Re-add support for the --ldap-backend-port option to provision-backend

This option allows Fedora DS multi-master replication to work.  I've
tried to update the wiki and scripts to the largely consistant with
each other.

Andrew Bartlett
(This used to be commit 42393c830733b2cc99ebccdafe944fcf3d82734f)

source4/scripting/python/samba/provision.py

@@ -288,7 +288,7 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None, serverrole=
 
     if lp.get("realm").upper() != realm:
         raise Exception("realm '%s' in %s must match chosen realm '%s'" %
-                        (lp.get("realm"), smbconf, realm))
+                        (lp.get("realm"), lp.configfile(), realm))
     
     dnsdomain = dnsdomain.lower()
 
@@ -1045,8 +1045,8 @@ def provision(setup_dir, message, session_info,
 
     message("Please install the phpLDAPadmin configuration located at %s into /etc/phpldapadmin/config.php" % paths.phpldapadminconfig)
 
-    message("Once the above files are installed, your server will be ready to use")
-    message("Server Type:    %s" % serverrole)
+    message("Once the above files are installed, your Samba4 server will be ready to use")
+    message("Server Role:    %s" % serverrole)
     message("Hostname:       %s" % names.hostname)
     message("NetBIOS Domain: %s" % names.domain)
     message("DNS Domain:     %s" % names.dnsdomain)
@@ -1096,7 +1096,7 @@ def provision_backend(setup_dir=None, message=None,
                       smbconf=None, targetdir=None, realm=None, 
                       rootdn=None, domaindn=None, schemadn=None, configdn=None,
                       domain=None, hostname=None, adminpass=None, root=None, serverrole=None, 
-                      ldap_backend_type=None):
+                      ldap_backend_type=None, ldap_backend_port=None):
 
     def setup_path(file):
         return os.path.join(setup_dir, file)
@@ -1144,7 +1144,12 @@ def provision_backend(setup_dir=None, message=None,
                    {"SCHEMADN": names.schemadn})
 
     if ldap_backend_type == "fedora-ds":
-        setup_file(setup_path("fedora-ds.inf"), paths.fedoradsinf, 
+        if ldap_backend_port is not None:
+            serverport = "ServerPort=%d" % ldap_backend_port
+        else:
+            serverport = ""
+
+        setup_file(setup_path("fedorads.inf"), paths.fedoradsinf, 
                    {"ROOT": root,
                     "HOSTNAME": hostname,
                     "DNSDOMAIN": names.dnsdomain,
@@ -1152,19 +1157,18 @@ def provision_backend(setup_dir=None, message=None,
                     "DOMAINDN": names.domaindn,
                     "LDAPMANAGERDN": names.ldapmanagerdn,
                     "LDAPMANAGERPASS": adminpass, 
-                    "SERVERPORT": ""})
+                    "SERVERPORT": serverport})
         
-        setup_file(setup_path("fedora-partitions.ldif"), paths.fedoradspartitions, 
+        setup_file(setup_path("fedorads-partitions.ldif"), paths.fedoradspartitions, 
                    {"CONFIGDN": names.configdn,
                     "SCHEMADN": names.schemadn,
                     })
         
-        setup_file(setup_path("fedora-partitions.ldif"), paths.fedoradspartitions, 
-                   {"CONFIGDN": names.configdn,
-                    "SCHEMADN": names.schemadn,
-                    })
         mapping = "schema-map-fedora-ds-1.0"
         backend_schema = "99_ad.ldif"
+        
+        slapdcommand="Initailise Fedora DS with: setup-ds.pl --file=%s" % paths.fedoradsinf
+       
     elif ldap_backend_type == "openldap":
         attrs = ["linkID", "lDAPDisplayName"]
 	res = schemadb.search(expression="(&(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1)))(objectclass=attributeSchema))", base=names.schemadn, scope=SCOPE_SUBTREE, attrs=attrs);
@@ -1215,14 +1219,26 @@ refint_attributes""" + refint_attributes + "\n";
         
