sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-23 20:59:10 +03:00
Code Activity

Use DIGEST-MD5 authentication for OpenLDAP replication

Browse Source 
This avoids passing rootdn passwords or replicated data in cleartext
across the network.

Signed-of-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit 67373c143a)
This commit is contained in:
Oliver Liebel
2008-09-08 14:39:54 +10:00
committed by Andrew Bartlett
parent a33eaf564f
commit b76f383eef
4 changed files with 31 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
source4/scripting/python/samba/provision.py
View File

@ -1266,6 +1266,7 @@ def provision_backend(setup_dir=None, message=None,
# generate serverids, ldap-urls and syncrepl-blocks for mmr hosts
mmr_on_config = ""
mmr_replicator_acl = ""
mmr_serverids_config = ""
mmr_syncrepl_schema_config = ""
mmr_syncrepl_config_config = ""
@ -1278,6 +1279,7 @@ def provision_backend(setup_dir=None, message=None,
mmr_on_config = "MirrorMode On"
mmr_replicator_acl = " by dn=cn=replicator,cn=samba read"
serverid=0
for url in url_list:
serverid=serverid+1
@ -1315,6 +1317,7 @@ def provision_backend(setup_dir=None, message=None,
"SCHEMADN": names.schemadn,
"MEMBEROF_CONFIG": memberof_config,
"MIRRORMODE": mmr_on_config,
"REPLICATOR_ACL": mmr_replicator_acl,
"MMR_SERVERIDS_CONFIG": mmr_serverids_config,
"MMR_SYNCREPL_SCHEMA_CONFIG": mmr_syncrepl_schema_config,
"MMR_SYNCREPL_CONFIG_CONFIG": mmr_syncrepl_config_config,
@ -1340,6 +1343,15 @@ def provision_backend(setup_dir=None, message=None,
{"LDAPADMINPASS_B64": b64encode(adminpass),
"UUID": str(uuid.uuid4()),
"LDAPTIME": timestring(int(time.time()))} )
if ol_mmr_urls is not None:
setup_file(setup_path("cn=replicator.ldif"),
os.path.join(paths.ldapdir, "db", "samba", "cn=samba", "cn=replicator.ldif"),
{"LDAPADMINPASS_B64": b64encode(adminpass),
"UUID": str(uuid.uuid4()),
"LDAPTIME": timestring(int(time.time()))} )
mapping = "schema-map-openldap-2.3"
backend_schema = "backend-schema.schema"