thomas
/
sovereign
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Keine Beschreibung
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
1094 Commits
1 Branch
Struktur: ac59b73845
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „ac59b73845“
${ noResults }
sovereign/roles/ldap/DESIGN.md

DESIGN.md 1.5KB
Verlauf Originalformat

LDAP

  • Run this role

  • Execute sudo fusiondirectory-setup --check-ldap

    • Answer Y, Y, admin, {{ slapd_admin_password }}, Y

  • Now go to users.DOMAIN and the setup wizard should run

  • Go through it and do everything it wants.

  • When done, it gives you a configuration file. This should be equivalent to the one already on the system as .bak. So just run this command, or upload again: sudo mv /etc/fusiondirectory/fusiondirectory.conf.bak /etc/fusiondirectory/fusiondirectory.conf

  • You can now login as the admin user you created.

To setup eg. Nextcloud LDAP login, give it the following credentials: Username: uid=admin,ou=people,dc=DOMAIN,dc=TLD Password: {{ slapd_admin_password }} Base DN: dc=DOMAIN,dc=TLD

ToDo

These two steps are currently missing for full automation of the FusionDirectory Setup.

Add required object classes to the LDAP base Current

dn: dc=shagohod,dc=de objectClass: top objectClass: dcObject objectClass: organization

After migration

dn: dc=shagohod,dc=de objectClass: top objectClass: dcObject objectClass: organization xxx objectClass: gosaDepartment xxx ou: shagohod xxx description: shagohod

Default ACL roles have been inserted

Reset

To start from a fresh state:

sudo apt-get remove slapd fusiondirectory
echo PURGE | sudo debconf-communicate slapd
sudo rm -rf /etc/fusiondirectory/fusiondirectory.conf
sudo rm -rf /etc/ldap/slapd.d
sudo rm -rf /var/backups/slapd*
sudo rm -rf /var/lib/ldap/data.mdb
sudo rm -rf /var/lib/ldap/lock.mdb