samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00

78 lines

1.7 KiB

Plaintext

Raw Normal View History

r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00			`loglevel 0`

			`include ${LDAPDIR}/backend-schema.schema`

			`pidfile ${LDAPDIR}/slapd.pid`
			`argsfile ${LDAPDIR}/slapd.args`
			`sasl-realm ${DNSDOMAIN}`
			`access to * by * write`

			`allow update_anon`

			`authz-regexp`
			`uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth`
			`ldap:///${DOMAINDN}??sub?(samAccountName=\$1)`

			`authz-regexp`
			`uid=([^,]),cn=([^,]),cn=digest-md5,cn=auth`
			`ldap:///${DOMAINDN}??sub?(samAccountName=\$1)`

r23189: Work towards a totally scripted setup of LDAP backends, so others can easily try this out. I also intend to use this for the selftest, but I'm chasing issues with the OpenlDAP (but not Fedora DS) backend. Andrew Bartlett (This used to be commit 0f457b1d2e20c36ab220b4a6711ce7930c4c7d21) 2007-05-29 16:18:41 +04:00			`include ${LDAPDIR}/modules.conf`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00
r23189: Work towards a totally scripted setup of LDAP backends, so others can easily try this out. I also intend to use this for the selftest, but I'm chasing issues with the OpenlDAP (but not Fedora DS) backend. Andrew Bartlett (This used to be commit 0f457b1d2e20c36ab220b4a6711ce7930c4c7d21) 2007-05-29 16:18:41 +04:00			`defaultsearchbase ${DOMAINDN}`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00
r26636: Remove useless 'backend' parameter, and make the memberof overlay use global. Andrew Bartlett (This used to be commit 3b6f461e9a1b0fee7a589b8d171f4fcec6340ca4) 2008-01-01 13:01:07 +03:00			`include ${LDAPDIR}/memberof.conf`

