source/script/tests/mk-openldap.sh

   1 SLAPD_CONF=$LDAPDIR/slapd.conf
   2 export SLAPD_CONF
   3
   4 echo "OPENLDAP_LOGLEVEL=0"
   5
   6 cat >$SLAPD_CONF <<EOF
   7 loglevel 0
   8
   9 include $LDAPDIR/ad.schema
  10
  11 pidfile         $PIDDIR/slapd.pid
  12 argsfile        $LDAPDIR/slapd.args
  13 sasl-realm $DNSNAME
  14 access to * by * write
  15
  16 allow update_anon
  17
  18 authz-regexp
  19           uid=([^,]*),cn=$DNSNAME,cn=digest-md5,cn=auth
  20           ldap:///$BASEDN??sub?(samAccountName=\$1)
  21
  22 authz-regexp
  23           uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
  24           ldap:///$BASEDN??sub?(samAccountName=\$1)
  25
  26 include $LDAPDIR/modules.conf
  27
  28 defaultsearchbase "$BASEDN"
  29
  30 backend         bdb
  31 database        bdb
  32 suffix          "$BASEDN"
  33 rootdn          "cn=Manager,$BASEDN"
  34 rootpw          $PASSWORD
  35 directory       $LDAPDIR/db
  36 index           objectClass eq
  37 index           samAccountName eq
  38 index name eq
  39 index objectSid eq
  40 index objectCategory eq
  41 index member eq
  42 index uidNumber eq
  43 index gidNumber eq
  44 index unixName eq
  45 index privilege eq
  46 index nCName eq pres
  47 index lDAPDisplayName eq
  48 index subClassOf eq
  49 index dnsRoot eq
  50 index nETBIOSName eq pres
  51
  52 EOF
  53
  54 cat > $LDAPDIR/db/DB_CONFIG <<EOF
  55 #
  56         # Set the database in memory cache size.
  57         #
  58         set_cachesize   0       524288        0
  59
  60
  61         #
  62         # Set database flags (this is a test environment, we don't need to fsync()).
  63         #
  64         set_flags       DB_TXN_NOSYNC
  65
  66         #
  67         # Set log values.
  68         #
  69         set_lg_regionmax        104857
  70         set_lg_max              1048576
  71         set_lg_bsize            209715
  72         set_lg_dir              $LDAPDIR/db/bdb-logs
  73
  74
  75         #
  76         # Set temporary file creation directory.
  77         #
  78         set_tmp_dir             $LDAPDIR/db/tmp
  79 EOF
  80
  81 #This uses the provision we just did, to read out the schema
  82 $srcdir/bin/ad2oLschema $CONFIGURATION -H $PRIVATEDIR/sam.ldb -I $srcdir/setup/schema-map-openldap-2.3 -O $LDAPDIR/ad.schema >&2
  83
  84 #Now create an LDAP baseDN
  85 $srcdir/bin/smbscript $srcdir/setup/provision $PROVISION_OPTIONS --ldap-base >&2
  86
  87 OLDPATH=$PATH
  88 PATH=/usr/local/sbin:/usr/sbin:/sbin:$PATH
  89 export PATH
  90
  91 MODCONF=$LDAPDIR/modules.conf
  92 rm -f $MODCONF
  93 touch $MODCONF
  94
  95 slaptest -u -f $SLAPD_CONF >&2 || {
  96     echo "enabling slapd modules" >&2
  97     cat > $MODCONF <<EOF
  98 modulepath      /usr/lib/ldap
  99 moduleload      back_bdb
 100 EOF
 101 }
 102
 103 if slaptest -u -f $SLAPD_CONF; then
 104     slapadd -f $SLAPD_CONF < $PRIVATEDIR/$DNSNAME.ldif >/dev/null || {
 105         echo "slapadd failed" >&2
 106     }
 107
 108     slaptest -f $SLAPD_CONF >/dev/null || {
 109         echo "slaptest after database load failed" >&2
 110     }
 111 fi
 112
 113 PATH=$OLDPATH
 114 export PATH
 115