From 716391f10679e82835f42490e1d8a69af2acad82 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 10 Nov 2007 05:31:26 +0100
Subject: r25921: Now also listen on ldapi by default in the LDAP server

Create a phpLDAPadmin configuration file example to use ldapi to talk
to Samba4

Andrew Bartlett
(This used to be commit 54f4c8ba6127757fd272bd97e301188eb69977ed)
---
 source4/ldap_server/ldap_server.c     | 14 ++++++++++++++
 source4/scripting/libjs/provision.js  | 11 +++++++++++
 source4/setup/phpldapadmin-config.php | 28 ++++++++++++++++++++++++++++
 3 files changed, 53 insertions(+)
 create mode 100644 source4/setup/phpldapadmin-config.php

(limited to 'source4')

diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index a74d002e9b..c165eb698a 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -509,6 +509,7 @@ static NTSTATUS add_socket(struct event_context *event_context,
 */
 static void ldapsrv_task_init(struct task_server *task)
 {	
+	char *ldapi_path;
 	struct ldapsrv_service *ldap_service;
 	NTSTATUS status;
 	const struct model_ops *model_ops;
@@ -556,6 +557,19 @@ static void ldapsrv_task_init(struct task_server *task)
 		if (!NT_STATUS_IS_OK(status)) goto failed;
 	}
 
+	ldapi_path = private_path(ldap_service, global_loadparm, "ldapi");
+	if (!ldapi_path) {
+		goto failed;
+	}
+
+	status = stream_setup_socket(task->event_ctx, model_ops, &ldap_stream_ops, 
+				     "unix", ldapi_path, NULL, ldap_service);
+	talloc_free(ldapi_path);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0,("ldapsrv failed to bind to %s - %s\n",
+			 ldapi_path, nt_errstr(status)));
+	}
+
 	return;
 
 failed:
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index 5ca7be99e5..f12c4406ff 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -162,6 +162,7 @@ function ldb_erase(info, ldb)
 	/* delete the specials */
 	ldb.del("@INDEXLIST");
 	ldb.del("@ATTRIBUTES");
+	ldb.del("@OPTIONS");
 	ldb.del("@MODULES");
 	ldb.del("@PARTITION");
 	ldb.del("@KLUDGEACL");
@@ -393,6 +394,9 @@ function provision_default_paths(subobj)
 	paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + dnsdomain + "-config.ldif";
 	paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + dnsdomain + "-schema.ldif";
 
+	paths.s4_ldapi_socket = lp.get("private dir") + "/ldapi";
+	paths.phpldapadminconfig = lp.get("private dir") + "/phpldapadmin-config.php";
+
 	paths.sysvol = lp.get("sysvol", "path");
 
 	if (paths.sysvol == undefined) {
@@ -489,6 +493,9 @@ function provision_fix_subobj(subobj, paths)
 	var ldap_path_list = split("/", paths.ldapdir);
 	subobj.LDAPI_URI = "ldapi://" + join("%2F", ldap_path_list) + "%2Fldapi";
 
+	var s4ldap_path_list = split("/", paths.s4_ldapi_socket);
+	subobj.S4_LDAPI_URI = "ldapi://" + join("%2F", s4ldap_path_list);
+
 	subobj.LDAPMANAGERDN = "cn=Manager," + subobj.DOMAINDN;
 
 	subobj.NETLOGONPATH = paths.netlogon;
@@ -794,6 +801,10 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
 		assert(commit_ok);
 	}
 
+	message("Setting up phpLDAPadmin configuration\n");
+	setup_file("phpldapadmin-config.php", info.message, paths.phpldapadminconfig, subobj);
+	message("Please install the phpLDAPadmin configuration located at " + paths.phpldapadminconfig + " into /etc/phpldapadmin/config.php\n");
+
 	return true;
 }
 
diff --git a/source4/setup/phpldapadmin-config.php b/source4/setup/phpldapadmin-config.php
new file mode 100644
index 0000000000..5a4c2d7a6b
--- /dev/null
+++ b/source4/setup/phpldapadmin-config.php
@@ -0,0 +1,28 @@
+<?php
+/**
+ * The phpLDAPadmin config file, customised for use with Samba4
+ * This overrides phpLDAPadmin defaults
+ * that are defined in config_default.php.
+ *
+ * DONT change config_default.php, you changes will be lost by the next release
+ * of PLA. Instead change this file - as it will NOT be replaced by a new
+ * version of phpLDAPadmin.
+ */
+
+/*********************************************/
+/* Useful important configuration overrides  */
+/*********************************************/
+
+/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
+   to a big random string. */
+
+$i=0;
+$ldapservers = new LDAPServers;
+
+/* A convenient name that will appear in the tree viewer and throughout
+   phpLDAPadmin to identify this LDAP server to users. */
+$ldapservers->SetValue($i,'server','name','Samba4 LDAP Server');
+$ldapservers->SetValue($i,'server','host','${S4_LDAPI_URI}');
+$ldapservers->SetValue($i,'server','auth_type','session');
+$ldapservers->SetValue($i,'login','attr','dn');
+?>
-- 
cgit