[Fedora-directory-users] ConfigFile directives in .inf-files
Rich Megginson
rmeggins at redhat.com
Wed Apr 22 14:39:59 UTC 2009
tamarin p wrote:
> I'm (still :) trying to fully automate ldap installation for our
> specific deployment with setup-ds.pl in silent mode.. I have an inf
> which uses ConfigFile directives to try to define indexes, cache sizes
> and other settings for the directory server. My problem is, only a
> small part of those ConfigFiles are applied when I check dse.ldif
> after, but no errors anywhere. I tried using --debug but the only
> output I could see of relevance was:
> "+Processing config.ldif ..."
> "+Processing indexes.ldif ..."
>
> NONE of the settings in the ConfigFile make it to dse.ldif except
> "nsslapd-dbcachesize" and "nsslapd-cachememsize".. These are both set
> properly, or I would doubt if the files had been processed at all. But
> the the replication manager isn't created and size/timelimits are not
> set and so on, and the same with indexes. I can see nothing in the
> output log from the script and there's nothing in the logs for the
> newly created server.
>
> If I instead add the ConfigFiles with ldapmodify, things work fine.
>
> My guess is I'm trying to modify attributes that don't exist yet? The
> Red Hat documentation at
> http://www.redhat.com/docs/manuals/dir-server/install/8.0/Installation_Guide-Advanced_Configuration-Silent.html
> seems to indicate that I should be able to create a replication
> manager, but the difference I can tell from the docs is that their RM
> is made in the directory itself while I'm trying to use the cn=config
> database.
Unfortunately, the LDIF modify parser does not work correctly - it does
not support the full LDIF modify statement syntax (due to a bug in
Mozilla::LDAP). So there are a few limitations, all of which you seem
to have run into:
>
> Here's a snippet from my config.ldif:
>
> # doesnt get created
> dn: cn=replication manager,cn=config
> changetype: add
> objectClass: inetorgperson
> objectClass: person
> objectClass: top
> cn: replication manager
> sn: RM
> userPassword: password
> passwordExpirationTime: 20380119031407Z
Don't use changetype: add - if there is no changetype, the parser
assumes you want to add the entry.
>
> # is set properly
> dn: cn=config,cn=ldbm database,cn=plugins,cn=config
> changetype: modify
> replace: nsslapd-dbcachesize
> nsslapd-dbcachesize: 512000000
>
> # is not set
> dn: cn=default instance config,cn=chaining database,cn=plugins,cn=config
> changetype: modify
> replace: nsslapd-sizelimit
> nsslapd-sizelimit: 20000
> -
> replace: nsslapd-timelimit
> nsslapd-timelimit: 120
The parser doesn't understand the '-'. So instead, do this:
changetype: modify
replace: nsslapd-sizelimit
replace: nsslapd-timelimit
nsslapd-sizelimit: 20000
nsslapd-timelimit: 120
That is, group all of the command statements together, then the
attributes and values, without using any '-'.
>
> # is set
> dn: cn=userRoot,cn=ldbm database,cn=plugins,cn=config
> changetype: modify
> replace: nsslapd-cachememsize
> nsslapd-cachememsize: 512000000
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20090422/f5af8800/attachment.bin>
More information about the 389-users
mailing list