[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-942-g7bc566a
Andrew Bartlett
abartlet at samba.org
Tue Aug 11 19:33:12 MDT 2009
The branch, master has been updated
via 7bc566a88277ecbc0f712b7c54116163930f187d (commit)
via 69fa901bca9b1e032d6784df60a0e1c14d27d830 (commit)
via 4921a5853b323e9c19f192220a94cf4a7cd077ff (commit)
via 6dc41bf27c6157f981b9b45b026da41e9a3df184 (commit)
via f0decfe5c2395173fb632e9bfdea3edf43b1b434 (commit)
via 28bcdf5266f75ef835fd3cbb353aadb782a1f27c (commit)
from a038f1e05b8b7acb5e99257e59178e1ece4ce156 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7bc566a88277ecbc0f712b7c54116163930f187d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 12 11:09:50 2009 +1000
s4:provision Allow provision-backend to not run slapd for 'make test'
As the version of OpenLDAP required for Samba4 is fairly new, we don't
want to make it a requirement before this python code is run in 'make
test'.
As such, skip over the actual starting of slapd, but check the rest
runs alright (which still validates syntax and other modules).
Andrew Bartlett
commit 69fa901bca9b1e032d6784df60a0e1c14d27d830
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 10 22:01:28 2009 +1000
s4:selftest Don't start the slapd for the provision, only for the run
The provision-backend script now starts slapd for us
Andrew Bartlett
commit 4921a5853b323e9c19f192220a94cf4a7cd077ff
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 10 21:51:08 2009 +1000
s4:selftest Make OpenLDAP guess it's own modules from now on
In the releases of OpenLDAP we require (2.4.17) it can guess this much
itself, so no need for us to do it.
Andrew Bartlett
commit 6dc41bf27c6157f981b9b45b026da41e9a3df184
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 10 21:46:20 2009 +1000
s4:provision Make the --ol-slapd paramter take the full path to slapd
commit f0decfe5c2395173fb632e9bfdea3edf43b1b434
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 10 21:43:11 2009 +1000
s4:provision Assume the OpenLDAP backend can find it's own modules
commit 28bcdf5266f75ef835fd3cbb353aadb782a1f27c
Author: Oliver Liebel <oliver at itc.li>
Date: Mon Aug 10 09:45:01 2009 +1000
s4:provision Rework and further automate setup of OpenLDAP backend
heres the summary of all changes/extensions:
- Andrew Bartlett's patch to generate indext
- Howard Chu's idea to use nosync on the DB included, but made optional
- slaptest-path is not needed any more (slapd -Ttest is used instead)
and is therefore removed. slapd-path is now recommended when
openldap-backend is chosen.
its also used for olc-conversion
- slapd-detection is now always done by ldapsearch (ldb module),
looking anonymous for objectClass: OpenLDAProotDSE via our ldapi_uri.
- if ldapsearch was not successfull, (no slapd listening on our socket)
slapd is
started via special generated slapdcommand_prov (ldapi_uri only)
- slapd-"provision-process" startup is done via pythons subprocess.
- the slapd-provision-pid is stored under paths.ldapdir/slapd_provision_pid.
- after provision-backend is finished:
--- slapd.pid is compared with our stored slapd_provision_pid.
if the are unique, slapd.pid will be read out, and the
slapd "provison"-process will be shut down.
--- proper slapd-shutdown is verified again with ldb-search -> ldapi_uri
-> rootDSE.
--- if the pids are different or one of the pid-files is missing, slapd
will not be shut down,
instead an error message is displayed to locate slapd manually
--- extended help-messages (relevant to slapd) are always displayed,
e.g. the commandline with which slapd has to be started when everythings
finished
(slapd-commandline is stored under paths.ldapdir/slapd_command_file.txt))
- upgraded the content of the mini-howto (howto-ol-backend-s4.txt)
-----------------------------------------------------------------------
Summary of changes:
howto-ol-backend-s4.txt | 177 ++++++++++++++++
selftest/target/Samba4.pm | 75 +------
source4/scripting/python/samba/provision.py | 226 +++++++++++++++++----
source4/setup/provision-backend | 17 +-
source4/setup/slapd.conf | 42 +----
source4/setup/tests/blackbox_provision-backend.sh | 10 +-
6 files changed, 402 insertions(+), 145 deletions(-)
create mode 100644 howto-ol-backend-s4.txt
Changeset truncated at 500 lines:
diff --git a/howto-ol-backend-s4.txt b/howto-ol-backend-s4.txt
new file mode 100644
index 0000000..c96ce55
--- /dev/null
+++ b/howto-ol-backend-s4.txt
@@ -0,0 +1,177 @@
+Samba4 OpenLDAP-Backend Quick-Howto
+====================================
+
+oliver at itc.li - August 2009
+
+
+This Mini-Howto describes in a very simplified way
+how to setup Samba 4 (S4) (pre)Alpha 9 with the
+OpenLDAP (OL) -Backend.
