Looks fine. Thanks,
Darren. On 15/06/2011 17:38, William Schumann wrote: > Thanks, Darren. > Michen had some good suggestions for defaulting in LDAP domains for search > base and proxy bind distinguished name, and found a bug > in which the search base user entry was being ignored. Mary asked me to > clean up some trivial PEP8 issues in other source. So > there are a few source changes showed in the diff webrev below. > http://cr.opensolaris.org/~wmsch/bug-7054032-2/ > http://cr.opensolaris.org/~wmsch/bug-7054032-diff/ > > William > On 06/15/11 06:02 PM, Darren Kenny wrote: >> That works for me. >> >> Thanks, >> >> Darren. >> >> On 15/06/2011 16:45, William Schumann wrote: >>> Darren, >>> Because of imminent completion of: >>> CR 7054440 Allow combination of name services to be configured in S11 >>> text installer: DNS+NIS, DNS+LDAP >>> The user will have the chance to configure DNS+LDAP. If the user selects >>> configures LDAP only, I will assume that the user does not >>> want DNS and that the best guess is that the user wants LDAP for host names. >>> So, the network/name-service/switch for LDAP-only will be >>> default: files ldap >>> printer: user files ldap >>> netgroup: ldap >>> So 'hosts' will default to 'files ldap'. >>> Does this work for all concerned? >>> William >>> >>> On 06/14/11 12:17 PM, William Schumann wrote: >>>> Darren, >>>> This change refers to SMF profile setup for >>>> svc:/network/name-service/switch, which functions as nsswitch.conf(4) >>>> 'database' here refers to the source of the name service resolution. >>>> The 'default' source is a new approach for SMF - nsswitch.conf must have >>>> all values explicit. >>>> Source 'host' allows the user to specify the source of host name >>>> resolution, as opposed to printer name resolution, for example. >>>> Source 'files' allows the user to configure host names in files, such as >>>> /etc/hosts. >>>> Since LDAP is not normally used to resolve hostnames, the default is set >>>> to 'files'. >>>> The change: >>>>> 'LDAP': { >>>>> 'default': 'files ldap', >>>>> - 'host': 'files dns mdns', >>>>> + 'host': 'files', >>>>> 'printer': 'user files ldap', >>>>> 'netgroup': 'ldap'}, >>>> The fix removes DNS/MDNS from sources to resolve hostnames, since there is >>>> no DNS in this case. 'ldap' was not put in to replace >>>> them, since LDAP isn't normally used to resolve host names. The user will >>>> then either put host names into files like /etc/hosts >>>> or manually tailor the configuration later. >>>> >>>> I'm almost done coding an enhancement allowing the user to combine LDAP >>>> with NIS or DNS. For those cases, the database source for >>>> host names will be: >>>> for LDAP/DNS, >>>> host files dns >>>> for LDAP/NIS >>>> host files nis >>>> >>>> These say, first look in files to resolve names, then if not found there, >>>> look in DNS (or NIS). >>>> >>>> Thank you, >>>> WIlliam >>>> >>>> On 06/13/11 06:59 PM, Darren Kenny wrote: >>>>> On 13/06/2011 16:56, William Schumann wrote: >>>>>> Darren, >>>>>> Answering your question below: >>>>>> >>>>>> On 06/13/11 04:08 PM, Darren Kenny wrote: >>>>>>> Hi William, >>>>>>> >>>>>>> Generally looks good, but I do have one question about the change in >>>>>>> nameservice_info.py: >>>>>>> >>>>>>> @@ -235,11 +239,11 @@ >>>>>>> 'default': 'files', >>>>>>> 'host': 'files dns mdns', >>>>>>> 'printer': 'user files'}, >>>>>>> 'LDAP': { >>>>>>> 'default': 'files ldap', >>>>>>> - 'host': 'files dns mdns', >>>>>>> + 'host': 'files', >>>>>>> 'printer': 'user files ldap', >>>>>>> 'netgroup': 'ldap'}, >>>>>>> 'NIS': { >>>>>>> 'default': 'files nis', >>>>>>> 'printer': 'user files nis', >>>>>>> >>>>>>> Should this be: >>>>>>> >>>>>>> 'host: 'files ldap', >>>>>>> >>>>>>> as in /etc/nsswitch.ldap? >>>>>> LDAP is normally used to resolve host names, so in the absence of other >>>>>> name >>>>>> servers, 'files' is the only database for host names. >>>>> OK, maybe I'm mistaking the purpose of this line - but looking at the >>>>> others >>>>> it looks like this values is used if you select LDAP as the source for >>>>> resolving hostnames? >>>>> >>>>> Is that not what this line means? If so, then should it not have 'files >>>>> ldap' >>>>> like the DNS one has 'files dns mdns' and the NIS one has 'files nis'... >>>>> >>>>> Thanks, >>>>> >>>>> Darren. >>>>> >>>>> >>>>>> Thanks, >>>>>> William >>>>>>> Thanks, >>>>>>> >>>>>>> Darren. >>>>>>> >>>>>>> On 13/06/2011 14:59, William Schumann wrote: >>>>>>>> This CR covers a number of simple issues that could not be tested >>>>>>>> before the >>>>> 167 integration. >>>>>>>> The install client supplies the required svc:/network/ldap/client >>>>>>>> property >>>>> config/search_base property. >>>>>>>> UI defaults in search_base and proxy bind distinguished name taken from >>>>> user's domain. >>>>>>>> Allows special characters required in proxy bind distinguished name. >>>>>>>> >>>>>>>> Scrolls domain name on input allowing up to 255 characters. Places >>>>>>>> input >>>>> field for proxy bind distinguished name on separate line, >>>>>>>> since it can be quite large. >>>>>>>> >>>>>>>> Does not echo proxy bind password and conceals password in summary. >>>>>>>> >>>>>>>> Update profile test >>>>>>>> >>>>>>>> http://cr.opensolaris.org/~wmsch/bug-7054032/ >>>>>>>> >>>>>>>> Thank you, >>>>>>>> William >>>>>>>> _______________________________________________ >>>>>>>> caiman-discuss mailing list >>>>>>>> [email protected] >>>>>>>> http://mail.opensolaris.org/mailman/listinfo/caiman-discuss >>>> _______________________________________________ >>>> caiman-discuss mailing list >>>> [email protected] >>>> http://mail.opensolaris.org/mailman/listinfo/caiman-discuss _______________________________________________ caiman-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/caiman-discuss
