[MediaWiki-commits] [Gerrit] ldap.conf: Remove openldap unused parameters - change (operations/puppet)

Alexandros Kosiaris (Code Review) Wed, 21 Oct 2015 03:17:19 -0700

Alexandros Kosiaris has submitted this change and it was merged.

Change subject: ldap.conf: Remove openldap unused parameters
......................................................................



ldap.conf: Remove openldap unused parameters

OpenLDAP does not honor BINDDN in ldap.conf. It will only honor it in
.ldaprc files and we don't populate these right now. BINDPW is not
honored at all by OpenLDAP. Also have ERB trim it's trailing whiteline

Change-Id: I3ab361609e3d603aecc5a1853d41ddd04cace3b2
---
M modules/ldap/templates/open_ldap.erb
1 file changed, 1 insertion(+), 3 deletions(-)

Approvals:
  Alexandros Kosiaris: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/ldap/templates/open_ldap.erb 
b/modules/ldap/templates/open_ldap.erb
index 3f21155..25b2d5e 100644
--- a/modules/ldap/templates/open_ldap.erb
+++ b/modules/ldap/templates/open_ldap.erb
@@ -1,12 +1,10 @@
 BASE            <%= @ldapconfig["basedn"] %>
 URI             <% @ldapconfig["servernames"].each do |servername| 
-%>ldap://<%= servername %>:389 <% end -%>
 
-BINDDN          cn=proxyagent,ou=profile,<%= @ldapconfig["basedn"] %>
-BINDPW          <%= @ldapconfig["proxypass"] %>
 SSL             start_tls
 TLS_CHECKPEER   yes
 TLS_REQCERT     demand
 TLS_CACERTDIR   /etc/ssl/certs
 TLS_CACERTFILE  /etc/ssl/certs/<%= @ldapconfig["ca"] %>
 TLS_CACERT      /etc/ssl/certs/<%= @ldapconfig["ca"] %>
-<% if @ldapincludes.include?('sudo') then %>SUDOERS_BASE    <%= 
@ldapconfig["sudobasedn"] %><% end %>
+<% if @ldapincludes.include?('sudo') then %>SUDOERS_BASE    <%= 
@ldapconfig["sudobasedn"] %><% end -%>

-- 
To view, visit https://gerrit.wikimedia.org/r/246242
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I3ab361609e3d603aecc5a1853d41ddd04cace3b2
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: Andrew Bogott <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] ldap.conf: Remove openldap unused parameters - change (operations/puppet)

Reply via email to