+Use of OpenLDAP >= 2.4.17 is strongly recommended.
+
+
+1.) Download and compile OpenLDAP.
+
+The use of (older) Versions shipped with Distributions often
+causes trouble, so dont use them. Configure-Example:
+
+#> ./configure --enable-overlays=yes --with-tls=yes --with-cyrus-sasl=yes
+#> make depend && make && make install
+
+Note: openssl and cyrus-sasl libs should be installed
+before compilation.
+
+
+
+2.) Prepare S4 to use OL-Backend:
+
+Run the provision-backend Python-Script first, then "final" provision
+(these 2-step process will be merged in the future)
+
+Simple provision-backend Example:
+
+#> setup/provision-backend --realm=ldap.local.site \
+ --domain=LDAP --ldap-admin-pass="linux" \
+ --ldap-backend-type=openldap \
+ --server-role='domain controller' \
+ --ol-slapd="/usr/local/libexec/slapd"
+
+After that, you should get a similar output:
+
+--------
+Your openldap Backend for Samba4 is now configured, and is ready to be started
+Server Role: domain controller
+Hostname: ldapmaster
+DNS Domain: ldap.local.site
+Base DN: DC=ldap,DC=local,DC=site
+LDAP admin user: samba-admin
+LDAP admin password: linux
+LDAP Debug-Output:
+(1, 'connection to remote LDAP server dropped?')
+Ok. - No other slapd-Instance listening on: ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi. Starting al provision.
+Started slapd for final provisioning with PID: 21728
+
+Now run final provision with: --ldap-backend=ldapi --ldap-backend-type=openldap --password=linux --username=sa=ldap.local.site --domain=LDAP --server-role='domain controller'
+
+--------
+
+Since this (pre)Alpha, you dont have to run slapd manually
+any more. slapd will be started automatically, when
+provision-backend is done, listening on the
+ldapi://-Socket. System should be ready
+for final provision now:
+
+
+3.) Final provision:
+
+Use the Parameters displayed above to run final provision.
+(you can add --adminpass=<yourpass> to the parameters,
+otherwise a random password will be generated for
+cn=Administrator,cn=users,<Your Base-DN>):
+
+#> setup/provision --ldap-backend=ldapi \
+ --ldap-backend-type=openldap --password=linux \
+ --username=samba-admin --realm=ldap.local.site \
+ --domain=LDAP --server-role='domain controller'\
+ --adminpass=linux
+
+At the End of the final provision you should get
+the following output (only partial here). Read it carefully:
+
+--------
+...
+A Kerberos configuration suitable for Samba 4 has been generated at /usr/local/samba/private/krb5.conf
+LDAP Debug-Output:[Message({'dn': Dn(''), 'objectClass': MessageElement(['top','OpenLDAProotDSE'])})]
+slapd-PID-File found. PID is :21728
+
+File from provision-backend with stored PID found. PID is :21728
+
+slapd-Process used for provisioning with PID: 21728
+ will now be shut down.
+slapd-Process used for final provision was properly shut down.
