[PATCH 6/7] s4:provision - Added LDAP URI parameter.
Endi S. Dewata
edewata at redhat.com
Sat Jan 30 03:39:51 MST 2010
---
source4/scripting/python/samba/provision.py | 6 ++-
source4/scripting/python/samba/provisionbackend.py | 40 ++++++++++++--------
source4/setup/provision | 4 +-
3 files changed, 31 insertions(+), 19 deletions(-)
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 5b7e717..2d7978d 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -500,7 +500,7 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info,
ldap_backend_line = "# No LDAP backend"
if provision_backend.type is not "ldb":
- ldap_backend_line = "ldapBackend: %s" % provision_backend.ldapi_uri
+ ldap_backend_line = "ldapBackend: %s" % provision_backend.ldap_uri
samdb.transaction_start()
try:
@@ -1060,7 +1060,7 @@ def provision(setup_dir, message, session_info,
dnspass=None, root=None, nobody=None, users=None,
wheel=None, backup=None, aci=None, serverrole=None,
dom_for_fun_level=None,
- ldap_backend_extra_port=None, backend_type=None, ldap_dir=None,
+ ldap_backend_extra_port=None, backend_type=None, ldap_dir=None, ldap_uri=None,
sitename=None,
ol_mmr_urls=None, ol_olc=None,
setup_ds_path=None, slapd_path=None, nosync=False,
@@ -1180,6 +1180,7 @@ def provision(setup_dir, message, session_info,
schema=schema,
hostname=hostname,
ldap_dir=ldap_dir,
+ ldap_uri=ldap_uri,
ldapadminpass=ldapadminpass,
slapd_path=slapd_path,
ldap_backend_extra_port=ldap_backend_extra_port,
@@ -1196,6 +1197,7 @@ def provision(setup_dir, message, session_info,
schema=schema,
hostname=hostname,
ldap_dir=ldap_dir,
+ ldap_uri=ldap_uri,
ldapadminpass=ldapadminpass,
slapd_path=slapd_path,
ldap_backend_extra_port=ldap_backend_extra_port,
diff --git a/source4/scripting/python/samba/provisionbackend.py b/source4/scripting/python/samba/provisionbackend.py
index 90dd792..db9436d 100644
--- a/source4/scripting/python/samba/provisionbackend.py
+++ b/source4/scripting/python/samba/provisionbackend.py
@@ -93,7 +93,7 @@ class LDBBackend(ProvisionBackend):
class ExistingBackend(ProvisionBackend):
def __init__(self, backend_type, paths=None, setup_path=None, lp=None, credentials=None,
names=None, message=None,
- ldapi_uri=None):
+ ldap_uri=None):
super(ExistingBackend, self).__init__(
backend_type=backend_type,
@@ -102,11 +102,11 @@ class ExistingBackend(ProvisionBackend):
names=names,
message=message)
- self.ldapi_uri = ldapi_uri
+ self.ldap_uri = ldap_uri
def init(self):
#Check to see that this 'existing' LDAP backend in fact exists
- ldapi_db = Ldb(self.ldapi_uri, credentials=self.credentials)
+ ldapi_db = Ldb(self.ldap_uri, credentials=self.credentials)
search_ol_rootdse = ldapi_db.search(base="", scope=SCOPE_BASE,
expression="(objectClass=OpenLDAProotDSE)")
@@ -124,6 +124,7 @@ class LDAPBackend(ProvisionBackend):
schema=None,
hostname=None,
ldap_dir=None,
+ ldap_uri=None,
ldapadminpass=None,
slapd_path=None,
ldap_backend_extra_port=None,
@@ -145,6 +146,14 @@ class LDAPBackend(ProvisionBackend):
else:
self.ldapdir = ldap_dir
+ if not os.path.exists(self.ldapdir):
+ os.mkdir(self.ldapdir)
+
+ if ldap_uri is None:
+ self.ldap_uri = "ldapi://" + urllib.quote(os.path.join(self.ldapdir, "ldapi"), safe="")
+ else:
+ self.ldap_uri = ldap_uri
+
self.ldapadminpass = ldapadminpass
self.slapd_path = slapd_path
@@ -155,16 +164,11 @@ class LDAPBackend(ProvisionBackend):
self.ldap_backend_extra_port = ldap_backend_extra_port
self.ldap_dryrun_mode = ldap_dryrun_mode
- self.ldapi_uri = "ldapi://" + urllib.quote(os.path.join(self.ldapdir, "ldapi"), safe="")
-
- if not os.path.exists(self.ldapdir):
- os.mkdir(self.ldapdir)
-
def init(self):
- # we will shortly start slapd with ldapi for final provisioning. first check with ldapsearch -> rootDSE via self.ldapi_uri
+ # we will shortly start slapd with ldapi for final provisioning. first check with ldapsearch -> rootDSE via self.ldap_uri
# if another instance of slapd is already running
try:
- ldapi_db = Ldb(self.ldapi_uri)
+ ldapi_db = Ldb(self.ldap_uri)
search_ol_rootdse = ldapi_db.search(base="", scope=SCOPE_BASE,
expression="(objectClass=OpenLDAProotDSE)");
try:
@@ -175,7 +179,7 @@ class LDAPBackend(ProvisionBackend):
except:
pass
- raise ProvisioningError("Warning: Another slapd Instance seems already running on this host, listening to " + self.ldapi_uri + ". Please shut it down before you continue. ")
+ raise ProvisioningError("Warning: Another slapd Instance seems already running on this host, listening to " + self.ldap_uri + ". Please shut it down before you continue. ")
except LdbError, e:
pass
@@ -232,7 +236,7 @@ class LDAPBackend(ProvisionBackend):
while self.slapd.poll() is None:
# Wait until the socket appears
try:
- ldapi_db = Ldb(self.ldapi_uri, lp=self.lp, credentials=self.credentials)
+ ldapi_db = Ldb(self.ldap_uri, lp=self.lp, credentials=self.credentials)
search_ol_rootdse = ldapi_db.search(base="", scope=SCOPE_BASE,
expression="(objectClass=OpenLDAProotDSE)")