r26424: Patch and hits from Howard Chu <hyc@symas.com> for our automated setup of OpenLDAP. This makes it consistant with the Fedora DS setup, and doesn't mix both hdb and bdb. Andrew Bartlett (This used to be commit 1ffada95d269c8f7d054bec7f6eaff8449995d40) 2007-12-13 11:46:41 +03:00			`database hdb`
r23189: Work towards a totally scripted setup of LDAP backends, so others can easily try this out. I also intend to use this for the selftest, but I'm chasing issues with the OpenlDAP (but not Fedora DS) backend. Andrew Bartlett (This used to be commit 0f457b1d2e20c36ab220b4a6711ce7930c4c7d21) 2007-05-29 16:18:41 +04:00			`suffix ${SCHEMADN}`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00			`directory ${LDAPDIR}/db/schema`
			`index objectClass eq`
			`index samAccountName eq`
			`index name eq`
			`index objectCategory eq`
			`index lDAPDisplayName eq`
			`index subClassOf eq`
r26610: Write out a memberof.conf, to run the memberof plugin on all linked attributes, as found in the schema. Index 'cn', as otherwise exact match searches on this attribute always fail (need to figure out what is so special about cn in OpenLDAP). Andrew Bartlett (This used to be commit 5a4a2d10bc5729d4adac4b173b0dc05e2e076c32) 2007-12-27 13:18:54 +03:00			`index cn eq`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00
r25450: Make it easier to test with a particular version of OpenLDAP, by setting OPENLDAP_PATH, move to using hdb as the backend (allows subtree renames), and re-enable the --quiet option. Andrew Bartlett (This used to be commit a186a0fa68cdcfb3abd430534657e5e278a5ebda) 2007-10-02 01:07:07 +04:00			`database hdb`
r23189: Work towards a totally scripted setup of LDAP backends, so others can easily try this out. I also intend to use this for the selftest, but I'm chasing issues with the OpenlDAP (but not Fedora DS) backend. Andrew Bartlett (This used to be commit 0f457b1d2e20c36ab220b4a6711ce7930c4c7d21) 2007-05-29 16:18:41 +04:00			`suffix ${CONFIGDN}`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00			`directory ${LDAPDIR}/db/config`
			`index objectClass eq`
			`index samAccountName eq`
			`index name eq`
			`index objectSid eq`
			`index objectCategory eq`
r26305: Update template files and testsuite to try and work with current openldap, and fully support different LDAP server locations. Andrew Bartlett (This used to be commit a00bb942537f0f638c2a8295770749cb4b5d9ef3) 2007-12-05 06:26:28 +03:00			`index nCName eq`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00			`index subClassOf eq`
			`index dnsRoot eq`
r26305: Update template files and testsuite to try and work with current openldap, and fully support different LDAP server locations. Andrew Bartlett (This used to be commit a00bb942537f0f638c2a8295770749cb4b5d9ef3) 2007-12-05 06:26:28 +03:00			`index nETBIOSName eq`
r26610: Write out a memberof.conf, to run the memberof plugin on all linked attributes, as found in the schema. Index 'cn', as otherwise exact match searches on this attribute always fail (need to figure out what is so special about cn in OpenLDAP). Andrew Bartlett (This used to be commit 5a4a2d10bc5729d4adac4b173b0dc05e2e076c32) 2007-12-27 13:18:54 +03:00			`index cn eq`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00
r25450: Make it easier to test with a particular version of OpenLDAP, by setting OPENLDAP_PATH, move to using hdb as the backend (allows subtree renames), and re-enable the --quiet option. Andrew Bartlett (This used to be commit a186a0fa68cdcfb3abd430534657e5e278a5ebda) 2007-10-02 01:07:07 +04:00			`database hdb`
r23189: Work towards a totally scripted setup of LDAP backends, so others can easily try this out. I also intend to use this for the selftest, but I'm chasing issues with the OpenlDAP (but not Fedora DS) backend. Andrew Bartlett (This used to be commit 0f457b1d2e20c36ab220b4a6711ce7930c4c7d21) 2007-05-29 16:18:41 +04:00			`suffix ${DOMAINDN}`
r23717: We need to remove the _ in LDAP_MANAGERPASS for the --ldap-manager-pass= option to work. Andrew Bartlett (This used to be commit fbcb1ec14125a4ca57922ec75b01af9a99dcd954) 2007-07-05 06:52:58 +04:00			`rootdn ${LDAPMANAGERDN}`
			`rootpw ${LDAPMANAGERPASS}`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00			`directory ${LDAPDIR}/db/user`
			`index objectClass eq`
			`index samAccountName eq`
			`index name eq`
			`index objectSid eq`
			`index objectCategory eq`
			`index member eq`
			`index uidNumber eq`
			`index gidNumber eq`
			`index unixName eq`
			`index privilege eq`
r26305: Update template files and testsuite to try and work with current openldap, and fully support different LDAP server locations. Andrew Bartlett (This used to be commit a00bb942537f0f638c2a8295770749cb4b5d9ef3) 2007-12-05 06:26:28 +03:00			`index nCName eq`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00			`index lDAPDisplayName eq`
			`index subClassOf eq`
			`index dnsRoot eq`
r26305: Update template files and testsuite to try and work with current openldap, and fully support different LDAP server locations. Andrew Bartlett (This used to be commit a00bb942537f0f638c2a8295770749cb4b5d9ef3) 2007-12-05 06:26:28 +03:00			`index nETBIOSName eq`
r26610: Write out a memberof.conf, to run the memberof plugin on all linked attributes, as found in the schema. Index 'cn', as otherwise exact match searches on this attribute always fail (need to figure out what is so special about cn in OpenLDAP). Andrew Bartlett (This used to be commit 5a4a2d10bc5729d4adac4b173b0dc05e2e076c32) 2007-12-27 13:18:54 +03:00			`index cn eq`
r23177: Add in a new provision-backend script. This helps set up the OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec) 2007-05-29 05:20:47 +04:00
			`#syncprov is stable in OpenLDAP 2.3, and available in 2.2.`
			`#We only need this for the contextCSN attribute anyway....`
			`overlay syncprov`
			`syncprov-checkpoint 100 10`
			`syncprov-sessionlog 100`

78 lines 1.7 KiB Plaintext Raw Normal View History Unescape Escape

78 lines

1.7 KiB

Plaintext

Raw Normal View History