+Use later the following commandline to start slapd, then Samba:
+/usr/local/libexec/slapd -f /usr/local/samba/private/ldap/slapd.conf -h ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi
+
+This slapd-Commandline is also stored under: /usr/local/samba/private/ldap/slapd_command_file.txt
+Please install the phpLDAPadmin configuration located at /usr/local/samba/private/phpldapadmin-config.php into /etc/phpldapadmin/config.php
+Once the above files are installed, your Samba4 server will be ready to use
+Server Role: domain controller
+Hostname: ldapmaster
+NetBIOS Domain: LDAP
+DNS Domain: ldap.local.site
+DOMAIN SID: S-1-5-21-429312062-2328781357-2130201529
+Admin password: linux
+
+--------
+
+Our slapd in "provision-mode" wiil be shut down automatically
+after final provision ends.
+
+
+4.) Run OL and S4:
+
+After you completed the other necessary steps (krb and named-specific),
+start first OL with the commandline displayed in the output under (3),
+(remember: the slapd-Commandline is also stored in the file ../slapd_command_file.txt)
+then S4.
+
+
+
+5.) Special Setup-Types:
+
+a) OpenLDAP-Online Configuration (olc):
+Use the provision-backend Parameter
+
+ --ol-olc=yes.
+
+In that case, the olc will be setup automatically
+under ../private/slapd.d/.
+olc is accessible via "cn=samba-admin,cn=samba" and Base-DN "cn=config"
+olc is intended primarily for use in conjunction with MMR
+
+Attention: You have to start OL with the commandline
+displayed in the output under (3), but you have to set a
+listening port of slapd manually:
+
+(e.g. -h ldap://ldapmaster.ldap.local.site:9000)
+
+Attention: You _should_not_ edit the olc-Sections
+"config" and "ldif", as these are vital to the olc itself.
+
+
+b) MultiMaster-Configuration (MMR):
+At this time (S4 (pre)Alpha9) the only possible Replication setup.
+Use the provision-backend Parameter:
+
+ --ol-mmr-urls=<list of whitespace separated ldap-urls (and Ports <> 389!).
+
+e.g.:
+--ol-mmr-urls="ldap://ldapmaster1.ldap.local.site:9000 \
+ ldap://ldapmaster2.ldap.local.site:9000"
+
+Attention: You have to start OL with the commandline
+displayed in the output under (3), but you have to set a
+listening port of slapd manually
+(e.g. -h ldap://ldapmaster1.ldap.local.site:9000)
+
+The Ports must be different from 389, as these are occupied by S4.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index db5900d..0f909ce 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -32,16 +32,7 @@ sub bindir_path($$) {
sub openldap_start($$$) {
my ($slapd_conf, $uri, $logs) = @_;
- my $oldpath = $ENV{PATH};
- my $olroot = "";
- my $olpath = "";
- if (defined $ENV{OPENLDAP_ROOT}) {
- $olroot = "$ENV{OPENLDAP_ROOT}";
- $olpath = "$olroot/libexec:$olroot/sbin:";
- }
- $ENV{PATH} = "$olpath/usr/local/sbin:/usr/sbin:/sbin:$ENV{PATH}";
- system("slapd -d0 -f $slapd_conf -h $uri > $logs 2>&1 &");
- $ENV{PATH} = $oldpath;
+ system("$ENV{OPENLDAP_SLAPD} -d0 -f $slapd_conf -h $uri > $logs 2>&1 &");
}
sub slapd_start($$)
@@ -118,7 +109,7 @@ sub check_or_start($$$)
# Start slapd before samba, but with the fifo on stdin
if (defined($self->{ldap})) {
$self->slapd_start($env_vars) or
- die("couldn't start slapd (2nd time)");
+ die("couldn't start slapd (main run)");
}
my $optarg = "";
@@ -233,52 +224,6 @@ sub mk_openldap($$$)
my $slapd_conf = "$ldapdir/slapd.conf";
my $pidfile = "$ldapdir/slapd.pid";
- my $modconf = "$ldapdir/modules.conf";
-
- my $oldpath = $ENV{PATH};
- my $olpath = "";
- my $olroot = "";
- if (defined $ENV{OPENLDAP_ROOT}) {
- $olroot = "$ENV{OPENLDAP_ROOT}";
- $olpath = "$olroot/libexec:$olroot/sbin:";
- }
- $ENV{PATH} = "$olpath/usr/local/sbin:/usr/sbin:/sbin:$ENV{PATH}";
-
- unlink($modconf);
