[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] setting up OpenLDAP... looking for a victim or two ;-)



You might want to post this on the OpenLDAP list; I haven't looked at
the scripts yet, but if they are reasonably generic, I'm sure someone
out there would like to see them.  Configuring OpenLDAP is an oft heard
complaint on many a mailing list.

--Shahms

On Sun, 2002-07-07 at 21:59, Eric Harrison wrote:
> It rained all day here in Portland...  to weather the storm I holed up in
> the coffee shop around the corner with my laptop.
> 
> After WAY too much espresso, I decided to tackle automating the configuration
> of OpenLDAP. 
> 
> OpenLDAP can be tough to understand, but once you "get it", it is really
> pretty simple. Simple enough that 99% percent of it can be automated.
> Hence the attached scripts.
> 
> Be forewarned that these scripts have had very little testing and they
> muck around with the authentication system. It is very likely that these
> scripts have bugs which can render your system inaccessible. Please only
> use these on test systems until we're sure that they're safe to use.
> 
> If you get stuck, boot into single user mode, run "authconfig" and de-
> select the LDAP settings. That *should* get you back into business.
> 
> I'd greatly appreciate if anyone would test out and/or take a look at this.
> I'm not the world's greatest coder, please feel free to be critical. I've
> been known to inspire people to write great code after they were offended by
> an ugly hack I wrote ;-)
> 
> Attached are two scripts, one for setting up a server and one for setting up
> the clients.
> 
> "configureldap-server.sh" builds the OpenLDAP config file, starts up the 
> server, and then uses the migration tools to populate the database from
> the existing system files such as /etc/password, /etc/groups, /etc/hosts,
> and so on. It also configures the server to authenticate accounts using
> the freshly-build directory. Note that this script deletes any existing
> LDAP databases, don't run it on a server with an existing LDAP database you
> want to keep.
> 
> "configureldap-client.sh" configures client machines to pull its account 
> information (user names, passwords, groups, etc) from the ldap server.
> 
> The part that is missing is a pre-configured client to modify the directory
> once it is installed. I'll work on that soon.
> 
> -Eric





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]