diff options
| author | Ade Lee <alee@redhat.com> | 2015-07-29 14:23:35 -0400 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2015-07-31 18:35:30 -0400 |
| commit | 7c4bc2480c0cb0b4bb816ec090e9673bdddce047 (patch) | |
| tree | 283e6c64f6f1a250cf559d1e454fe4f3307d0eb9 | |
| parent | e1eb261b467f6e19c7e6604fc7ecb03e8b1f8166 (diff) | |
| download | pki-7c4bc2480c0cb0b4bb816ec090e9673bdddce047.tar.gz pki-7c4bc2480c0cb0b4bb816ec090e9673bdddce047.tar.xz pki-7c4bc2480c0cb0b4bb816ec090e9673bdddce047.zip | |
Add code to reindex data during cloning without replication
When setting up a clone, indexes are added before the
replication agreements are set up and the consumer is initialized.
Thus, as data is replicated and added to the clone db, the
data is indexed.
When cloning is done with the replication agreements already set
up and the data replicated, the existing data is not indexed and
cannot be accessed in searches. The data needs to be reindexed.
Related to ticket 1414
| -rw-r--r-- | base/ca/shared/conf/CS.cfg.in | 2 | ||||
| -rw-r--r-- | base/ca/shared/conf/indextasks.ldif | 31 | ||||
| -rw-r--r-- | base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java | 19 | ||||
| -rw-r--r-- | base/kra/shared/conf/CS.cfg.in | 2 | ||||
| -rw-r--r-- | base/kra/shared/conf/indextasks.ldif | 31 | ||||
| -rw-r--r-- | base/ocsp/shared/conf/CS.cfg.in | 2 | ||||
| -rw-r--r-- | base/ocsp/shared/conf/indextasks.ldif | 31 | ||||
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | 97 | ||||
| -rw-r--r-- | base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java | 1 | ||||
| -rw-r--r-- | base/server/etc/default.cfg | 1 | ||||
| -rw-r--r-- | base/server/man/man5/pki_default.cfg.5 | 8 | ||||
| -rw-r--r-- | base/server/python/pki/server/deployment/pkihelper.py | 1 | ||||
| -rw-r--r-- | base/tks/shared/conf/CS.cfg.in | 2 | ||||
| -rw-r--r-- | base/tks/shared/conf/indextasks.ldif | 31 | ||||
| -rw-r--r-- | base/tps/shared/conf/CS.cfg.in | 2 | ||||
| -rw-r--r-- | base/tps/shared/conf/indextasks.ldif | 14 |
16 files changed, 243 insertions, 32 deletions
diff --git a/base/ca/shared/conf/CS.cfg.in b/base/ca/shared/conf/CS.cfg.in index 3d2dd5e43..d6642a406 100644 --- a/base/ca/shared/conf/CS.cfg.in +++ b/base/ca/shared/conf/CS.cfg.in @@ -828,6 +828,8 @@ preop.internaldb.index_ldif=/usr/share/pki/ca/conf/index.ldif preop.internaldb.manager_ldif=/usr/share/pki/server/conf/manager.ldif preop.internaldb.post_ldif=/usr/share/pki/ca/conf/vlv.ldif,/usr/share/pki/ca/conf/vlvtasks.ldif preop.internaldb.wait_dn=cn=index1160589769, cn=index, cn=tasks, cn=config +preop.internaldb.index_task_ldif=/usr/share/pki/ca/conf/indextasks.ldif +preop.internaldb.index_wait_dn=cn=index1160589770,cn=index,cn=tasks,cn=config internaldb.multipleSuffix.enable=false jobsScheduler._000=## jobsScheduler._001=## jobScheduler diff --git a/base/ca/shared/conf/indextasks.ldif b/base/ca/shared/conf/indextasks.ldif new file mode 100644 index 000000000..4db159ab0 --- /dev/null +++ b/base/ca/shared/conf/indextasks.ldif @@ -0,0 +1,31 @@ +dn: cn=index1160589770, cn=index, cn=tasks, cn=config +objectclass: top +objectclass: extensibleObject +cn: index1160589770 +ttl: 10 +nsinstance: {database} +nsIndexAttribute: revokedby:eq +nsIndexAttribute: issuedby:eq +nsIndexAttribute: publicKeyData:eq +nsIndexAttribute: clientId:eq +nsIndexAttribute: dataType:eq +nsIndexAttribute: status:eq +nsIndexAttribute: description:eq,pres +nsIndexAttribute: serialno:eq,pres +nsIndexAttribute: metaInfo:eq,pres +nsIndexAttribute: certstatus:eq,pres +nsIndexAttribute: