[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] setting up OpenLDAP... looking for a victim or two ;-)

It rained all day here in Portland...  to weather the storm I holed up in
the coffee shop around the corner with my laptop.

After WAY too much espresso, I decided to tackle automating the configuration
of OpenLDAP. 

OpenLDAP can be tough to understand, but once you "get it", it is really
pretty simple. Simple enough that 99% percent of it can be automated.
Hence the attached scripts.

Be forewarned that these scripts have had very little testing and they
muck around with the authentication system. It is very likely that these
scripts have bugs which can render your system inaccessible. Please only
use these on test systems until we're sure that they're safe to use.

If you get stuck, boot into single user mode, run "authconfig" and de-
select the LDAP settings. That *should* get you back into business.

I'd greatly appreciate if anyone would test out and/or take a look at this.
I'm not the world's greatest coder, please feel free to be critical. I've
been known to inspire people to write great code after they were offended by
an ugly hack I wrote ;-)

Attached are two scripts, one for setting up a server and one for setting up
the clients.

"configureldap-server.sh" builds the OpenLDAP config file, starts up the 
server, and then uses the migration tools to populate the database from
the existing system files such as /etc/password, /etc/groups, /etc/hosts,
and so on. It also configures the server to authenticate accounts using
the freshly-build directory. Note that this script deletes any existing
LDAP databases, don't run it on a server with an existing LDAP database you
want to keep.

"configureldap-client.sh" configures client machines to pull its account 
information (user names, passwords, groups, etc) from the ldap server.

The part that is missing is a pre-configured client to modify the directory
once it is installed. I'll work on that soon.


Attachment: configureldap-server.sh
Description: Bourne shell script

Attachment: configureldap-client.sh
Description: Bourne shell script

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]