Changeset 2576

Show
Ignore:
Timestamp:
11/07/05 22:00:53 (18 years ago)
Author:
jerome
Message:

Simplifies LDAP setup.

Location:
pykota/trunk
Files:
5 modified

Legend:

Unmodified
Added
Removed

  • pykota/trunk/conf/pykota.conf.sample

    r2476 r2576  
    101101#storageserver: ldap://ldap.example.com:389 
    102102#storagename: dc=example,dc=com 
    103 #storageuser: cn=notadmin,dc=example,dc=com 
    104 #storageuserpw: abc.123 
     103#  
     104# NB : the user and password below are the ones contained in  
     105# the sample LDIF file pykota/initscripts/ldap/pykota-sample.ldif 
     106# Please adapt these lines to your own needs. 
     107#storageuser: cn=pykotauser,dc=example,dc=com 
     108#storageuserpw: ls88DT5j 
    105109# 
    106110# TLS support for LDAP 

  • pykota/trunk/conf/pykotadmin.conf.sample

    r2418 r2576  
    5858[global] 
    5959 
    60 # Quota Storage administrator's name and password 
     60# PostgreSQL's Quota Storage administrator's name and password 
     61# Please comment these lines out and see further below if you use LDAP. 
    6162storageadmin: pykotaadmin 
    6263# storageadminpw: Comment out if unused, or set to Quota Storage admin password 
     64 
    6365 
    6466# storagebackend: ldapstorage 
    6567# storageserver: ldap://ldapmaster.example.com:389 
    6668# storagename: dc=example,dc=com 
     69# 
     70# NB : the user and password below are the ones contained in  
     71# the sample LDIF file pykota/initscripts/ldap/pykota-sample.ldif 
     72# Please adapt these lines to your own needs. 
     73# storageadmin: cn=pykotaadmin,dc=example,dc=com 
     74# storageadminpw: BlfUPg7t 
    6775 

  • pykota/trunk/initscripts/ldap/pykota-sample.ldif

    r2357 r2576  
    1010# 
    1111  
     12# The encrypted password below in clear text is : BlfUPg7t 
     13dn: cn=pykotaadmin,dc=example,dc=com 
     14objectClass: simpleSecurityObject 
     15objectClass: organizationalRole 
     16cn: pykotaadmin 
     17description: PyKota Administrator 
     18userPassword:: e1NNRDV9WkdTNXlobUNaVFdkY0lZWDdrOFUxc1VGOHY0PQ== 
     19 
     20# The encrypted password below in clear text is : ls88DT5j 
     21dn: cn=pykotauser,dc=example,dc=com 
     22objectClass: simpleSecurityObject 
     23objectClass: organizationalRole 
     24cn: pykotauser 
     25description: PyKota ReadOnly User 
     26userPassword:: e1NNRDV9ZFZrRjJWOG1QWGo1L3pTQkplSS9TK0hpYURBPQ== 
     27 
    1228dn: ou=People,dc=example,dc=com 
    1329ou: People 

  • pykota/trunk/initscripts/ldap/README.ldap

    r2478 r2576  
    6363        index pykotaLastJobIdent eq 
    6464         
    65     Now you must ensure that the DN you use to bind to     
     65    Now you must ensure that the DNs PyKota will use to bind to 
    6666    your OpenLDAP server don't have search queries size limits, 
    6767    which gives for example (OpenLDAP 2.1.x or above) : 
    6868     
    69         limits dn="cn=RWadmin,dc=example,dc=com" size.soft=-1 size.hard=soft 
    70         limits dn="cn=ROadmin,dc=example,dc=com" size.soft=-1 size.hard=soft 
     69        limits dn="cn=pykotaadmin,dc=example,dc=com" size.soft=-1 size.hard=soft 
     70        limits dn="cn=pykotauser,dc=example,dc=com" size.soft=-1 size.hard=soft 
    7171     
    72     Where RWadmin and ROadmin are the usernames used to bind to your 
    73     OpenLDAP server within PyKota, respectively in ReadWrite mode  
     72    Where pykotaadmin and pykotauser are the usernames used to bind to your 
     73    OpenLDAP server within PyKota, respectively in complete ReadWrite mode  
    7474    (as set in pykotadmin.conf) and in ReadOnly mode (pykota.conf). 
    7575     
    76     Finally, restart the OpenLDAP server :     
     76    NB : YOU have to define the ACLs necessary for user pykotaadmin to 
     77    have unlimited Read+Write access to your LDAP tree, and for user 
     78    pykotauser to have unlimited ReadOnly access to your LDAP tree. 
     79    In the sentence above, "unlimited" means no limit with regard to 
     80    the number of records returned by a search operation. Of course 
     81    you may want to restrict the access to only some attributes, but 
     82    this is up to you to decide. That's why we don't suggest any 
     83    ACL there, at least for now. 
    7784     
    78         $ /etc/init.d/slapd restart 
     85    Now, stop the OpenLDAP server :     
     86     
     87        $ /etc/init.d/slapd stop 
     88         
     89    Generate the index files :     
     90     
     91        $ slapindex 
     92         
     93    And finally restart the OpenLDAP server :     
     94     
     95        $ /etc/init.d/slapd start 
    7996 
    8097pykota-sample.ldif : 

  • pykota/trunk/NEWS

    r2562 r2576  
    2222PyKota NEWS : 
    2323        
     24    - 1.24alpha1 : 
     25     
     26        - The sample LDIF file now contains the two necessary user 
     27          entries to have an LDAP PyKota Admin and an LDAP PyKota 
     28          ReadOnly user. The sample configuration files were updated 
     29          to contain the default passwords used in the LDIF file. 
     30           
     31        - dumpykota is now more strict when checking arguments.    
     32         
    2433    - 1.23 : 
    2534