[CentOS-devel] CentOS Testing repository openldap-2.3.27.el4.centos with smbk5pwd for i386 and x86_64

Mon Dec 25 18:52:47 UTC 2006
Johnny Hughes <mailing-lists at hughesjr.com>

There are new versions of openldap-2.3.27-4.el4.centos in the testing
repository for i386 and x86_64.

http://wiki.centos.org/Repositories (for info on the testing repository)

This version of openldap is the current version in RHEL5B2 and Fedora
Core 6.

The purpose of this build is that I modified openldap to produce the
smbk5pwd overlay from the contrib directory in the openldap source.

smbk5pwd is an openldap module/overlay that keeps a Samba PDC's LDAP
passwords in sync regardless of if the change is made via LDAP
(ldappasswd), windows (usually smbpasswd), or Unix (passwd).  If any of
the 3 LDAP passwords are modified, the overlay modifies all three ...
keeping them in sync.

I have tested this version on 3 servers in a test environment on i386.

Instructions on how to setup the slapd.conf file are included
in /usr/share/doc/openldap-servers-xxxx/README.smbk5pwd

This version requires you to upgrade your databases if you are using a
bdb backend ... you need to save your data before you upgrade ..
something like this:

cd

service ldap stop

slapcat > slapcat.out

upgrade RPMS

cd /var/lib/ldap

remove all old databases

make sure you have a DB_CONFIG file in /var/lib/ldap

modify your /etc/openldap/slapd.conf file to point to these (they used
to be in /var/run with no openldap dir):

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

also add this index to slap.conf:

index uniqueMember pres

see the above listed README file if you want to add smbk5pwd 

slapadd ~/slapcat.out

chown -R ldap.ldap /var/lib/ldap

slaptest

slapindex -v

service ldap start
------------------------------------

Thanks,
Johnny Hughes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20061225/0e2aebc3/attachment-0006.sig>