summaryrefslogtreecommitdiff
path: root/source4/setup
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2007-05-29 12:18:41 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:53:02 -0500
commit86a4886e393189b7679ec6220d4d59bb6ef1b50e (patch)
treeb4adcdc877e7d0d08127925bb7a18c972d06e1c9 /source4/setup
parentfbe7d8cbc5df572024098bfae2ad2666cd4bcc47 (diff)
downloadsamba-86a4886e393189b7679ec6220d4d59bb6ef1b50e.tar.gz
samba-86a4886e393189b7679ec6220d4d59bb6ef1b50e.tar.bz2
samba-86a4886e393189b7679ec6220d4d59bb6ef1b50e.zip
r23189: Work towards a totally scripted setup of LDAP backends, so others can
easily try this out. I also intend to use this for the selftest, but I'm chasing issues with the OpenlDAP (but not Fedora DS) backend. Andrew Bartlett (This used to be commit 0f457b1d2e20c36ab220b4a6711ce7930c4c7d21)
Diffstat (limited to 'source4/setup')
-rw-r--r--source4/setup/fedorads-partitions.ldif4
-rw-r--r--source4/setup/fedorads.inf1
-rwxr-xr-xsource4/setup/provision1
-rwxr-xr-xsource4/setup/provision-backend38
-rw-r--r--source4/setup/slapd.conf12
5 files changed, 43 insertions, 13 deletions
diff --git a/source4/setup/fedorads-partitions.ldif b/source4/setup/fedorads-partitions.ldif
index 7533b1583a..12855f9c70 100644
--- a/source4/setup/fedorads-partitions.ldif
+++ b/source4/setup/fedorads-partitions.ldif
@@ -1,4 +1,4 @@
-dn: cn=\"${CONFIGDN}\",cn=mapping tree,cn=config
+dn: cn="${CONFIGDN}",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
@@ -12,7 +12,7 @@ objectclass: nsBackendInstance
nsslapd-suffix: ${CONFIGDN}
cn: configData
-dn: cn=\"${SCHEMADN}\",cn=mapping tree,cn=config
+dn: cn="${SCHEMADN}",cn=mapping tree,cn=config
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree
diff --git a/source4/setup/fedorads.inf b/source4/setup/fedorads.inf
index a5d282d392..785e65ce56 100644
--- a/source4/setup/fedorads.inf
+++ b/source4/setup/fedorads.inf
@@ -9,6 +9,7 @@ Suffix= ${DOMAINDN}
RootDN= cn=Manager,${DOMAINDN}
RootDNPwd= ${LDAPMANAGERPASS}
ServerIdentifier= samba4
+${SERVERPORT}
inst_dir= ${LDAPDIR}/slapd-samba4
config_dir= ${LDAPDIR}/slapd-samba4
diff --git a/source4/setup/provision b/source4/setup/provision
index 2a3ddecd3e..3c5d31dc0f 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -150,6 +150,7 @@ message("Provisioning for %s in realm %s\n", subobj.DOMAIN, subobj.REALM);
message("Using administrator password: %s\n", subobj.ADMINPASS);
if (ldapbase) {
provision_ldapbase(subobj, message, paths);
+ message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n");
} else if (partitions_only) {
provision_become_dc(subobj, message, false, paths, system_session);
} else {
diff --git a/source4/setup/provision-backend b/source4/setup/provision-backend
index 6a5ec3e892..9c1649ac3e 100755
--- a/source4/setup/provision-backend
+++ b/source4/setup/provision-backend
@@ -16,7 +16,8 @@ options = GetOptions(ARGV,
'ldap-manager-pass=s',
'root=s',
'quiet',
- 'ldap-backend-type=s');
+ 'ldap-backend-type=s',
+ 'ldap-backend-port=i');
if (options == undefined) {
println("Failed to parse options");
@@ -52,8 +53,8 @@ provision [options]
--ldap-manager-pass PASSWORD choose LDAP Manager password (otherwise random)
--root USERNAME choose 'root' unix username
--quiet Be quiet
- --ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
- --ldap-module= MODULE LDB mapping module to use for the LDAP backend
+ --ldap-backend-type LDAPSERVER Select either \"openldap\" or \"fedora-ds\" as a target to configure
+ --ldap-backend-port PORT Select the TCP port (if any) that the LDAP backend should listen on (Fedora DS only)
