[Fedora-directory-commits] adminserver/admserv/schema/ldif 01nsroot.ldif.tmpl, 1.6, 1.6.2.1 10dsdata.ldif.tmpl, 1.9, 1.9.2.1 20asdata.ldif.tmpl, 1.5, 1.5.2.1

Richard Allen Megginson (rmeggins) fedora-directory-commits at redhat.com
Mon Jul 14 19:30:19 UTC 2008


Author: rmeggins

Update of /cvs/dirsec/adminserver/admserv/schema/ldif
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22641/adminserver/admserv/schema/ldif

Modified Files:
      Tag: Directory_Server_8_0_Branch
	01nsroot.ldif.tmpl 10dsdata.ldif.tmpl 20asdata.ldif.tmpl 
Log Message:
Resolves: bug 431103
Bug Description: Cannot setup ds with remote config DS
Reviewed by: nkinder (Thanks!)
Branch: Directory_Server_8_0_Branch
Fix Description: This fix has two main parts.  The first part is to fix setup.  I took parts out of the 01nsroot template and put them into the templates that set up the directory server and admin server.  So when those servers are registered, they will create those common entries if not present, or otherwise modify them to add the necessary information.  I had to add uname_m and uname_a and some other items to the mapping files.  I fixed a typo in one of the template files.  I changed setup to create new directory server instances shutdown, so that when they are configured for the passthrough auth plugin, it will be working when started.  Otherwise, directory servers you create with setup will not be manageable in the console until after they are restarted.  This is the same way that ds_create works.
The second part of the fix is to allow people to fix "broken" installs.  I added a -u (update) option to setup.  This will scan for exsiting installations are re-register all servers found.  The dialog flow is pretty simple - it just confirms that you want to run update mode, then asks for the config ds information, then re-registers all servers with the config ds, updating any information that is missing or outdated.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: Yes - need to document the new -u option.



Index: 01nsroot.ldif.tmpl
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/01nsroot.ldif.tmpl,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- 01nsroot.ldif.tmpl	25 Jun 2007 18:23:53 -0000	1.6
+++ 01nsroot.ldif.tmpl	14 Jul 2008 19:30:17 -0000	1.6.2.1
@@ -91,33 +91,3 @@
 objectClass: organizationalUnit
 aci: (targetattr=*)(version 3.0; acl "UserDNControl"; allow (all) userdnattr="creatorsname";)
 ou: uid=%as_uid%, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot
-
-dn: ou="cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot",ou=UserPreferences, ou=%domain%, o=NetscapeRoot
-objectClass: top
-objectClass: organizationalUnit
-aci: (targetattr=*)(version 3.0; acl "UserDNControl"; allow (all) userdnattr="creatorsname";)
-ou: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=netscaperoot
-
-dn: cn=%fqdn%, ou=%domain%, o=NetscapeRoot
-objectClass: top
-objectClass: nsHost
-objectClass: groupOfUniqueNames
-cn: %fqdn%
-serverHostName: %fqdn%
-nsOsVersion: %uname_a%
-nsHardwarePlatform: %uname_m%
-uniqueMember: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
-
-dn: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
-objectClass: nsAdminGroup
-objectClass: groupOfUniqueNames
-objectClass: nsDirectoryInfo
-objectClass: top
-nsAdminGroupName: Server Group
-nsDirectoryInfoRef: cn=UserDirectory, ou=Global Preferences, ou=%domain%, o=NetscapeRoot
-nsAdminSIEDN: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
-cn: Server Group
-uniqueMember: cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
-uniqueMember: cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
-aci: (targetattr=*)(targetfilter=(nsconfigRoot=*))(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)
-aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) userdn="ldap:///cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)


Index: 10dsdata.ldif.tmpl
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/10dsdata.ldif.tmpl,v
retrieving revision 1.9
retrieving revision 1.9.2.1
diff -u -r1.9 -r1.9.2.1
--- 10dsdata.ldif.tmpl	27 Sep 2007 16:54:31 -0000	1.9
+++ 10dsdata.ldif.tmpl	14 Jul 2008 19:30:17 -0000	1.9.2.1
@@ -22,6 +22,27 @@
 add: aci
 aci: (targetattr = "*")(version 3.0; acl "SIE Group (%dsid%)"; allow (all) groupdn = "ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)
 
