extended provision-backend

Oliver Liebel oliver at itc.li
Thu Aug 6 06:36:24 MDT 2009

Michael Ströder schrieb:
> Oliver Liebel wrote:
>> Andrew Bartlett schrieb:
>>> I've been thinking about it, and the
>>> main thing I dislike is the way you try to detect another slapd process
>>> using ps and grep.  Instead, how about trying a rootDSE search against
>>> the ldapi socket?  
>> what about a simple bind via python-ldap to the socket?
> This would introduce another dependency on the python-ldap module. I guess
> Andrew would prefer if you do that with Samba4 modules.
i am not deep enough into "other" s4 modules to know which of them are 
able to query slapd.
at first sight there are two ways to query slapd,
one with python-ldap, which is pretty simple,
second with ldbsearch from s4.
but this would make it necessary to know the location of the ldb-tools 
after install
or to give the path manual during provision.
so from my sight there is only one option.

>>> If it succeeds, then have the script fail with 'an
>>> ldap server appears to already be listening on .../ldapi, please shut it
>>> down before you continue'.
> Maybe I missed something in the thread but I wonder what's the issue here. If
> you explicitly invoke slapd with -h "ldapi://<Samba4path> [..]" the likelihood
> that another server not related to Samba is running there is almost zero.
yes, i see that in the same way. but you know how it is with unlikely 
> Just food for thought: If you'd like to check whether you're really accessing
> the right OpenLDAP backend you could query a generated provision ID in the
> rootDSE by slapd.conf directive 'rootDSE' which points to an arbitrary LDIF
> file which you could generate.
thanks, but too complicated and oversized.
> Ciao, Michael.

More information about the samba-technical mailing list