Changeset 2576 for pykota/trunk/initscripts/ldap/README.ldap
- Timestamp:
- 11/07/05 22:00:53 (19 years ago)
- Files:
-
- 1 modified
Legend:
- Unmodified
- Added
- Removed
-
pykota/trunk/initscripts/ldap/README.ldap
r2478 r2576 63 63 index pykotaLastJobIdent eq 64 64 65 Now you must ensure that the DN you use to bind to65 Now you must ensure that the DNs PyKota will use to bind to 66 66 your OpenLDAP server don't have search queries size limits, 67 67 which gives for example (OpenLDAP 2.1.x or above) : 68 68 69 limits dn="cn= RWadmin,dc=example,dc=com" size.soft=-1 size.hard=soft70 limits dn="cn= ROadmin,dc=example,dc=com" size.soft=-1 size.hard=soft69 limits dn="cn=pykotaadmin,dc=example,dc=com" size.soft=-1 size.hard=soft 70 limits dn="cn=pykotauser,dc=example,dc=com" size.soft=-1 size.hard=soft 71 71 72 Where RWadmin and ROadminare the usernames used to bind to your73 OpenLDAP server within PyKota, respectively in ReadWrite mode72 Where pykotaadmin and pykotauser are the usernames used to bind to your 73 OpenLDAP server within PyKota, respectively in complete ReadWrite mode 74 74 (as set in pykotadmin.conf) and in ReadOnly mode (pykota.conf). 75 75 76 Finally, restart the OpenLDAP server : 76 NB : YOU have to define the ACLs necessary for user pykotaadmin to 77 have unlimited Read+Write access to your LDAP tree, and for user 78 pykotauser to have unlimited ReadOnly access to your LDAP tree. 79 In the sentence above, "unlimited" means no limit with regard to 80 the number of records returned by a search operation. Of course 81 you may want to restrict the access to only some attributes, but 82 this is up to you to decide. That's why we don't suggest any 83 ACL there, at least for now. 77 84 78 $ /etc/init.d/slapd restart 85 Now, stop the OpenLDAP server : 86 87 $ /etc/init.d/slapd stop 88 89 Generate the index files : 90 91 $ slapindex 92 93 And finally restart the OpenLDAP server : 94 95 $ /etc/init.d/slapd start 79 96 80 97 pykota-sample.ldif :