mirror of
https://github.com/samba-team/samba.git
synced 2025-02-02 09:47:23 +03:00
r23715: Make the provision-backend script print out the exact commands to run,
to set up the LDAP backend. Andrew Bartlett (This used to be commit cc7900210a2e473060d5897ec729923ac6b2f18d)
This commit is contained in:
Andrew Bartlett
Gerald (Jerry) Carter
parent
3a78f7323a
commit
c37cfae81e
@ -448,7 +448,7 @@ function provision_fix_subobj(subobj, paths)
|
||||
subobj.DNSNAME = sprintf("%s.%s",
|
||||
strlower(subobj.HOSTNAME),
|
||||
subobj.DNSDOMAIN);
|
||||
rdn_list = split(".", subobj.DNSDOMAIN);
|
||||
var rdn_list = split(".", subobj.DNSDOMAIN);
|
||||
subobj.DOMAINDN = "DC=" + join(",DC=", rdn_list);
|
||||
subobj.ROOTDN = subobj.DOMAINDN;
|
||||
subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN;
|
||||
@ -461,6 +461,8 @@ function provision_fix_subobj(subobj, paths)
|
||||
subobj.SECRETS_KEYTAB = paths.keytab;
|
||||
|
||||
subobj.LDAPDIR = paths.ldapdir;
|
||||
var ldap_path_list = split("/", paths.ldapdir);
|
||||
subobj.LDAPI_URI = "ldapi://" + join("%2F", ldap_path_list) + "%2Fldapi";
|
||||
|
||||
return true;
|
||||
}
|
||||
@ -583,7 +585,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
|
||||
var modify_ok = setup_ldb_modify("provision_basedn_modify.ldif", info, samdb);
|
||||
if (!modify_ok) {
|
||||
if (!add_ok) {
|
||||
message("Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.DOMAINDN_LDB + ": " + samdb.errstring() + "\n");
|
||||
message("%s", "Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.DOMAINDN_LDB + ": " + samdb.errstring() + "\n");
|
||||
message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
|
||||
};
|
||||
assert(modify_ok);
|
||||
@ -595,7 +597,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
|
||||
var modify_ok = setup_ldb_modify("provision_configuration_basedn_modify.ldif", info, samdb);
|
||||
if (!modify_ok) {
|
||||
if (!add_ok) {
|
||||
message("Failed to both add and modify configuration dn: " + samdb.errstring() + "\n");
|
||||
message("%s", "Failed to both add and modify " + subobj.CONFIGDN + " in target " + subobj.CONFIGDN_LDB + ": " + samdb.errstring() + "\n");
|
||||
message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
|
||||
assert(modify_ok);
|
||||
}
|
||||
@ -608,7 +610,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
|
||||
var modify_ok = setup_ldb_modify("provision_schema_basedn_modify.ldif", info, samdb);
|
||||
if (!modify_ok) {
|
||||
if (!add_ok) {
|
||||
message("Failed to both add and modify schema dn:" + samdb.errstring() + "\n");
|
||||
message("%s", "Failed to both add and modify " + subobj.SCHEMADN + " in target " + subobj.SCHEMADN_LDB + ": " + samdb.errstring() + "\n");
|
||||
message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
|
||||
assert(modify_ok);
|
||||
}
|
||||
|
||||
@ -121,13 +121,19 @@ var ldapbase = (options["ldap-base"] != undefined);
|
||||
var ldapbackend = (options["ldap-backend"] != undefined);
|
||||
var ldapmodule = (options["ldap-module"] != undefined);
|
||||
var partitions_only = (options["partitions-only"] != undefined);
|
||||
var paths = provision_default_paths(subobj);
|
||||
if (options["aci"] != undefined) {
|
