Andrew Bartlett abartlet at
Tue Aug 12 10:43:26 GMT 2008

On Tue, 2008-08-12 at 12:16 +0200, Oliver Liebel wrote:
> Andrew Bartlett schrieb:
> > It certainly looks reasonable to me.  Please put the passwords back in
> > cleartext in the config file for 'rootpw', as we have to have them clear
> > anyway (in the replication), and it will make debugging easier.  (As you
> > say, move to SASL later).
> >   
> done.
> > We could potentially still provision to the ldapi URL, if you started
> > slapd listening on both ldapi and TCP sockets.
> >   
> thats absolutely right, as it would speedup the communication between 
> samba and ol
> on the same host.
> but since the addition of ldapi has no effect on
> the mmr-setup/functionality itself, i would like to keep it simple at 
> the moment
> and add that point later, when mmr-provisioning is working.
> ( maybe in the way: ldapi [always set up] , ldap://<host>:port 
> [additionally when mmr=yes] .)

Yep, that's what I would like as the end goal.  But you are certainly
correct - we should make it work first :-)

> > Look closely at how we sub in memberof configuration into the
> > slapd.conf.  I suggest that you could add a ${REPL_CONFIG} after each
> > database, which the script could sub with either "" or by reading and
> > subing in a slapd-replica.conf
> >
> > Let me know if you need any more help.
> >   
> i have setup the configuration-files as you mentioned by excluding the 
> mmr-specific parts
> into sub-files (slapd.conf-template and the corresponding 
> ol-mmr*.conf-templates files are attached)
> i have tried to modify the and provision-backend as far as 
> i could, but i get stucked,
> as i am not very familiar with python, so i need your help at this point.
> (diffs are attached to).

When constructing a diff, run diff -u oldfile newfile.  This gives me a
much easier to read diff.

> the backend-provision script kicks me out with the following message.
> " ldap_ol_mmr_yesno=opts.ldap_ol_mmr_yesno,
> AttributeError: Values instance has no attribute 'ldap_ol_mmr_yesno'"

> plain text document attachment (provision-backend.diff)
> 67,73d66
> < parser.add_option("--ol-mmr", type="string", metavar="MMR", 
> < 		          help="With OpenLDAP-Multi-Master Replication [=yes/no]")
> < parser.add_option("--ol-mmr-url1", type="string", metavar="LDAPSERVER_1",
> <                 help="LDAP-URL (DC1) corresponding to Server-ID for Use with OpenLDAP-MMR")
> < parser.add_option("--ol-mmr-url2", type="string", metavar="LDAPSERVER_2",
> <                 help="LDAP-URL (DC2) corresponding to Server-ID for Use with OpenLDAP-MMR")
> < 
> 109,113c102
> < 		  ldap_backend_port=opts.ldap_backend_port,
> < 		  ldap_ol_mmr_yesno=opts.ldap_ol_mmr_yesno,
> < 		  ldap_ol_mmr_url1=opts.ldap_ol_mmr_url1,
> < 		  ldap_ol_mmr_url2=opts.ldap_ol_mmr_url2,)
> < 
> ---
> > 		  ldap_backend_port=opts.ldap_backend_port)

Given the option names you have chosen, try 'ol_mmr' and 'ol_mmr_url1'
etc.  The name in opts is the name for the long option (eg
--ol-mmr-url1) with the - replaced by -.

I hope this helps.  

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.        

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list