-
- #This code tries to guess what modules we need to load (if any) by trying different combinations in the modules.conf
-
- # Try without any slapd modules
- open(CONF, ">$modconf"); close(CONF);
-
- if (system("slaptest -u -f $slapd_conf >&2") != 0) {
- open(CONF, ">$modconf");
- # enable slapd modules
- print CONF "
-moduleload syncprov
-moduleload memberof
-moduleload refint
-moduleload deref
-";
- close(CONF);
- }
- if (system("slaptest -u -f $slapd_conf >&2") != 0) {
- open(CONF, ">$modconf");
- # enable slapd modules, and the module for back_hdb
- print CONF "
-moduleload back_hdb
-moduleload syncprov
-moduleload memberof
-moduleload refint
-moduleload deref
-";
- close(CONF);
- }
-
- system("slaptest -u -f $slapd_conf") == 0 or die("slaptest still fails after adding modules");
-
-
- $ENV{PATH} = $oldpath;
return ($slapd_conf, $pidfile);
}
@@ -840,29 +785,33 @@ sub provision($$$$$$$)
$ret->{LDAP_URI} = $ctx->{ldap_uri};
push (@{$ctx->{provision_options}},"--ldap-backend=$ctx->{ldap_uri}");
- system("$self->{setupdir}/provision-backend $configuration --ldap-admin-pass=$ctx->{password} --root=$ctx->{unix_name} --realm=$ctx->{realm} --domain=$ctx->{domain} --host-name=$ctx->{netbiosname} --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
-
push (@{$ctx->{provision_options}}, "--password=$ctx->{password}");
if ($self->{ldap} eq "openldap") {
push (@{$ctx->{provision_options}}, "--username=samba-admin");
- push (@{$ctx->{provision_options}}, "--ldap-backend-type=openldap");
+ push (@{$ctx->{provision_options}}, "--ldap-backend-type=openldap");
+
+ system("$self->{setupdir}/provision-backend $configuration --ldap-admin-pass=$ctx->{password} --root=$ctx->{unix_name} --realm=$ctx->{realm} --domain=$ctx->{domain} --host-name=$ctx->{netbiosname} --ldap-backend-type=$self->{ldap} --nosync --ol-slapd=$ENV{OPENLDAP_SLAPD}>&2") == 0 or die("backend provision failed");
($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ctx->{ldapdir}, $configuration) or die("Unable to create openldap directories");
- } elsif ($self->{ldap} eq "fedora-ds") {
+ } elsif ($self->{ldap} eq "fedora-ds") {
push (@{$ctx->{provision_options}}, "--simple-bind-dn=cn=Manager,$ctx->{localbasedn}");
push (@{$ctx->{provision_options}}, "--ldap-backend-type=fedora-ds");
+ system("$self->{setupdir}/provision-backend $configuration --ldap-admin-pass=$ctx->{password} --root=$ctx->{unix_name} --realm=$ctx->{realm} --domain=$ctx->{domain} --host-name=$ctx->{netbiosname} --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+
($ret->{FEDORA_DS_DIR}, $ret->{FEDORA_DS_PIDFILE}) = $self->mk_fedora_ds($ctx->{ldapdir}, $configuration) or die("Unable to create fedora ds directories");
+
+ $self->slapd_start($ret) or die("couldn't start slapd");
+
}
- $self->slapd_start($ret) or die("couldn't start slapd");
}
$ret = $self->provision_raw_step2($ctx, $ret);
- if (defined($self->{ldap})) {
+ if (defined($self->{ldap}) && ($self->{ldap} eq "fedora-ds")) {
$self->slapd_stop($ret) or die("couldn't stop slapd");
}
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 8a7ed6a..39c3fff 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -36,6 +36,7 @@ import socket
import param
import registry
import samba
+import subprocess
from auth import system_session
from samba import version, Ldb, substitute_var, valid_netbios_name, check_all_substituted, \
DS_BEHAVIOR_WIN2008
@@ -43,8 +44,9 @@ from samba.samdb import SamDB
from samba.idmap import IDmapDB
from samba.dcerpc import security
import urllib
-from ldb import SCOPE_SUBTREE, LdbError, timestring
+from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, timestring
from ms_schema import read_ms_schema
+from signal import SIGTERM