||||
message("set ACI: %s\n", subobj["ACI"]);
|
||||
}
|
||||
|
||||
message("set DOMAIN SID: %s\n", subobj["DOMAINSID"]);
|
||||
|
||||
provision_fix_subobj(subobj, paths);
|
||||
|
||||
if (ldapbackend) {
|
||||
if (options["ldap-backend"] == "ldapi") {
|
||||
subobj.LDAPBACKEND = subobj.LDAPI_URI;
|
||||
}
|
||||
if (!ldapmodule) {
|
||||
subobj.LDAPMODULE = "entryUUID";
|
||||
}
|
||||
@ -137,7 +143,7 @@ if (ldapbackend) {
|
||||
subobj.CONFIGDN_MOD2 = "," + subobj.LDAPMODULE + ",paged_searches";
|
||||
subobj.SCHEMADN_LDB = subobj.LDAPBACKEND;
|
||||
subobj.SCHEMADN_MOD2 = "," + subobj.LDAPMODULE + ",paged_searches";
|
||||
message("LDAP module: %s backend: %s\n", subobj.LDAPMODULE, subobj.LDAPBACKEND);
|
||||
message("LDAP module: %s on backend: %s\n", subobj.LDAPMODULE, subobj.LDAPBACKEND);
|
||||
}
|
||||
|
||||
if (!provision_validate(subobj, message)) {
|
||||
@ -146,7 +152,6 @@ if (!provision_validate(subobj, message)) {
|
||||
|
||||
var system_session = system_session();
|
||||
var creds = options.get_credentials();
|
||||
var paths = provision_default_paths(subobj);
|
||||
message("Provisioning for %s in realm %s\n", subobj.DOMAIN, subobj.REALM);
|
||||
message("Using administrator password: %s\n", subobj.ADMINPASS);
|
||||
if (ldapbase) {
|
||||
|
||||
@ -98,6 +98,7 @@ provision_schema(subobj, message, tmp_schema_ldb, paths);
|
||||
|
||||
var mapping;
|
||||
var ext;
|
||||
var slapd_command;
|
||||
if (options["ldap-backend-type"] == "fedora-ds") {
|
||||
mapping = "schema-map-fedora-ds-1.0";
|
||||
ext = "ldif";
|
||||
@ -110,6 +111,8 @@ if (options["ldap-backend-type"] == "fedora-ds") {
|
||||
}
|
||||
setup_file("fedorads.inf", message, subobj.LDAPDIR + "/fedorads.inf", subobj);
|
||||
setup_file("fedorads-partitions.ldif", message, subobj.LDAPDIR + "/fedorads-partitions.ldif", subobj);
|
||||
|
||||
slapd_command = "(see documentation)";
|
||||
} else if (options["ldap-backend-type"] == "openldap") {
|
||||
provision_ldapbase(subobj, message, paths);
|
||||
mapping = "schema-map-openldap-2.3";
|
||||
@ -133,10 +136,16 @@ if (options["ldap-backend-type"] == "fedora-ds") {
|
||||
sys.mkdir(subobj.LDAPDBDIR + "/bdb-logs", 0700);
|
||||
setup_file("DB_CONFIG", message, subobj.LDAPDBDIR + "/DB_CONFIG", subobj);
|
||||
if (options["ldap-backend-port"] != undefined) {
|
||||
message("NOTE: OpenLDAP TCP ports are controlled on the command line, not in the generated config file\n");
|
||||
message("\nStart slapd with: \n");
|
||||
slapd_command = "slapd -f " + subobj.LDAPDIR + "/slapd.conf -h ldap://0.0.0.0:" + options["ldap-backend-port"] + " -h " + subobj.LDAPI_URI;
|
||||
} else {
|
||||
slapd_command = "slapd -f " + subobj.LDAPDIR + "/slapd.conf -h " + subobj.LDAPI_URI;
|
||||
}
|
||||
}
|
||||
message("ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext + "\n");
|
||||
var schema_command = "ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/backend-schema." + ext;
|
||||
|
||||
message("\nCreate a suitable schema file with:\n%s\n", schema_command);
|
||||
message("\nStart slapd with: \n%s\n", slapd_command);
|
||||
|
||||
message("All OK\n");
|
||||
return 0;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user