[Samba] Samba AD DC: Keeping LDAP content in VCS
Rowland Penny
rpenny at samba.org
Sun Jul 25 12:09:32 UTC 2021
On Sun, 2021-07-25 at 13:10 +0200, Lorenz Schori via samba wrote:
> Hi,
>
> I am unable to find a simple tool which fulfils the following
> requirement:
>
> As a directory administrator, I'd like to maintain the
> structure of a LDAP directory (Groups / OUs) over time using
> flat files checked into a VCS (version control system).
>
> What I'm looking for is basically the equivalent of database schema
> migrations[1] as implemented in many OSS web frameworks but for LDAP
> (E.g., Rails: rake db:migrate, Django: django-admin migrate, etc.).
>
> In a very basic implementation such a tool would take a directory
> full
> of ldif files named according to the following scheme:
> YYYY-MM-DD-NNN-whatever-{UP,DOWN}.ldif (where NNN is a serial and UP
> or
> DOWN denote whether the file should be applied when installing and
> removing a migration respectively). When run the tool would check the
> last version applied to the LDAP directory. After that it figures out
> which migrations need to be applied and then runs ldapmodify once for
> each file in the proper sequence.
>
> If you know such a tool, then please point me towards it.
Whilst I can understand the logic behind this, what are you going to
read this with and is Samba involved .
If Samba is involved, then I probably should mention that apart from a
Samba AD DC (where once something is added to the schema, it cannot be
removed), Samba only really uses ldap for NT4-style domains and they
are now deprecated and work is ongoing to remove them. This means that
if you are actively developing something that relies on Samba and ldap,
then you could be wasting your time, you could develop it and then find
you have no clients.
Rowland
More information about the samba
mailing list