1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
#!/bin/bash
# By Eric Thibodeau
# 01 July 2008
#
# NOTES:
# * it is usually suggested to keep all LDAP definitions in
# _lower case_... but do as youi wish!
# * all *_DESC variables are optionnal and are simply used
# in the description field of the LDAP db.
# The following is to tell pkg_config that this files has been revised
# Set it to "yes" once you're done
CONFIG_OK="no"
# What is the name you want to give the LDAP domain?
# say we wanted the domain to be gentoo.local you would
# put the following:
#DOMAIN="gentoo.local"
# or, in a more automated-generally-speaking sense:
#DOMAIN=$(hostname -d)
# Since this is the Clustering template, our Domain Context
# is actually more like : "machine.domain.com". ASSuming
# the machine is set up right, we can pull that in autmatically
# using the following:
DOMAIN=$(hostname -f)
DOMAIN_DESC="This the LDAP server residing on $DOMAIN"
# Which part of your organisation is this machine filling in
# for? In the present example, this is the cluster so we'll call
# this Organizational Unit (ou) cluster:
OU="cluster"
OU_DESC="Clustering department branch. All units defined under this branch are for use by the cluster"
# We will create some specific branches under that cluster,
# logically, we'll have users and groups to manage these, so
# we will minimally impose the definition of these two:
USERS_OU="users"
USERS_OU_DESC="Cluster specific Users"
GROUPS_OU="groups"
GROUPS_OU_DESC="Cluster specific Groups"
# OUTHER_OU is parsed to automatically create other sub-OU under
# the one defined above (as OU). This could be, for example:
#OTHER_OU="aliases networks hosts"
# if you want descriptions to be added to each of these groups
# automatically in the LDAP database, dedine a separate _DESC
# vairable for each. For example:
#aliases_DESC="This is the container for user aliases"
#hosts_DESC="This is the container for static host descriptions"
# Although this is often a philosophical debate, we'll stick
# with having an admin for the ldap user database and one
# for managing it's contents. Here is the dirrerence in their
# role:
#
# The ADMIN_DN will be the user used to create the ldap db
# and have total control over it. This user is typically useful
# only at creation and dumping/migration of the database. This
# user _always_ has TOTAL access to the LDAP db where it's
# defined. One typically _doesn't_ use this user to mange the
# LDAP database, the user defined in ADMIN_DN is the one to use.
#
LDAP_ADMIN_DN="admin"
# This is the paswsord to use for LDAP management tasks and is the
# one that is stored in /etc/openldap/slapd.conf (but we at least
# hash it ;)
LDAP_ADMIN_DN_PWD="default"
# The following user will essentially be identical to root, you're better
# off not renaming him.
ADMIN_DN="root"
ADMIN_DN_DESC="root account (under LDAP)"
# The following is the name of the group used to identify people
# with full access to the LDAP db. One advantage is that the members
# of this group can be dynamically changed within the LDAP db. NOTE:
# Since it's given the same gid as wheel, it's functionnaly equivalent!!!
ADMIN_GROUP_DN="wheel"
ADMIN_GROUP_DN_DESC="Users in this group can freely modify the LDAP directory at will"
# The following is the place to put the resulting generated files
# usually we'd want this to be ROOT="/" ...if you trust the script
# entirely ;). We use the environment's $ROOT if one is available...
[[ -z $ROOT ]] && ROOT="/"
# The LDIF_OUT defines the name of the ldif file that will be automatically
# created by the script. It's only really useful if you want to keep that file
# afterwards for xyz reason (obviously, LDIF_OUT_KEEP has to be set to yes):
LDIF_OUT="./create_db.ldif"
LDIF_OUT_KEEP="yes"
|
GitWeb