You must provide at least a realm and ldap-backend-type
");
@@ -84,13 +85,12 @@ for (r in options) {
subobj[key] = options[r];
}
-var ldapbackend = (options["ldap-backend-type"] != undefined);
+
var paths = provision_default_paths(subobj);
provision_fix_subobj(subobj, message, paths);
message("Provisioning LDAP backend for %s in realm %s into %s\n", subobj.HOSTNAME, subobj.REALM, subobj.LDAPDIR);
message("Using LDAP Manager password: %s\n", subobj.LDAPMANAGERPASS);
-
var tmp_schema_ldb = subobj.LDAPDIR + "/schema-tmp.ldb";
sys.mkdir(subobj.LDAPDIR, 0700);
@@ -101,12 +101,40 @@ var ext;
if (options["ldap-backend-type"] == "fedora-ds") {
mapping = "schema-map-fedora-ds-1.0";
ext = "ldif";
+ if (options["ldap-backend-port"] != undefined) {
+ message("Will listen on TCP port " + options["ldap-backend-port"] + "\n");
+ subobj.SERVERPORT="ServerPort = " + options["ldap-backend-port"];
+ } else {
+ message("Will listen on LDAPI only\n");
+ subobj.SERVERPORT="";
+ }
setup_file("fedorads.inf", message, subobj.LDAPDIR + "/fedorads.inf", subobj);
setup_file("fedorads-partitions.ldif", message, subobj.LDAPDIR + "/fedorads-partitions.ldif", subobj);
} else if (options["ldap-backend-type"] == "openldap") {
+ provision_ldapbase(subobj, message, paths);
mapping = "schema-map-openldap-2.3";
ext = "schema";
setup_file("slapd.conf", message, subobj.LDAPDIR + "/slapd.conf", subobj);
+ setup_file("modules.conf", message, subobj.LDAPDIR + "/modules.conf", subobj);
+ sys.mkdir(subobj.LDAPDIR + "/db", 0700);
+ subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/user";
+ sys.mkdir(subobj.LDAPDBDIR, 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+ setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+ subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/config";
+ sys.mkdir(subobj.LDAPDBDIR, 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+ setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+ subobj.LDAPDBDIR = subobj.LDAPDIR + "/db/schema";
+ sys.mkdir(subobj.LDAPDBDIR, 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/tmp", 0700);
+ sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
+ setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
+ if (options["ldap-backend-port"] != undefined) {
+ message("NOTE: OpenLDAP TCP ports are controlled on the command line, not in the generated config file\n");
+ }
}
message("ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext + "\n");
diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf
index a6fe73a4de..770c688f35 100644
--- a/source4/setup/slapd.conf
+++ b/source4/setup/slapd.conf
@@ -17,13 +17,13 @@ authz-regexp
uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
ldap:///${DOMAINDN}??sub?(samAccountName=\$1)
-include $modconf
+include ${LDAPDIR}/modules.conf
-defaultsearchbase \"${DOMAINDN}\"
+defaultsearchbase ${DOMAINDN}
backend bdb
database bdb
-suffix \"cn=Schema,cn=Configuration,${DOMAINDN}\"
+suffix ${SCHEMADN}
directory ${LDAPDIR}/db/schema
index objectClass eq
index samAccountName eq
@@ -33,7 +33,7 @@ index lDAPDisplayName eq
index subClassOf eq
database bdb
-suffix \"cn=Configuration,${DOMAINDN}\"
+suffix ${CONFIGDN}
directory ${LDAPDIR}/db/config
index objectClass eq
index samAccountName eq
@@ -46,8 +46,8 @@ index dnsRoot eq
index nETBIOSName eq pres
database bdb
-suffix \"${DOMAINDN}\"
-rootdn \"cn=Manager,${DOMAINDN}\"
+suffix ${DOMAINDN}
+rootdn cn=Manager,${DOMAINDN}
rootpw ${LDAPMANAGERPASS}
directory ${LDAPDIR}/db/user
index objectClass eq