diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-10-19 10:38:10 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-10-19 18:57:06 +1100 |
commit | f9c7365e535727b1d6d6ef55ed8c196368c625b9 (patch) | |
tree | e0439c5d6b1b7ac5251e39d087855eb38b495b7a /source4/setup | |
parent | 4d9b12ae8f9fc7c097b94e6c02df3cb1c38a52ce (diff) | |
download | samba-f9c7365e535727b1d6d6ef55ed8c196368c625b9.tar.gz samba-f9c7365e535727b1d6d6ef55ed8c196368c625b9.tar.xz samba-f9c7365e535727b1d6d6ef55ed8c196368c625b9.zip |
s4-provisionbackend Allow a fixed URI to be specified for LDAP backend
This is added to make the 'existing' LDAP backend class more useful,
and to allow debuging of our OpenLDAP backend class with wireshark, by
forcing the traffic over loopback TCP, which is much easier to sniff.
Andrew Bartlett
Diffstat (limited to 'source4/setup')
-rwxr-xr-x | source4/setup/provision | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/source4/setup/provision b/source4/setup/provision index 21d94cba27..c809c4afc3 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -93,6 +93,8 @@ parser.add_option("--blank", action="store_true", help="do not add users or groups, just the structure") parser.add_option("--ldap-backend-extra-port", type="int", metavar="LDAP-BACKEND-EXTRA-PORT", help="Additional TCP port for LDAP backend server (to use for replication)") +parser.add_option("--ldap-backend-forced-uri", type="string", metavar="LDAP-BACKEND-FORCED-URI", + help="Force the LDAP backend connection to be to a particular URI. Use this ONLY for 'existing' backends, or when debugging the interaction with the LDAP backend and you need to intercept the LDAP traffic") parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE", help="LDAP backend type (fedora-ds or openldap)", choices=["fedora-ds", "openldap"]) @@ -230,6 +232,15 @@ elif opts.use_xattrs == "auto": file.close() +if opts.ldap_backend_type == "existing": + if opts.ldap_backend_forced_uri is not None: + logger.warn("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at %s" % opts.ldap_backend_forced_uri) + else: + logger.info("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at the default location") +else: + if opts.ldap_backend_forced_uri is not None: + logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend. This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less prone to unexpected failure or interaction" % opts.ldap_backend_forced_uri) + session = system_session() try: provision(setup_dir, logger, @@ -245,6 +256,7 @@ try: wheel=opts.wheel, users=opts.users, serverrole=server_role, dom_for_fun_level=dom_for_fun_level, ldap_backend_extra_port=opts.ldap_backend_extra_port, + ldap_backend_forced_uri=opts.ldap_backend_forced_uri, backend_type=opts.ldap_backend_type, ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls, slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path, |