Openldap cn config
Manutenzione di OpenLDAP con configurazioni in cn=config
Materializzazione delle configurazioni:
cd /opt/openldap sudo ./sbin/slapcat -F ./etc/openldap/slapd.d -n0 -l ~/maintenance/extracted_config.ldif # sudo ./sbin/slapcat -F ./etc/openldap/slapd.d -b cn=config > ~/maintenance/extracted_config.ldif # equivalent
Edit dello ldif e test
sudo ./sbin/slapadd -n0 -F ~/maintenance/slapd.d -l ~/maintenance/edited_config.ldif sudo ./sbin/slaptest -F ~/maintenance/slapd.d
Edit dello ldif e re-import
sudo systemctl stop slapd sudo mv -v ./etc/openldap/slapd.d/* ~/maintenance/backup/slapd.d/ sudo ./sbin/slapadd -n0 -F ./etc/openldap/slapd.d -l ~/maintenance/edited_config.ldif sudo chown -R openldap:openldap ./etc/openldap/etc/openldap/slapd.d sudo systemctl start slapd
Si può automatizzare questa fase con uno script:
#!/bin/bash OPENLDAP_PATH=/opt/openldap MAINT_PATH=/home/francesco/maintenance systemctl stop slapd mkdir -p $MAINT_PATH/backup/slapd.d mv -v $OPENLDAP_PATH/etc/openldap/slapd.d/* $MAINT_PATH/backup/slapd.d/ $OPENLDAP_PATH/sbin/slapadd -n0 -F $OPENLDAP_PATH/etc/openldap/slapd.d -l $MAINT_PATH/edited_config.ldif chown -R openldap:openldap $OPENLDAP_PATH/etc/openldap/slapd.d systemctl start slapd