s4:provision Rework and further automate setup of OpenLDAP backend

heres the summary of all changes/extensions:

- Andrew Bartlett's patch to generate indext
- Howard Chu's idea to use nosync on the DB included, but made optional

- slaptest-path is not needed any more (slapd -Ttest is used instead)
and is therefore removed. slapd-path is now recommended when
openldap-backend is chosen.
its also used for olc-conversion

- slapd-detection is now always done by ldapsearch (ldb module),
looking anonymous for objectClass: OpenLDAProotDSE via our ldapi_uri.

- if ldapsearch was not successfull, (no slapd listening on our socket)
slapd is
started via special generated slapdcommand_prov  (ldapi_uri only)

- slapd-"provision-process" startup is done via pythons subprocess.

- the slapd-provision-pid is stored under paths.ldapdir/slapd_provision_pid.

- after provision-backend is finished:
--- slapd.pid is compared with our stored slapd_provision_pid.
if the are unique, slapd.pid will be read out, and the
slapd "provison"-process will be shut down.
--- proper slapd-shutdown is verified again with ldb-search -> ldapi_uri
-> rootDSE.
--- if the pids are different or one of the pid-files is missing, slapd
will not be shut down,
instead an error message is displayed to locate slapd manually
--- extended help-messages (relevant to slapd) are always displayed,
e.g. the commandline with which slapd has to be started when everythings
finished
(slapd-commandline is stored under paths.ldapdir/slapd_command_file.txt))

- upgraded the content of the mini-howto (howto-ol-backend-s4.txt)

1 files changed, 6 insertions, 34 deletions

diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf
index 09dffbbfa3..8f443b936f 100644
--- a/source4/setup/slapd.conf
+++ b/source4/setup/slapd.conf
@@ -74,14 +74,8 @@ database        hdb
 suffix		${SCHEMADN}
 rootdn          cn=Manager,${SCHEMADN}
 directory	${LDAPDIR}/db/schema
-index           objectClass eq
-index           samAccountName eq
-index name eq
-index objectCategory eq
-index lDAPDisplayName eq
-index subClassOf eq
-index cn eq
-index entryUUID,entryCSN eq
+${NOSYNC}
+${INDEX_CONFIG}
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We need this for the contextCSN attribute and mmr.
@@ -100,17 +94,8 @@ database        hdb
 suffix		${CONFIGDN}
 rootdn          cn=Manager,${CONFIGDN}
 directory	${LDAPDIR}/db/config
-index           objectClass eq
-index           samAccountName eq
-index name eq
-index objectSid eq
-index objectCategory eq
-index nCName eq
-index subClassOf eq
-index dnsRoot eq
-index nETBIOSName eq
-index cn eq
-index entryUUID,entryCSN eq
+${NOSYNC}
+${INDEX_CONFIG}
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We need this for the contextCSN attribute and mmr.
@@ -128,21 +113,8 @@ database        hdb
 suffix		${DOMAINDN}
 rootdn          cn=Manager,${DOMAINDN}
 directory	${LDAPDIR}/db/user
-index           objectClass eq
-index           samAccountName eq
-index name eq
-index objectSid eq
-index objectCategory eq
-index member eq
-index uidNumber eq
-index gidNumber eq
-index nCName eq
-index lDAPDisplayName eq
-index subClassOf eq
-index dnsRoot eq
-index nETBIOSName eq
-index cn eq
-index entryUUID,entryCSN eq
+${NOSYNC}
+${INDEX_CONFIG}
 
 #syncprov is stable in OpenLDAP 2.3, and available in 2.2.  
 #We need this for the contextCSN attribute and mmr.