requestid:eq,pres +nsIndexAttribute: requesttype:eq,pres +nsIndexAttribute: requeststate:eq,pres +nsIndexAttribute: requestowner:eq,pres +nsIndexAttribute: notbefore:eq,pres +nsIndexAttribute: notafter:eq,pres +nsIndexAttribute: duration:eq,pres +nsIndexAttribute: dateOfCreate:eq,pres +nsIndexAttribute: revokedOn:eq,pres +nsIndexAttribute: archivedBy:eq,pres +nsIndexAttribute: ownername:eq,pres,sub +nsIndexAttribute: subjectname:eq,pres,sub +nsIndexAttribute: requestsourceid:eq,pres,sub +nsIndexAttribute: revInfo:eq,pres,sub +nsIndexAttribute: extension:eq,pres,sub diff --git a/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java b/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java index 0682ac98f..7c6c339f5 100644 --- a/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java +++ b/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java @@ -130,6 +130,9 @@ public class ConfigurationRequest { protected String setupReplication; @XmlElement + protected String reindexData; + + @XmlElement protected List<SystemCertData> systemCerts; @XmlElement @@ -525,6 +528,18 @@ public class ConfigurationRequest { this.setupReplication = setupReplication; } + public boolean getReindexData() { + // default to false + if (reindexData == null) { + return false; + } + return reindexData.equalsIgnoreCase("true"); + } + + public void setReindexData(String reindexData) { + this.reindexData = reindexData; + } + /** * @return the database */ @@ -946,7 +961,8 @@ public class ConfigurationRequest { ", sharedDBUserDN=" + sharedDBUserDN + ", createNewDB=" + createNewDB + ", setupReplication=" + setupReplication + - ", subordinateSecurityDomainName" + subordinateSecurityDomainName + + ", subordinateSecurityDomainName=" + subordinateSecurityDomainName + + ", reindexData=" + reindexData + "]"; } @@ -960,5 +976,4 @@ public class ConfigurationRequest { return uri == null ? null : new URI(uri); } } - } diff --git a/base/kra/shared/conf/CS.cfg.in b/base/kra/shared/conf/CS.cfg.in index fae77133a..64a369e0a 100644 --- a/base/kra/shared/conf/CS.cfg.in +++ b/base/kra/shared/conf/CS.cfg.in @@ -236,6 +236,8 @@ preop.internaldb.index_ldif=/usr/share/pki/kra/conf/index.ldif preop.internaldb.manager_ldif=/usr/share/pki/server/conf/manager.ldif preop.internaldb.post_ldif=/usr/share/pki/kra/conf/vlv.ldif,/usr/share/pki/kra/conf/vlvtasks.ldif preop.internaldb.wait_dn=cn=index1160527115, cn=index, cn=tasks, cn=config +preop.internaldb.index_task_ldif=/usr/share/pki/kra/conf/indextasks.ldif +preop.internaldb.index_wait_dn=cn=index1160589771,cn=index,cn=tasks,cn=config internaldb.multipleSuffix.enable=false jobsScheduler._000=## jobsScheduler._001=## jobScheduler diff --git a/base/kra/shared/conf/indextasks.ldif b/base/kra/shared/conf/indextasks.ldif new file mode 100644 index 000000000..41703a4ba --- /dev/null +++ b/base/kra/shared/conf/indextasks.ldif @@ -0,0 +1,31 @@ +dn: cn=index1160589771, cn=index, cn=tasks, cn=config +objectclass: top +objectclass: extensibleObject +cn: index1160589771 +ttl: 10 +nsinstance: {database} +nsIndexAttribute: revokedby:eq +nsIndexAttribute: issuedby:eq +nsIndexAttribute: publicKeyData:eq +nsIndexAttribute: clientId:eq +nsIndexAttribute: dataType:eq +nsIndexAttribute: status:eq +nsIndexAttribute: description:eq,pres +nsIndexAttribute: serialno:eq,pres +nsIndexAttribute: metaInfo:eq,pres +nsIndexAttribute: certstatus:eq,pres +nsIndexAttribute: requestid:eq,pres +nsIndexAttribute: requesttype:eq,pres +nsIndexAttribute: requeststate:eq,pres +nsIndexAttribute: requestowner:eq,pres +nsIndexAttribute: notbefore:eq,pres +nsIndexAttribute: notafter:eq,pres +nsIndexAttribute: duration:eq,pres +nsIndexAttribute: dateOfCreate:eq,pres +nsIndexAttribute: revokedOn:eq,pres +nsIndexAttribute: archivedBy:eq,pres +nsIndexAttribute: ownername:eq,pres,sub +nsIndexAttribute: subjectname:eq,pres,sub +nsIndexAttribute: requestsourceid:eq,pres,sub +nsIndexAttribute: revInfo:eq,pres,sub +nsIndexAttribute: extension:eq,pres,sub diff --git a/base/ocsp/shared/conf/CS.cfg.in b/base/ocsp/shared/conf/CS.cfg.in index 9c878e89e..0cbe20bed 100644 --- a/base/ocsp/shared/conf/CS.cfg.in +++ b/base/ocsp/shared/conf/CS.cfg.in @@ -195,6 +195,8 @@ preop.internaldb.index_ldif=/usr/share/pki/ocsp/conf/index.ldif preop.internaldb.manager_ldif=/usr/share/pki/server/conf/manager.ldif preop.internaldb.post_ldif= preop.internaldb.wait_dn= +preop.internaldb.index_task_ldif=/usr/share/pki/ocsp/conf/indextasks.ldif +preop.internaldb.index_wait_dn=cn=index1160589772,cn=index,cn=tasks,cn=config internaldb.multipleSuffix.enable=false jss._000=## jss._001=## JSS diff --git a/base/ocsp/shared/conf/indextasks.ldif b/base/ocsp/shared/conf/indextasks.ldif new file mode 100644 index 000000000..1169d6077 --- /dev/null +++ b/base/ocsp/shared/conf/indextasks.ldif @@ -0,0 +1,31 @@ +dn: cn=index1160589772, cn=index, cn=tasks, cn=config +objectclass: top +objectclass: extensibleObject +cn: index1160589772 +ttl: 10 +nsinstance: {database} +nsIndexAttribute: revokedby:eq +nsIndexAttribute: issuedby:eq +nsIndexAttribute: publicKeyData:eq +nsIndexAttribute: clientId:eq +nsIndexAttribute: dataType:eq +nsIndexAttribute: status:eq +nsIndexAttribute: description:eq,pres +nsIndexAttribute: serialno:eq,pres +nsIndexAttribute: metaInfo:eq,pres +nsIndexAttribute: certstatus:eq,pres +nsIndexAttribute: requestid:eq,pres +nsIndexAttribute: requesttype:eq,pres +nsIndexAttribute: requeststate:eq,pres +nsIndexAttribute: requestowner:eq,pres +nsIndexAttribute: notbefore:eq,pres +nsIndexAttribute: notafter:eq,pres +nsIndexAttribute: duration:eq,pres +nsIndexAttribute: dateOfCreate:eq,pres +nsIndexAttribute: revokedOn:eq,pres +nsIndexAttribute: archivedBy:eq,pres +nsIndexAttribute: ownername:eq,pres,sub +nsIndexAttribute: subjectname:eq,pres,sub +nsIndexAttribute: requestsourceid:eq,pres,sub +nsIndexAttribute: revInfo:eq,pres,sub +nsIndexAttribute: extension:eq,pres,sub diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index c8ab38ce7..a417be4a3 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -88,6 +88,7 @@ import netscape.security.x509.X500Name; import netscape.security.x509.X509CertImpl; import netscape.security.x509.X509Key; +import org.apache.commons.lang.StringUtils; import org.apache.velocity.context.Context; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.CryptoManager.NicknameConflictException; @@ -1346,6 +1347,7 @@ public class ConfigurationUtils { boolean remove = cs.getBoolean("preop.database.removeData", false); boolean createNewDB = cs.getBoolean("preop.database.createNewDB", true); boolean setupReplication = cs.getBoolean("preop.database.setupReplication", true); + boolean reindexData = cs.getBoolean("preop.database.reindexData", false); IConfigStore dbCfg = cs.getSubStore("internaldb"); ILdapConnFactory dbFactory = CMS.getLdapBoundConnFactory("ConfigurationUtils"); @@ -1419,6 +1421,9 @@ public class ConfigurationUtils { // On the other hand, if we are not setting up replication, then we // are assuming that replication is already taken care of, and schema // has already been replicated. No need to add. + + // Also, data will be