 
         ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.private_dir, "ldap", "ldapi"), safe="")
-        message("Start slapd with: slapd -f " + paths.ldapdir + "/slapd.conf -h " + ldapi_uri)
-                
+        if ldap_backend_port is not None:
+            server_port_string = " -h ldap://0.0.0.0:%d" % ldap_backend_port
+        else:
+            server_port_string = ""
+        slapdcommand="Start slapd with:    slapd -f " + paths.ldapdir + "/slapd.conf -h " + ldapi_uri + server_port_string
 
     schema_command = "bin/ad2oLschema --option=convert:target=" + ldap_backend_type + " -I " + setup_path(mapping) + " -H tdb://" + schemadb_path + " -O " + os.path.join(paths.ldapdir, backend_schema);
 
     os.system(schema_command)
 
 
+    message("Your %s Backend for Samba4 is now configured, and is ready to be started" % ( ldap_backend_type) )
+    message("Server Role:         %s" % serverrole)
+    message("Hostname:            %s" % names.hostname)
+    message("DNS Domain:          %s" % names.dnsdomain)
+    message("Base DN:             %s" % names.domaindn)
+    message("LDAP admin DN:       %s" % names.ldapmanagerdn)
+    message("LDAP admin password: %s" % adminpass)
+    message(slapdcommand)
+
 
 def create_phpldapadmin_config(path, setup_path, ldapi_uri):
     """Create a PHP LDAP admin configuration file.

source4/selftest/target/Samba4.pm

@@ -201,8 +201,6 @@ sub mk_fedora_ds($$$)
 
 	my $pidfile = "$fedora_ds_dir/logs/slapd-samba4.pid";
 
-	system("$self->{bindir}/ad2oLschema $configuration -H $ldapdir/schema-tmp.ldb --option=convert:target=fedora-ds -I $self->{setupdir}/schema-map-fedora-ds-1.0 -O $ldapdir/99_ad.ldif >&2") == 0 or die("schema conversion for Fedora DS failed");
-
 my $dir = getcwd();
 chdir "$ENV{FEDORA_DS_ROOT}/bin" || die;
 	if (system("perl $ENV{FEDORA_DS_ROOT}/sbin/setup-ds.pl --silent --file=$fedora_ds_inf >&2") != 0) {
@@ -222,9 +220,6 @@ sub mk_openldap($$$)
 	my $pidfile = "$ldapdir/slapd.pid";
 	my $modconf = "$ldapdir/modules.conf";
 
-	#This uses the backend provision we just did, to read out the schema
-	system("$self->{bindir}/ad2oLschema $configuration --option=convert:target=openldap -H $ldapdir/schema-tmp.ldb -I $self->{setupdir}/schema-map-openldap-2.3 -O $ldapdir/backend-schema.schema >&2") == 0 or die("schema conversion for OpenLDAP failed");
-
 	my $oldpath = $ENV{PATH};
 	my $olpath = "";
 	my $olroot = "";

source4/setup/provision-backend

@@ -54,6 +54,8 @@ parser.add_option("--quiet", help="Be quiet", action="store_true")
 parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE", 
 		help="LDB mapping module to use for the LDAP backend",
 		choices=["fedora-ds", "openldap"])
+parser.add_option("--ldap-backend-port", type="int", metavar="PORT", 
+		help="TCP Port LDAP server should listen to (default ldapi only)")
 parser.add_option("--server-role", type="choice", metavar="ROLE",
 		  choices=["domain controller", "dc", "member server", "member", "standalone"],
 		help="Set server role to provision for (default standalone)")
@@ -89,10 +91,9 @@ if setup_dir is None:
 	setup_dir = "setup"
 
 provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir,
-          realm=opts.realm, domain=opts.domain,
-          hostname=opts.host_name,
-          adminpass=opts.ldap_manager_pass,
-          root=opts.root, serverrole=server_role, 
-          ldap_backend_type=opts.ldap_backend_type)
-
-message("All OK")
+		  realm=opts.realm, domain=opts.domain,
+		  hostname=opts.host_name,
+		  adminpass=opts.ldap_manager_pass,
+		  root=opts.root, serverrole=server_role, 
+		  ldap_backend_type=opts.ldap_backend_type,
+		  ldap_backend_port=opts.ldap_backend_port)