__docformat__ = "restructuredText"
@@ -100,7 +102,7 @@ class ProvisionPaths(object):
self.olmmrserveridsconf = None
self.olmmrsyncreplconf = None
self.olcdir = None
- self.olslaptest = None
+ self.olslapd = None
self.olcseedldif = None
@@ -262,6 +264,8 @@ def provision_paths_from_lp(lp, dnsdomain):
"ldap")
paths.slapdconf = os.path.join(paths.ldapdir,
"slapd.conf")
+ paths.slapdpid = os.path.join(paths.ldapdir,
+ "slapd.pid")
paths.modulesconf = os.path.join(paths.ldapdir,
"modules.conf")
paths.memberofconf = os.path.join(paths.ldapdir,
@@ -935,6 +939,7 @@ FILL_FULL = "FULL"
FILL_NT4SYNC = "NT4SYNC"
FILL_DRS = "DRS"
+
def provision(setup_dir, message, session_info,
credentials, smbconf=None, targetdir=None, samdb_fill=FILL_FULL, realm=None,
rootdn=None, domaindn=None, schemadn=None, configdn=None,
@@ -1133,6 +1138,78 @@ def provision(setup_dir, message, session_info,
hostname=names.hostname, realm=names.realm)
message("A Kerberos configuration suitable for Samba 4 has been generated at %s" % paths.krb5conf)
+
+
+ # if backend is openldap, terminate slapd after final provision and check its proper termination
+ if ldap_backend_type == "openldap":
+
+ # We look if our "provision-slapd" is still up and running,
+ # listening with the stored PID on our ldapi_uri.
+ # first we check with ldapsearch -> rootDSE via ldapi_uri
+ # if slapd is running
+ try:
+ # in this case we got a running slapd listening on our ldapi_uri
+ ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.private_dir, "ldap", "ldapi"), safe="")
+ ldapi_db = Ldb(ldapi_uri)
+ search_ol_rootdse = ldapi_db.search(base="", scope=SCOPE_BASE,
+ expression="(objectClass=OpenLDAProotDSE)");
+ message("LDAP Debug-Output:" + str(search_ol_rootdse))
+
+ # now we check if slapds PID file exists AND is identical to our stored
+ if os.path.exists(paths.slapdpid):
+ f = open(paths.slapdpid, "r")
+ p1 = f.read()
+ f.close()
+ message("slapd-PID-File found. PID is :" + str(p1))
+ # validation against stored PID of "provision-slapd".
+ # is this the slapd we started from provision-backend?
+ if os.path.exists(paths.ldapdir + "/slapd_provision_pid"):
+ f = open(paths.ldapdir + "/slapd_provision_pid", "r")
+ p2 = f.read()
+ f.close()
+ message("File from provision-backend with stored PID found. PID is :" + str(p2))
+ if int(p1) == int(p2):
+ message("slapd-Process used for provisioning with PID: " + str(p1) + " will now be shut down.")
+ os.kill(int(p1),SIGTERM)
+ else:
+ message("Warning: PIDs are not identical! Locate the active slapd and shut it down before you continue!")
+ else:
+ message("Stored PID File could not be found. Sorry. You have to locate the PID and terminate slapd manually.")
+ else:
+ message("slapd-PID File could not be found. Sorry. You have to locate the PID and terminate slapd manually.")
+
+ # Now verify proper slapd-termination...
+ try:
+ # in this case we got still a running slapd listening on our ldapi_uri: bad
+ ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.private_dir, "ldap", "ldapi"), safe="")
+ ldapi_db = Ldb(ldapi_uri)
+ search_ol_rootdse = ldapi_db.search(base="", scope=SCOPE_BASE,
+ expression="(objectClass=OpenLDAProotDSE)");
+ message("slapd seems still to be running and listening to our "+ ldapi_uri + " -socket. Locate an terminate it manually.")
+ except LdbError, e:
+ message("slapd-Process used for final provision was properly shut down.")
+ # in this case we got no running slapd listening on our ldapi_uri: everythings good - do nothing.
+
+ except LdbError, e:
+ # in this case we got no running slapd
+ message("LDAP Debug-Output:")
+ print e
+ message("No running slapd on: " + ldapi_uri + " detected. Maybe final provision is incomplete.")
