diff options
| author | Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> | 2013-04-24 17:00:16 +0200 |
|---|---|---|
| committer | Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> | 2013-04-24 17:00:16 +0200 |
| commit | 99a3ed7fdf4476a78aed722329bb874fc8b4ad06 (patch) | |
| tree | 4d3408d30fc98b55014bcc4c10daeeec1f912ab5 | |
| parent | 537d26c497aee5856c82b711b367dff2b1e5ce1f (diff) | |
| download | pykolab-99a3ed7fdf4476a78aed722329bb874fc8b4ad06.tar.gz | |
These command-line options are now available to setup-kolab.
--without-ldap will simply skip the entire step setting up LDAP.
--with-openldap will set configuration options compatible with
OpenLDAP (as opposed to Netscape-based directory services),
including but not limited to 'unique_attribute' ('nsuniqueid'
for Netscape-based directory services, 'entryuuid' for
OpenLDAP).
It is assumed deployments that use OpenLDAP:
- Set up OpenLDAP themselves,
- Provide, within this LDAP tree, a bind DN for Kolab to
use, that is authorized to use syncrepl,
- Provide the equivalent of a cyrus-admin login account,
- Set the ldap_uri, base_dn, bind_dn, bind_pw,
service_bind_dn, service_bind_pw, user_base_dn,
group_base_dn, resource_base_dn, sharedfolder_base_dn,
and other options in the [ldap] section in a file other
then /etc/kolab/kolab.conf, to then specify this file
to setup-kolab with the "-c" command-line option. This is
seeding setup-kolab with an answer file.
- Modify imapd.conf to not use roles for group authorization,
- Are careful using the Kolab Web Administration Panel
because of its dependency on effectiveRights controls.
| -rw-r--r-- | pykolab/setup/setup_ldap.py | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/pykolab/setup/setup_ldap.py b/pykolab/setup/setup_ldap.py index 2650fa8..acb4cea 100644 --- a/pykolab/setup/setup_ldap.py +++ b/pykolab/setup/setup_ldap.py @@ -60,6 +60,22 @@ def cli_options(): help = _("Allow anonymous binds (default: no).") ) + ldap_group.add_option( + "--without-ldap", + dest = "without_ldap", + action = "store_true", + default = False, + help = _("Skip setting up the LDAP server.") + ) + + ldap_group.add_option( + "--with-openldap", + dest = "with_openldap", + action = "store_true", + default = False, + help = _("Setup configuration for OpenLDAP compatibility.") + ) + def description(): return _("Setup LDAP.") @@ -69,6 +85,22 @@ def execute(*args, **kw): if not conf.config_file == conf.defaults.config_file: ask_questions = False + if conf.without_ldap: + print >> sys.stderr, _("Skipping setup of LDAP, as specified") + return + + _input = {} + + if conf.with_openldap: + + conf.command_set('ldap', 'unique_attribute', 'entryuuid') + + fp = open(conf.defaults.config_file, "w+") + conf.cfg_parser.write(fp) + fp.close() + + return + # Pre-execution checks for path, directories, files in os.walk('/etc/dirsrv/'): for direct in directories: @@ -163,7 +195,6 @@ def execute(*args, **kw): _input['fqdn'] = fqdn _input['hostname'] = hostname.split('.')[0] _input['domain'] = domainname - _input['nodotdomain'] = _input['domain'].replace('.','_') _input['rootdn'] = utils.standard_root_dn(_input['domain']) @@ -608,3 +639,4 @@ ServerAdminPwd = %(admin_pass)s else: log.error(_("Could not start and configure to start on boot, the " + \ "directory server admin service.")) + |