replicated from master to clone + // so clone does not need the data boolean replicateSchema = cs.getBoolean("preop.internaldb.replicateSchema", true); if (!replicateSchema || !setupReplication) { importLDIFS("preop.internaldb.schema.ldif", conn); @@ -1427,9 +1432,15 @@ public class ConfigurationUtils { // add the index before replication, add VLV indexes afterwards importLDIFS("preop.internaldb.index_ldif", conn); + + if (!setupReplication && reindexData) { + // data has already been replicated but not yet indexed - + // re-index here + populateIndexes(conn); + } } else { - // data will be replicated from the master to the clone - // so clone does not need the data + // this is the normal non-clone case + // import schema, database, initial data and indexes importLDIFS("preop.internaldb.schema.ldif", conn); importLDIFS("preop.internaldb.ldif", conn); importLDIFS("preop.internaldb.data_ldif", conn); @@ -1444,6 +1455,51 @@ public class ConfigurationUtils { } } + private static void populateIndexes(LDAPConnection conn) throws EPropertyNotFound, IOException, EBaseException { + CMS.debug("populateIndexes(): start"); + IConfigStore cs = CMS.getConfigStore(); + + importLDIFS("preop.internaldb.index_task_ldif", conn, false); + + /* For populating indexes, we need to check if the task has completed. + Presence of nsTaskExitCode means task is complete + */ + String wait_dn = cs.getString("preop.internaldb.index_wait_dn", ""); + if (!StringUtils.isEmpty(wait_dn)) { + wait_for_task(conn, wait_dn); + } + } + + private static void wait_for_task(LDAPConnection conn, String wait_dn) { + LDAPEntry task = null; + boolean taskComplete = false; + CMS.debug("Checking wait_dn " + wait_dn); + do { + try { + Thread.sleep(1000); + } catch (InterruptedException e) { + // restore the interrupted status + Thread.currentThread().interrupt(); + } + + try { + task = conn.read(wait_dn, (String[]) null); + if (task != null) { + LDAPAttribute attr = task.getAttribute("nsTaskExitCode"); + if (attr != null) { + taskComplete = true; + String val = (String) attr.getStringValues().nextElement(); + if (val.compareTo("0") != 0) { + CMS.debug("Error in populating indexes: nsTaskExitCode=" + val); + } + } + } + } catch (Exception le) { + CMS.debug("Still checking wait_dn '" + wait_dn + "' (" + le.toString() + ")"); + } + } while (!taskComplete); + } + private static void createBaseEntry(String baseDN, LDAPConnection conn) throws EBaseException { try { CMS.debug("Creating base DN: " + baseDN); @@ -1624,7 +1680,11 @@ public class ConfigurationUtils { } } - public static void importLDIFS(String param, LDAPConnection conn) throws IOException, EPropertyNotFound, + public static void importLDIFS(String param, LDAPConnection conn) throws EPropertyNotFound, IOException, EBaseException { + importLDIFS(param, conn, true); + } + + public static void importLDIFS(String param, LDAPConnection conn, boolean suppressErrors) throws IOException, EPropertyNotFound, EBaseException { IConfigStore cs = CMS.getConfigStore(); @@ -1706,6 +1766,9 @@ public class ConfigurationUtils { for (String error : errors) { CMS.debug(error); } + if (!suppressErrors) { + throw new EBaseException("LDAP Errors in importing " + filename); + } } } } @@ -1836,33 +1899,7 @@ public class ConfigurationUtils { */ String wait_dn = cs.getString("preop.internaldb.wait_dn", ""); if (!wait_dn.equals("")) { - LDAPEntry task = null; - boolean taskComplete = false; - CMS.debug("Checking wait_dn " + wait_dn); - do { - try { - Thread.sleep(1000); - } catch (InterruptedException