.sh1
5 files changed, 36 insertions, 47 deletions
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 8abcc2f2e3..f48a49dcfa 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -243,13 +243,13 @@ def provision_paths_from_lp(lp, dnsdomain):
paths.memberofconf = os.path.join(paths.ldapdir,
"memberof.conf")
paths.fedoradsinf = os.path.join(paths.ldapdir,
- "fedorads.inf")
+ "fedorads.inf")
+ paths.fedoradspartitions = os.path.join(paths.ldapdir,
+ "fedorads-partitions.ldif")
paths.olmmrserveridsconf = os.path.join(paths.ldapdir,
- "mmr_serverids.conf")
+ "mmr_serverids.conf")
paths.olmmrsyncreplconf = os.path.join(paths.ldapdir,
- "mmr_syncrepl.conf")
- paths.olmmron = os.path.join(paths.ldapdir,
- "mmr_on.conf")
+ "mmr_syncrepl.conf")
paths.hklm = "hklm.ldb"
paths.hkcr = "hkcr.ldb"
paths.hkcu = "hkcu.ldb"
@@ -1148,10 +1148,7 @@ def provision_backend(setup_dir=None, message=None,
rootdn=None, domaindn=None, schemadn=None, configdn=None,
domain=None, hostname=None, adminpass=None, root=None, serverrole=None,
ldap_backend_type=None, ldap_backend_port=None,
- ol_mmr_urls=None, mmr_serverids_config=None, mmr_on_config=None,
- mmr_syncrepl_schema_config=None,
- mmr_syncrepl_config_config=None,
- mmr_syncrepl_user_config=None ):
+ ol_mmr_urls=None):
def setup_path(file):
return os.path.join(setup_dir, file)
@@ -1266,61 +1263,48 @@ def provision_backend(setup_dir=None, message=None,
refint_config = read_and_sub_file(setup_path("refint.conf"),
{ "LINK_ATTRS" : refint_attributes})
-########################################################
-### generate serverids and ldap-urls for mmr hosts ###
-########################################################
-
- mmr_on_config = " "
- mmr_serverids_config = " "
-
+# generate serverids, ldap-urls and syncrepl-blocks for mmr hosts
+ mmr_on_config = ""
+ mmr_serverids_config = ""
+ mmr_syncrepl_schema_config = ""
+ mmr_syncrepl_config_config = ""
+ mmr_syncrepl_user_config = ""
+
if ol_mmr_urls is not None:
- mmr_hosts=ol_mmr_urls
- mmr_hosts=filter(None,mmr_hosts.split(' '))
+ mmr_hosts=filter(None,ol_mmr_urls.split(' '))
+ if (len(mmr_hosts) == 1):
+ mmr_hosts=filter(None,ol_mmr_urls.split(','))
+
+
+ mmr_on_config = "MirrorMode On"
- mmr_serverids_config = "# Generated from template mmr_serverids.conf\n"
z=0
for i in mmr_hosts:
z=z+1
mmr_serverids_config += read_and_sub_file(setup_path("mmr_serverids.conf"),
{ "SERVERID" : str(z),
"LDAPSERVER" : i })
- mmr_on_config = "MirrorMode On"
-
-########################################################
-### generate syncrepl-blocks for mmr hosts ###
-########################################################
- mmr_syncrepl_schema_config = " "
- mmr_syncrepl_config_config = " "
- mmr_syncrepl_user_config = " "
-
- if ol_mmr_urls is not None:
- mmr_hosts=ol_mmr_urls
- mmr_hosts=filter(None,mmr_hosts.split(' '))
- mmr_syncrepl_schema_config = "# Generated from template mmr_syncrepl.conf\n"
- mmr_syncrepl_config_config = "# Generated from template mmr_syncrepl.conf\n"
- mmr_syncrepl_user_config = "# Generated from template mmr_syncrepl.conf\n"
- z=0
- for i in mmr_hosts:
z=z+1
mmr_syncrepl_schema_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
{ "RID" : str(z),
"MMRDN": names.schemadn,
- "LDAPSERVER" : i })
