Author: abartlet Date: 2007-12-27 04:18:54 +0000 (Thu, 27 Dec 2007) New Revision: 26610
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=26610 Log: Write out a memberof.conf, to run the memberof plugin on all linked attributes, as found in the schema. Index 'cn', as otherwise exact match searches on this attribute always fail (need to figure out what is so special about cn in OpenLDAP). Andrew Bartlett Modified: branches/SAMBA_4_0/source/setup/provision-backend branches/SAMBA_4_0/source/setup/slapd.conf Changeset: Modified: branches/SAMBA_4_0/source/setup/provision-backend =================================================================== --- branches/SAMBA_4_0/source/setup/provision-backend 2007-12-27 04:17:28 UTC (rev 26609) +++ branches/SAMBA_4_0/source/setup/provision-backend 2007-12-27 04:18:54 UTC (rev 26610) @@ -141,6 +141,36 @@ } else { slapd_command = "slapd -f " + subobj.LDAPDIR + "/slapd.conf -h " + subobj.LDAPI_URI; } + + var ldb = ldb_init(); + ldb.filename = tmp_schema_ldb; + + var connect_ok = ldb.connect(ldb.filename); + assert(connect_ok); + var attrs = new Array("linkID", "lDAPDisplayName"); + var res = ldb.search("(&(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1)))(objectclass=attributeSchema))", subobj.SCHEMADN, ldb.SCOPE_SUBTREE, attrs); + assert(res.error == 0); + var memberof_config = ""; + for (i=0; i < res.msgs.length; i++) { +searchone(ldb, subobj.DOMAINDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID"); + var target = searchone(ldb, subobj.SCHEMADN, "(&(objectclass=attributeSchema)(linkID=" + (res.msgs[i].linkID + 1) + "))", "lDAPDisplayName"); + if (target != undefined) { + memberof_config = memberof_config + "overlay memberof +memberof-dangling error +memberof-refint TRUE +memberof-group-oc top +memberof-member-ad " + res.msgs[i].lDAPDisplayName + " +memberof-memberof-ad " + target + " + +"; + } + } + ok = sys.file_save(subobj.LDAPDIR + "/memberof.conf", memberof_config); + if (!ok) { + message("failed to create file: " + f + "\n"); + assert(ok); + } + } var schema_command = "ad2oLschema --option=convert:target=" + options["ldap-backend-type"] + " -I " + lp.get("setup directory") + "/" + mapping + " -H tdb://" + tmp_schema_ldb + " -O " + subobj.LDAPDIR + "/" + backend_schema; Modified: branches/SAMBA_4_0/source/setup/slapd.conf =================================================================== --- branches/SAMBA_4_0/source/setup/slapd.conf 2007-12-27 04:17:28 UTC (rev 26609) +++ branches/SAMBA_4_0/source/setup/slapd.conf 2007-12-27 04:18:54 UTC (rev 26610) @@ -31,6 +31,7 @@ index objectCategory eq index lDAPDisplayName eq index subClassOf eq +index cn eq database hdb suffix ${CONFIGDN} @@ -44,6 +45,7 @@ index subClassOf eq index dnsRoot eq index nETBIOSName eq +index cn eq database hdb suffix ${DOMAINDN} @@ -65,9 +67,12 @@ index subClassOf eq index dnsRoot eq index nETBIOSName eq +index cn eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We only need this for the contextCSN attribute anyway.... overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 + +include ${LDAPDIR}/memberof.conf
