You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2022/03/01 15:34:18 UTC
[directory-fortress-core] branch openldap-install created (now 16e1c31)
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a change to branch openldap-install
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git.
at 16e1c31 FC-308 - Symas OpenLDAP 2.5 Support
This branch includes the following new commits:
new 16e1c31 FC-308 - Symas OpenLDAP 2.5 Support
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[directory-fortress-core] 01/01: FC-308 - Symas OpenLDAP 2.5 Support
Posted by sm...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a commit to branch openldap-install
in repository https://gitbox.apache.org/repos/asf/directory-fortress-core.git
commit 16e1c31a763c9c64da85753f5f8729a39031fa7f
Author: Shawn McKinney <sm...@symas.com>
AuthorDate: Tue Mar 1 09:34:13 2022 -0600
FC-308 - Symas OpenLDAP 2.5 Support
---
README-QUICKSTART-SLAPD.md | 58 ++++++++++++++++++----------------------------
build-config.xml | 1 -
ldap/slapd.conf.src | 7 +-----
slapd.properties.example | 40 +++++++++++---------------------
4 files changed, 38 insertions(+), 68 deletions(-)
diff --git a/README-QUICKSTART-SLAPD.md b/README-QUICKSTART-SLAPD.md
index 97cf931..315c426 100644
--- a/README-QUICKSTART-SLAPD.md
+++ b/README-QUICKSTART-SLAPD.md
@@ -75,44 +75,30 @@ ________________________________________________________________________________
* Learn more about how the config works: [README-CONFIG](README-CONFIG.md).
* Learn more about what properties there are: [README-PROPERTIES](README-PROPERTIES.md).
-3. Download the latest OpenLDAP binaries for your platform:
- [Symas OpenLDAP Silver Edition](https://downloads.symas.com/products/symas-openldap-directory-silver-edition/)
+3. Setup your Debian or Rehat repos for Symas OpenLDAP packages:
+ [Symas OpenLDAP 2.5](https://repo.symas.com/soldap/)
-4. Place either a centos or debian package under the folder named *ldap* : [fortress-core-[VERSION]/ldap](./ldap)
-
-5. Edit the *slapd.properties* file:
+4. Edit the *slapd.properties* file:
```
vi slapd.properties
```
-6. Update the *slapd.properties* file *slapd.install* statement with a reference to the openldap file install downloaded earlier.
+5. Choose which package to install Debian or Redhat:
- a. For Debian installs:
- ```
- slapd.install=dpkg -i symas-openldap-silver.version.platform.deb
- ```
+```
+#Debian:
+slapd.install=apt install symas-openldap-clients symas-openldap-server -y
+slapd.uninstall=apt remove symas-openldap-clients symas-openldap-server -y
- b. For Centos:
- ```
- slapd.install=rpm -i symas-openldap-silver.version.platform.rpm
- ```
+# Or:
-7. Specify whether you want to enable the slapo-rbac overlay:
+# Redhat:
+slapd.install=yum install symas-openldap-servers, symas-openldap-clients -y
+slapd.uninstall=yum remove symas-openldap-servers, symas-openldap-clients -y
+```
- a. Yes, I want to enable slapo-rbac:
- ```
- rbac.accelerator=true
- ```
-
- *To use this option, symas-openldap version 2.4.43++ is required.*
-
- b. No, I don't want to enable slapo-rbac:
- ```
- rbac.accelerator=false
- ```
-
-8. (optional) Specify whether you want to communicate over SSL using LDAPS:
+6. (optional) Specify whether you want to communicate over SSL using LDAPS:
a. Place .pem files for ca-certificate, server certificate and private key in folder named *certs* : [fortress-core-[VERSION]/src/test/resources/certs](./src/test/resources/certs)
@@ -152,9 +138,9 @@ ________________________________________________________________________________
- the truststore may be found on the classpath or as a fully qualified file name determined by trust.store.onclasspath.
- The LDAP URIs are used by the server listener during startup.
-9. Save and exit
+7. Save and exit
-10. Prepare your terminal for execution of maven commands.
+8. Prepare your terminal for execution of maven commands.
```
#!/bin/sh
@@ -163,7 +149,7 @@ ________________________________________________________________________________
export PATH=$PATH:$M2_HOME/bin
```
-11. Run the maven install:
+9. Run the maven install:
a. Java 8 target
@@ -173,25 +159,27 @@ a. Java 8 target
-- OR --
-b. Java 11 target
+b. Java 11++ target
```
mvn clean install -Djava.version=11
```
-12. Install, configure and load the slapd server:
+Where -Djava.version matches the version of Java
+
+10. Install, configure and load the slapd server:
```
mvn test -Pinit-slapd
```
-13. To start the slapd process:
+11. To start the slapd process:
```
mvn test -Pstart-slapd
```
-14. To stop the slapd process:
+12. To stop the slapd process:
```
mvn test -Pstop-slapd
diff --git a/build-config.xml b/build-config.xml
index 3cf2916..1b27a96 100644
--- a/build-config.xml
+++ b/build-config.xml
@@ -149,7 +149,6 @@
<replace file="${target.slapd.conf}" token="@LOG_RDRS@" value="${log.rdrs}"/>
<replace file="${target.slapd.conf}" token="@LOG_SIZE@" value="${log.size}"/>
<replace file="${target.slapd.conf}" token="@LOG_BDB_CACHE_SIZE@" value="${log.bdb.cache.size}"/>
- <replace file="${target.slapd.conf}" token="@DFLT_RDRS@" value="${dflt.rdrs}"/>
<replace file="${target.slapd.conf}" token="@DFLT_SIZE@" value="${dflt.size}"/>
<replace file="${target.slapd.conf}" token="@DFLT_BDB_CACHE_SIZE@" value="${dflt.bdb.cache.size}"/>
<replace file="${target.slapd.conf}" token="@DFLT_BDB_CACHE_IDLE_SIZE@" value="${dflt.bdb.cache.idle.size}"/>
