Ubuntu Documentation

Simpler LDAP setup w. ldapscripts

Bug #291779 reported by Morten Siebuhr
4
Affects Status Importance Assigned to Milestone
Ubuntu Documentation
Invalid
Undecided
Adam Sommer

Bug Description

In ubuntu-doc/serverguide/C/network-auth.xml there is a large amount of copy-edit-paste code that has to be 100% correct for LDAP to work.

As the package ldapscripts, also touted in the guide, has the very nice script ldapinit, that does all this and some for the user, why not use that?

It seems the script sets up a bit more stuff that otherwise described in the guide (Machines-subtree and "Idmap" OU), but either guide or script could be adapted to align better.

Tags: serverguide
Revision history for this message
Dean Sas (dsas) wrote :

Perhaps fixing bug 291779 would also fix this?

Revision history for this message
Dean Sas (dsas) wrote :

commented on wrong bug! sorry for the noise

Revision history for this message
Adam Sommer (asommer) wrote :

Thank you for reporting this bug and helping to make Ubuntu better. I agree there is a large amount of copy 'n pasting involved. I'm not sure there is a good way around that, especially since moving to the cn=config method of slapd configuration.

I'm not sure recommending ldapinit is the best way for a few reasons:

1) ldapscripts are somewhat limited, and it's difficult to make a tool recommendation because the function of the directory can vary greatly. For example, if an admin wants to add the Samba schema for example, he then should really use smbldap-tools.

2) I think it's best if the guide is as generic as possible with regard to the tree structure, since there are so many ways to configure it.

3) Using ldapinit to populate the tree only really replaces one copy and paste.

4) I also think it's good to have as many examples of the native tools that ship with OpenLDAP since they should be the most reliable. At least in theory.

Anyway, those are my thoughts, but if there's strong disagreement feel free to submit a patch, or just list your ideas. I'm open to make any changes that will help simplify the guide. Also, there are blueprints for a "Ubuntu Directory Service" that would, I assume, have a pre-configured tree and customized tools.

  https://blueprints.launchpad.net/ubuntu/+spec/ldap-defaultdit-usergrp-mgmt

And the Ubuntu Directory Services LP Team:

  https://launchpad.net/~ubuntu-directory

Changed in ubuntu-doc:
assignee: nobody → asommer
status: New → Incomplete
Revision history for this message
Morten Siebuhr (msiebuhr) wrote :

It doesn't seem there are any more discussion on this - closing it without doing anything further...

Changed in ubuntu-docs:
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.