samba 4: a new configuration system?
Mike Hammond (Laptop)
korann at accel.cornell.edu
Mon Jun 27 18:03:31 GMT 2005
On Thursday 23 June 2005 18:46, Andrew Tridgell wrote:
> > That's a great idea, and I wish more projects had that kind of
> > tool.
> I would not be surprised if ldbedit gets usage outside of Samba. It
> still needs a bit of work to be used as a general ldap editor (for
> example, it does the fancy SPNEGO/NTLMSSP authentication schemes that
> windows uses, but doesn't do plain text ldap binds), but once those
> are fixed I can well imagine administrators using it for managing
> ldap servers that have nothing to do with Samba.
Always nice to see people building general tools.
> > One question, though. I haven't looked, but is it possible to
> > dump the ldb to a text file, and then import that text file back
> > into the ldb? That would allow other scripts to root through the
> > DB via text, and would also give admins a "warm and fuzzy" feeling
> > that the DB could be backed up in a format humans can understand.
> yes, the import/export format is ldif.
> ldbedit does a little more than just import/export though, and
> perhaps the additional functionality should be exposed in a tool. The
> main extra thing it does is a "ldap diff", which works out what you
> changed in the editor, and forms a ldif changeset to apply to the
> server. We could have a "ldbdiff" tool that exposes that
> functionality so you could do:
ldbdiff (or ldifdiff?) would be a nice standalone tool.
Hate to be the anal one, but we should add locking, yes?:
> ldbsearch '(some=expression)' > a.ldif
> run_my_script.sh a.ldif > b.ldif
> ldbdiff a.ldif b.ldif > changes.ldif
> ldbmodify changes.ldif
It would "almost" always work without the locking, but ....
> you could in fact do that now by setting your 'editor' in ldbedit to
> run_my_script.sh, but perhaps it would be neater to split it out.
> Cheers, Tridge
Setting EDITOR=run_my_script.sh has the advantage of inherent locking.
The script could always output a copy.
A true Unix style hack.
ldbedit -H config.ldb > config.ldif
korann at accel.cornell.edu (607)255-8575 mch22 at cornell.edu
korann at blueblaze.com (607)277-4565voice (607)277-2216fax
More information about the samba-technical