+
+ # end slapd-termination check
+
+ # now display slapd_command_file.txt to show how slapd must be started next time
+ if os.path.exists(paths.ldapdir +"/slapd_command_file.txt"):
+ message("Use later the following commandline to start slapd, then Samba:")
+ f = open(paths.ldapdir +"/slapd_command_file.txt", "r")
+ x = f.read()
+ f.close()
+ message(x)
+ message("This slapd-Commandline is also stored under: " + str(paths.ldapdir) + "/slapd_command_file.txt")
+ else:
+ message("Error. slapd-commandline-File could not be found.")
+
+
create_phpldapadmin_config(paths.phpldapadminconfig, setup_path,
ldapi_url)
@@ -1155,6 +1232,7 @@ def provision(setup_dir, message, session_info,
return result
+
def provision_become_dc(setup_dir=None,
smbconf=None, targetdir=None, realm=None,
rootdn=None, domaindn=None, schemadn=None, configdn=None,
@@ -1192,11 +1270,12 @@ def setup_db_config(setup_path, dbdir):
def provision_backend(setup_dir=None, message=None,
- smbconf=None, targetdir=None, realm=None,
+ smbconf=None, targetdir=None, realm=None,
rootdn=None, domaindn=None, schemadn=None, configdn=None,
domain=None, hostname=None, adminpass=None, root=None, serverrole=None,
ldap_backend_type=None, ldap_backend_port=None,
- ol_mmr_urls=None,ol_olc=None,ol_slaptest=None):
+ ol_mmr_urls=None, ol_olc=None,
+ ol_slapd=None, nosync=False, testing_mode=False):
def setup_path(file):
return os.path.join(setup_dir, file)
@@ -1223,17 +1302,17 @@ def provision_backend(setup_dir=None, message=None,
make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole,
targetdir)
- # openldap-online-configuration: validation of olc and slaptest
- if ol_olc == "yes" and ol_slaptest is None:
- sys.exit("Warning: OpenLDAP-Online-Configuration cant be setup without path to slaptest-Binary!")
-
- if ol_olc == "yes" and ol_slaptest is not None:
- ol_slaptest = ol_slaptest + "/slaptest"
- if not os.path.exists(ol_slaptest):
- message (ol_slaptest)
- sys.exit("Warning: Given Path to slaptest-Binary does not exist!")
- ###
+ # if openldap-backend was chosen, check if path to slapd was given and exists
+ if ldap_backend_type == "openldap" and ol_slapd is None and not testing_mode:
+ sys.exit("Warning: OpenLDAP-Backend must be setup with path to slapd (OpenLDAP-Daemon), e.g. --ol-slapd=\"/usr/local/libexec/slapd\"!")
+ if ldap_backend_type == "openldap" and ol_slapd is not None:
+ if not os.path.exists(ol_slapd):
+ message (ol_slapd)
+ sys.exit("Warning: Given Path to slapd (OpenLDAP-Daemon) does not exist!")
+ # openldap-online-configuration: validation of olc and slapd
+ if ol_olc == "yes" and ol_slapd is None:
+ sys.exit("Warning: OpenLDAP-Online-Configuration cant be setup without path to slapd!")
lp = param.LoadParm()
@@ -1314,8 +1393,14 @@ def provision_backend(setup_dir=None, message=None,
ldapuser = "--simple-bind-dn=" + names.ldapmanagerdn
elif ldap_backend_type == "openldap":
+ #Allow the test scripts to turn off fsync() for OpenLDAP as for TDB and LDB
+ nosync_config = ""
+ if nosync:
+ nosync_config = "dbnosync"
+
+
attrs = ["linkID", "lDAPDisplayName"]
- res = schemadb.search(expression="(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1))(objectclass=attributeSchema)(attributeSyntax=2.5.5.1))", base=names.schemadn, scope=SCOPE_SUBTREE, attrs=attrs)
+ res = schemadb.search(expression="(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1))(objectclass=attributeSchema)(attributeSyntax=2.5.5.1))", base=names.schemadn, scope=SCOPE_ONELEVEL, attrs=attrs)
--
Samba Shared Repository
More information about the samba-cvs
mailing list