Hi all,

OK, I run a moderate sized LDAP system that I inherited.  It's been broken to one degree or another for literally years and it's my task to fix it.  I've already upgraded every single server to redhat-ds 8, and am in the process of nailing down a few bugs that we have never been able to address.  Not being able to change expired passwords, etc.

I would like to integrate setup with, say puppet.  I would like to be able to say "OK, here's a host, let's build a working LDAP setup, *without human intervention*.".  It seems to be impossible.  Many steps I can't do except for through the GUI, the SSL key setup (which I can do via command line using certutil though it doesn't seem to be documented and I don't know yet how to do a request) is very awkward, and basically setting up a new server is currently an intensely manual process.

I don't like this.

I would like a command like utility of some kind where I can do everything the admin gui can do - turning options on and off, etc.  And I would like just one tool, not having to go around to all sorts of different places and change entries here and there.  I know it can be done because the gui does it.  How about making it admin friendly?

Or am I missing something and it's already there?

Thanks,

--Russell