e) { - // restore the interrupted status - Thread.currentThread().interrupt(); - } - - try { - task = conn.read(wait_dn, (String[]) null); - if (task != null) { - LDAPAttribute attr = task.getAttribute("nsTaskExitCode"); - if (attr != null) { - taskComplete = true; - String val = (String) attr.getStringValues().nextElement(); - if (val.compareTo("0") != 0) { - CMS.debug("Error in populating local VLV indexes: nsTaskExitCode=" + val); - } - } - } - } catch (Exception le) { - CMS.debug("Still checking wait_dn '" + wait_dn + "' (" + le.toString() + ")"); - } - } while (!taskComplete); + wait_for_task(conn, wait_dn); } } catch (Exception e) { CMS.debug("populateVLVIndexes(): Exception thrown: " + e); diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index 31891ca62..6e5414756 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -649,6 +649,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou cs.putString("preop.database.removeData", data.getRemoveData()); cs.putBoolean("preop.database.createNewDB", data.getCreateNewDB()); cs.putBoolean("preop.database.setupReplication", data.getSetupReplication()); + cs.putBoolean("preop.database.reindexData", data.getReindexData()); } public void initializeDatabase(ConfigurationRequest data) { diff --git a/base/server/etc/default.cfg b/base/server/etc/default.cfg index 26ffd0d38..ddd2d8367 100644 --- a/base/server/etc/default.cfg +++ b/base/server/etc/default.cfg @@ -194,6 +194,7 @@ pki_clone_replication_master_port= pki_clone_replication_clone_port= pki_clone_replication_security=None pki_clone_setup_replication=True +pki_clone_reindex_data=False pki_master_hostname=%(pki_security_domain_hostname)s pki_master_https_port=%(pki_security_domain_https_port)s pki_clone_uri=https://%(pki_master_hostname)s:%(pki_master_https_port)s diff --git a/base/server/man/man5/pki_default.cfg.5 b/base/server/man/man5/pki_default.cfg.5 index 17130aecf..4e2c13bfc 100644 --- a/base/server/man/man5/pki_default.cfg.5 +++ b/base/server/man/man5/pki_default.cfg.5 @@ -267,6 +267,14 @@ Location and password of the PKCS #12 file containing the system certificates fo .IP Defaults to True. If set to False, the installer does not set up replication agreements from the master to the clone as part of the subsystem configuration. In this case, it is expected that the top level suffix already exists, and that the data has already been replicated. This option is useful if you want to use other tools to create and manage your replication topology, or if the baseDN is already replicated as part of a top-level suffix. .TP +.B pki_clone_reindex_data +.IP +Defaults to False. This parameter is only relevant when \fBpki_clone_setup_replication\fP is +set to False. In this case, it is expected that the database has been prepared and replicated +as noted above. Part of that preparation could involve adding indexes and indexing the data. +If you would like the Dogtag installer to add the indexes and reindex the data instead, set +\fBpki_clone_reindex_data\fP to True. +.TP .B pki_clone_replication_master_port, pki_clone_replication_clone_port .IP Ports on which replication occurs. These are the ports on the master and clone databases respectively. Defaults to the internal database port. diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py index 93fa38494..b6ee61b27 100644 --- a/base/server/python/pki/server/deployment/pkihelper.py +++ b/base/server/python/pki/server/deployment/pkihelper.py @@ -4264,6 +4264,7 @@ class ConfigClient: data.cloneReplicationPort = \ self.mdict['pki_clone_replication_clone_port'] data.setupReplication = self.mdict['pki_clone_setup_replication'] + data.reindexData = self.mdict['pki_clone_reindex_data'] def set_hierarchy_parameters(self, data): if self.subsystem == "CA": diff --git a/base/tks/shared/conf/CS.cfg.in b/base/tks/shared/conf/CS.cfg.in index f864e298a..e63f07d13 100644 --- a/base/tks/shared/conf/CS.cfg.in +++ b/base/tks/shared/conf/CS.cfg.in @@ -187,6 +187,8 @@ preop.internaldb.index_ldif=/usr/share/pki/tks/conf/index.ldif preop.internaldb.manager_ldif=/usr/share/pki/server/conf/manager.ldif preop.internaldb.post_ldif= preop.internaldb.wait_dn= +preop.internaldb.index_task_ldif=/usr/share/pki/tks/conf/indextasks.ldif +preop.internaldb.index_wait_dn=cn=index1160589773,cn=index,cn=tasks,cn=config internaldb.multipleSuffix.enable=false jss._000=## jss._001=## JSS diff --git a/base/tks/shared/conf/indextasks.ldif b/base/tks/shared/conf/indextasks.ldif new file mode 100644 index 000000000..749ac0a05 --- /dev/null +++ b/base/tks/shared/conf/indextasks.ldif @@ -0,0 +1,31 @@ +dn: cn=index1160589773, cn=index, cn=tasks, cn=config +objectclass: top +objectclass: extensibleObject +cn: index1160589773 +ttl: 10 +nsinstance: {database} +nsIndexAttribute: revokedby:eq +nsIndexAttribute: issuedby:eq +nsIndexAttribute: publicKeyData:eq +nsIndexAttribute: clientId:eq +nsIndexAttribute: dataType:eq +nsIndexAttribute: status:eq +nsIndexAttribute: description:eq,pres +nsIndexAttribute: serialno:eq,pres +nsIndexAttribute: metaInfo:eq,pres +nsIndexAttribute: certstatus:eq,pres +nsIndexAttribute: requestid:eq,pres +nsIndexAttribute: requesttype:eq,pres +nsIndexAttribute: requeststate:eq,pres +nsIndexAttribute: requestowner:eq,pres +nsIndexAttribute: notbefore:eq,pres +nsIndexAttribute: notafter:eq,pres +nsIndexAttribute: duration:eq,pres +nsIndexAttribute: dateOfCreate:eq,pres +nsIndexAttribute: revokedOn:eq,pres +nsIndexAttribute: archivedBy:eq,pres +nsIndexAttribute: ownername:eq,pres,sub +nsIndexAttribute: subjectname:eq,pres,sub +nsIndexAttribute: requestsourceid:eq,pres,sub +nsIndexAttribute: revInfo:eq,pres,sub +nsIndexAttribute: extension:eq,pres,sub diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in index 732d14319..7bbeceef6 100644 --- a/base/tps/shared/conf/CS.cfg.in +++ b/base/tps/shared/conf/CS.cfg.in @@ -1629,6 +1629,8 @@ preop.internaldb.manager_ldif=/usr/share/pki/server/conf/manager.ldif preop.internaldb.post_ldif=/usr/share/pki/tps/conf/vlv.ldif,/usr/share/pki/tps/conf/vlvtasks.ldif preop.internaldb.schema.ldif=/usr/share/pki/server/conf/schema.ldif preop.internaldb.wait_dn=cn=index1160528734, cn=index, cn=tasks, cn=config +preop.internaldb.index_task_ldif=/usr/share/pki/tps/conf/indextasks.ldif +preop.internaldb.index_wait_dn=cn=index1160589774,cn=index,cn=tasks,cn=config preop.module.token=Internal Key Storage Token preop.pin=[PKI_RANDOM_NUMBER] preop.product.name=CS diff --git a/base/tps/shared/conf/indextasks.ldif b/base/tps/shared/conf/indextasks.ldif new file mode 100644 index 000000000..b5106bba4 --- /dev/null +++ b/base/tps/shared/conf/indextasks.ldif @@ -0,0 +1,14 @@ +dn: cn=index1160589774, cn=index, cn=tasks, cn=config +objectclass: top +objectclass: extensibleObject +cn: index1160589774 +ttl: 10 +nsinstance: {database} +nsIndexAttribute: tokenUserID:eq,pres,sub +nsIndexAttribute: tokenID:eq,pres,sub +nsIndexAttribute: dateOfCreate:eq,pres,sub +nsIndexAttribute: dateOfModify:eq,pres,sub +nsIndexAttribute: userCertificate:eq +nsIndexAttribute: tokenSerial:eq +nsIndexAttribute: tokenKeyType:eq +nsIndexAttribute: description:eq,pres |