+dn: cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+objectClass: top
+objectClass: nsHost
+objectClass: groupOfUniqueNames
+cn: %fqdn%
+serverHostName: %fqdn%
+nsOsVersion: %uname_a%
+nsHardwarePlatform: %uname_m%
+uniqueMember: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+
+dn: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+objectClass: nsAdminGroup
+objectClass: groupOfUniqueNames
+objectClass: nsDirectoryInfo
+objectClass: top
+nsAdminGroupName: Server Group
+nsAdminSIEDN: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+nsDirectoryInfoRef: cn=UserDirectory, ou=Global Preferences, ou=%domain%, o=NetscapeRoot
+cn: Server Group
+aci: (targetattr=*)(targetfilter=(nsconfigRoot=*))(version 3.0; acl "Enable delegated access"; allow (read, search, compare) groupdn="ldap:///cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)
+
 dn: cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
 objectClass: nsApplication
 objectClass: groupOfUniqueNames
@@ -39,6 +60,11 @@
 nsServerMigrationClassname: com.netscape.admin.dirserv.task.MigrateCreate@%ds_console_jar%@cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
 nsServerCreationClassname: com.netscape.admin.dirserv.task.MigrateCreate@%ds_console_jar%@cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
 
+dn: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+changetype: modify
+add: uniqueMember
+uniqueMember: cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+
 dn: cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
 objectClass: netscapeServer
 objectClass: nsDirectoryServer
@@ -70,7 +96,7 @@
 objectClass: top
 cn: configuration
 nsClassname: com.netscape.admin.dirserv.DSAdmin@%ds_console_jar%@cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
-nsJarfilename: @ds_console_jar@
+nsJarfilename: %ds_console_jar%
 nsDirectoryInfoRef: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
 aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=slapd-%dsid%, cn=%brand% Directory Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)
 


Index: 20asdata.ldif.tmpl
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/20asdata.ldif.tmpl,v
retrieving revision 1.5
retrieving revision 1.5.2.1
diff -u -r1.5 -r1.5.2.1
--- 20asdata.ldif.tmpl	25 Jun 2007 18:23:53 -0000	1.5
+++ 20asdata.ldif.tmpl	14 Jul 2008 19:30:17 -0000	1.5.2.1
@@ -17,6 +17,27 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 #
 # END COPYRIGHT BLOCK
+dn: cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+objectClass: top
+objectClass: nsHost
+objectClass: groupOfUniqueNames
+cn: %fqdn%
+serverHostName: %fqdn%
+nsOsVersion: %uname_a%
+nsHardwarePlatform: %uname_m%
+uniqueMember: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+
+dn: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+objectClass: nsAdminGroup
+objectClass: groupOfUniqueNames
+objectClass: nsDirectoryInfo
+objectClass: top
+nsAdminGroupName: Server Group
+nsDirectoryInfoRef: cn=UserDirectory, ou=Global Preferences, ou=%domain%, o=NetscapeRoot
+nsAdminSIEDN: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+cn: Server Group
+uniqueMember: cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+
 dn: cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
 objectClass: top
 objectClass: nsApplication
@@ -73,3 +94,14 @@
 nsClassname: com.netscape.management.admserv.AdminServer@%as_console_jar%@cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
 aci: (targetattr=*)(version 3.0; acl "Enable delegated admin to access configuration"; allow (read, search) groupdn="ldap:///cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)
 aci: (targetattr=*)(version 3.0; acl "Enable Server configuration"; allow (all) groupdn="ldap:///cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)
+
+dn: ou="cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot",ou=UserPreferences, ou=%domain%, o=NetscapeRoot
+objectClass: top
+objectClass: organizationalUnit
+aci: (targetattr=*)(version 3.0; acl "UserDNControl"; allow (all) userdnattr="creatorsname";)
+ou: cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=netscaperoot
+
+dn: cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot
+changetype: modify
+add: aci
+aci: (targetattr=*)(version 3.0; acl "Enable delegated access"; allow (read, search, compare) userdn="ldap:///cn=admin-serv-%asid%, cn=%brand% Administration Server, cn=Server Group, cn=%fqdn%, ou=%domain%, o=NetscapeRoot";)




More information about the Fedora-directory-commits mailing list