diff --git a/ldap/slapd.conf.src b/ldap/slapd.conf.src
index f29bcd6..2c20952 100755
--- a/ldap/slapd.conf.src
+++ b/ldap/slapd.conf.src
@@ -21,7 +21,7 @@
# Note: Directives that begin with '@' are substitution parms that get automatically replaced.
include @SCHEMA_PATH@/core.schema
-include @SCHEMA_PATH@/ppolicy.schema
+#include @SCHEMA_PATH@/ppolicy.schema
include @SCHEMA_PATH@/cosine.schema
include @SCHEMA_PATH@/inetorgperson.schema
include @SCHEMA_PATH@/rfc2307bis.schema
@@ -66,7 +66,6 @@ password-hash {SSHA}
# Access Log DB Settings
#######################################################################
database @DB_TYPE@
-@LOG_RDRS@
@LOG_SIZE@
suffix "@LOG_SUFFIX@"
rootdn "@LOG_ROOT_DN@"
@@ -78,7 +77,6 @@ index reqDN,reqAuthzID,reqAttr,reqMod,reqResult eq
directory "@HISTORY_DB_PATH@"
@LOG_DBNOSYNCH@
@LOG_CHECKPOINT@
-@LOG_BDB_CACHE_SIZE@
# Accesslog is readable by replicator and fortress:
access to dn.subtree="@LOG_SUFFIX@"
@@ -90,7 +88,6 @@ access to dn.subtree="@LOG_SUFFIX@"
# Default DB Settings
#######################################################################
database @DB_TYPE@
-@DFLT_RDRS@
@DFLT_SIZE@
suffix "@SUFFIX@"
rootdn "@ROOT_DN@"
@@ -107,8 +104,6 @@ overlay accesslog
logdb "@LOG_SUFFIX@"
@DFLT_DBNOSYNCH@
@DFLT_CHECKPOINT@
-@DFLT_BDB_CACHE_SIZE@
-@DFLT_BDB_CACHE_IDLE_SIZE@
# The fortress admin needs write access to the whole DIT
access to dn.subtree="@SUFFIX@"
diff --git a/slapd.properties.example b/slapd.properties.example
index f36430e..2d8333e 100644
--- a/slapd.properties.example
+++ b/slapd.properties.example
@@ -159,23 +159,18 @@ rfc2307=false
# OpenLDAP MDB Backend config is default setting for Fortress::
db.type=mdb
-dflt.rdrs=maxreaders 64
dflt.size=maxsize 1000000000
-log.rdrs=maxreaders 64
log.size=maxsize 1000000000
-dflt.bdb.cache.size=
-dflt.bdb.cache.idle.size=
-log.bdb.cache.size=
# These next params used by 'init-slapd' target to install OpenLDAP to target machine. Do not change any params below this line unless you know what you are doing:
## Symas OpenLDAP on NIX section:
openldap.install.artifact.dir=./ldap
-db.root=/var/openldap
+db.root=/var/symas/openldap-data
openldap.root=/opt/symas
slapd.dir=${openldap.root}/etc/openldap
# to start:
-pid.dir=/var/openldap
+pid.dir=/var/symas/run
db.dir=${db.root}/dflt
db.hist.dir=${db.root}/hist
db.bak.dir=${db.root}/backup/dflt
@@ -187,25 +182,18 @@ dflt.dbnosynch=dbnosync
log.checkpoint=checkpoint 64 5
dflt.checkpoint=checkpoint 64 5
-# Each of the options are used for a particular Symas-OpenLDAP platform.Debian 64-bit Silver:
-
-#Debian 64-bit Silver:
-#platform=Debian-Silver-x86-64
-# Note: for Ubuntu installs, remove the file /opt/symas/etc/openldap/symas-openldap.conf before installing new package, to prevent automatic startup after the installation.
-#slapd.install=dpkg -i symas-openldap-silver.64_2.4.43-20151204_amd64.deb
-#slapd.uninstall=dpkg -r symas-openldap-silver
-#install.image.dir=/home/smckinn/archives/debian64
-#slapd.module.dir=${openldap.root}/lib64/openldap
-#slapd.start=${openldap.root}/lib64/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap
-
-# Redhat 64-bit Silver:
-platform=Redhat-Silver-x86-64
-slapd.install=rpm -i symas-openldap-silver.x86_64-2.4.43-1.rpm
-slapd.uninstall=rpm -e symas-openldap-silver
-slapd.module.dir=${openldap.root}/lib64/openldap
-# use the symas openldap startup script:
-slapd.start=${openldap.root}/etc/solserver start -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap
-#slapd.start=${openldap.root}/lib64/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf -F ${openldap.root}/etc/openldap
+# Symas-OpenLDAP Configurations:
+platform=symas-openldap
+slapd.module.dir=${openldap.root}/lib/openldap
+slapd.start=${openldap.root}/lib/slapd -h ldap://${ldap.host}:${ldap.port} -f ${openldap.root}/etc/openldap/slapd.conf
+
+#Debian:
+#slapd.install=apt install symas-openldap-clients symas-openldap-server -y
+#slapd.uninstall=apt remove symas-openldap-clients symas-openldap-server -y
+
+# Redhat:
+slapd.install=yum install symas-openldap-servers, symas-openldap-clients -y
+slapd.uninstall=yum remove symas-openldap-servers, symas-openldap-clients -y
########################################################################
# 6. RBAC ACCELERATOR OVERLAY PROPS