+ "LDAPSERVER" : i,
+ "MMR_PASSWORD": adminpass})
- for i in mmr_hosts:
z=z+1
mmr_syncrepl_config_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
{ "RID" : str(z),
"MMRDN": names.configdn,
- "LDAPSERVER" : i })
+ "LDAPSERVER" : i,
+ "MMR_PASSWORD": adminpass})
- for i in mmr_hosts:
z=z+1
mmr_syncrepl_user_config += read_and_sub_file(setup_path("mmr_syncrepl.conf"),
{ "RID" : str(z),
"MMRDN": names.domaindn,
- "LDAPSERVER" : i })
+ "LDAPSERVER" : i,
+ "MMR_PASSWORD": adminpass })
setup_file(setup_path("slapd.conf"), paths.slapdconf,
@@ -1335,6 +1319,7 @@ def provision_backend(setup_dir=None, message=None,
"MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
"MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
"MMR_SYNCREPL_USER_CONFIG": mmr_syncrepl_user_config,
+ "MMR_PASSWORD": adminpass,
"REFINT_CONFIG": refint_config})
setup_file(setup_path("modules.conf"), paths.modulesconf,
{"REALM": names.realm})
diff --git a/source4/setup/mmr_serverids.conf b/source4/setup/mmr_serverids.conf
index 863508d0d6..c6d14010b4 100644
--- a/source4/setup/mmr_serverids.conf
+++ b/source4/setup/mmr_serverids.conf
@@ -1 +1,2 @@
-ServerID ${SERVERID} "${LDAPSERVER}:9000"
+# Generated from template mmr_serverids.conf
+ServerID ${SERVERID} "${LDAPSERVER}"
diff --git a/source4/setup/mmr_syncrepl.conf b/source4/setup/mmr_syncrepl.conf
index 857f044ccd..5fa8b8f8a0 100644
--- a/source4/setup/mmr_syncrepl.conf
+++ b/source4/setup/mmr_syncrepl.conf
@@ -1,10 +1,12 @@
+# Generated from template mmr_syncrepl.conf
+
syncrepl rid=${RID}
- provider="${LDAPSERVER}:9000"
+ provider="${LDAPSERVER}"
searchbase="${MMRDN}"
type=refreshAndPersist
retry="10 +"
bindmethod=simple
binddn="CN=Manager,${MMRDN}"
- credentials="linux"
+ credentials="${MMR_PASSWORD}"
diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf
index be68ec2588..141c0cd27a 100644
--- a/source4/setup/slapd.conf
+++ b/source4/setup/slapd.conf
@@ -62,7 +62,7 @@ rootdn cn=Manager,cn=Samba
database hdb
suffix ${SCHEMADN}
rootdn cn=Manager,${SCHEMADN}
-rootpw linux
+rootpw "${MMR_PASSWORD}"
directory ${LDAPDIR}/db/schema
index objectClass eq
index samAccountName eq
@@ -89,7 +89,7 @@ ${MIRRORMODE}
database hdb
suffix ${CONFIGDN}
rootdn cn=Manager,${CONFIGDN}
-rootpw linux
+rootpw "${MMR_PASSWORD}"
directory ${LDAPDIR}/db/config
index objectClass eq
index samAccountName eq
@@ -118,7 +118,7 @@ ${MIRRORMODE}
database hdb
suffix ${DOMAINDN}
rootdn cn=Manager,${DOMAINDN}
-rootpw linux
+rootpw "${MMR_PASSWORD}"
directory ${LDAPDIR}/db/user
index objectClass eq
index samAccountName eq
diff --git a/source4/setup/tests/blackbox_provision-backend.sh b/source4/setup/tests/blackbox_provision-backend.sh
index 312ca5c70e..04f22dbf1d 100755
--- a/source4/setup/tests/blackbox_provision-backend.sh
+++ b/source4/setup/tests/blackbox_provision-backend.sh
@@ -13,6 +13,7 @@ shift 1
. `dirname $0`/../../../testprogs/blackbox/subunit.sh
testit "openldap-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend
+testit "openldap-mmr-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls='ldap://localdc1:9000,ldap://localdc2:9000,ldap://localdc3:9000'
testit "fedora-ds-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=fedora-ds --targetdir=$PREFIX/fedora-ds-backend
reprovision() {