# If we have got here, then we must have a valid connection to the LDAP server!
@@ -265,6 +269,7 @@ class OpenLDAPBackend(LDAPBackend):
schema=None,
hostname=None,
ldap_dir=None,
+ ldap_uri=None,
ldapadminpass=None,
slapd_path=None,
ldap_backend_extra_port=None,
@@ -282,6 +287,7 @@ class OpenLDAPBackend(LDAPBackend):
schema=schema,
hostname=hostname,
ldap_dir=ldap_dir,
+ ldap_uri=ldap_uri,
ldapadminpass=ldapadminpass,
slapd_path=slapd_path,
ldap_backend_extra_port=ldap_backend_extra_port,
@@ -483,7 +489,7 @@ class OpenLDAPBackend(LDAPBackend):
open(os.path.join(self.ldapdir, backend_schema), 'w').write(backend_schema_data)
# now we generate the needed strings to start slapd automatically,
- # first ldapi_uri...
+ # first ldap_uri...
if self.ldap_backend_extra_port is not None:
# When we use MMR, we can't use 0.0.0.0 as it uses the name
# specified there as part of it's clue as to it's own name,
@@ -505,10 +511,10 @@ class OpenLDAPBackend(LDAPBackend):
# copy this command so we have two version, one with -d0 and only ldapi, and one with all the listen commands
self.slapd_command = list(self.slapd_provision_command)
- self.slapd_provision_command.append(self.ldapi_uri)
+ self.slapd_provision_command.append(self.ldap_uri)
self.slapd_provision_command.append("-d0")
- uris = self.ldapi_uri
+ uris = self.ldap_uri
if server_port_string is not "":
uris = uris + " " + server_port_string
@@ -549,6 +555,7 @@ class FDSBackend(LDAPBackend):
schema=None,
hostname=None,
ldap_dir=None,
+ ldap_uri=None,
ldapadminpass=None,
slapd_path=None,
ldap_backend_extra_port=None,
@@ -566,6 +573,7 @@ class FDSBackend(LDAPBackend):
schema=schema,
hostname=hostname,
ldap_dir=ldap_dir,
+ ldap_uri=ldap_uri,
ldapadminpass=ldapadminpass,
slapd_path=slapd_path,
ldap_backend_extra_port=ldap_backend_extra_port,
@@ -729,7 +737,7 @@ class FDSBackend(LDAPBackend):
raise ProvisioningError("ldif2db failed")
def post_setup(self):
- ldapi_db = Ldb(self.ldapi_uri, credentials=self.credentials)
+ ldapi_db = Ldb(self.ldap_uri, credentials=self.credentials)
# configure in-directory access control on Fedora DS via the aci attribute (over a direct ldapi:// socket)
aci = """(targetattr = "*") (version 3.0;acl "full access to all by samba-admin";allow (all)(userdn = "ldap:///CN=samba-admin,%s");)""" % self.sambadn
diff --git a/source4/setup/provision b/source4/setup/provision
index 6db526f..5377a2e 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -97,6 +97,8 @@ parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TY
choices=["fedora-ds", "openldap"])
parser.add_option("--ldap-dir", type="string", metavar="LDAP-DIR",
help="LDAP backend directory")
+parser.add_option("--ldap-uri", type="string", metavar="LDAP-URI",
+ help="LDAP backend URI")
parser.add_option("--ldap-backend-nosync", help="Configure LDAP backend not to call fsync() (for performance in test environments)", action="store_true")
parser.add_option("--server-role", type="choice", metavar="ROLE",
choices=["domain controller", "dc", "member server", "member", "standalone"],
@@ -241,7 +243,7 @@ provision(setup_dir, message,
serverrole=server_role, dom_for_fun_level=dom_for_fun_level,
ldap_backend_extra_port=opts.ldap_backend_extra_port,
backend_type=opts.ldap_backend_type,
- ldap_dir=opts.ldap_dir,
+ ldap_dir=opts.ldap_dir, ldap_uri=opts.ldap_uri,
ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls,
slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path,
nosync=opts.nosync,ldap_dryrun_mode=opts.ldap_dryrun_mode,useeadb=eadb)
--
1.6.6
------=_Part_68415_58125355.1265837901273
Content-Type: text/x-patch;
name=0007-s4-provision-Added-support-for-external-LDAP-server.patch
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=0007-s4-provision-Added-support-for-external-LDAP-server.patch
More information about the samba-technical
mailing list