r25921: Now also listen on ldapi by default in the LDAP server

Create a phpLDAPadmin configuration file example to use ldapi to talk
to Samba4

Andrew Bartlett
(This used to be commit 54f4c8ba6127757fd272bd97e301188eb69977ed)

diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index a74d002e9b7c4e8ec38a4c33f4858b9c0bb8e687..c165eb698a0ead2c5666c8fc90690042a4396952 100644 (file)
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -509,6 +509,7 @@ static NTSTATUS add_socket(struct event_context *event_context,
 */
 static void ldapsrv_task_init(struct task_server *task)
 {      
 */
 static void ldapsrv_task_init(struct task_server *task)
 {      

+       char *ldapi_path;

        struct ldapsrv_service *ldap_service;
        NTSTATUS status;
        const struct model_ops *model_ops;
        struct ldapsrv_service *ldap_service;
        NTSTATUS status;
        const struct model_ops *model_ops;


@@ -556,6 +557,19 @@ static void ldapsrv_task_init(struct task_server *task)
                if (!NT_STATUS_IS_OK(status)) goto failed;
        }
 
                if (!NT_STATUS_IS_OK(status)) goto failed;
        }
 

+       ldapi_path = private_path(ldap_service, global_loadparm, "ldapi");
+       if (!ldapi_path) {
+               goto failed;
+       }
+
+       status = stream_setup_socket(task->event_ctx, model_ops, &ldap_stream_ops, 
+                                    "unix", ldapi_path, NULL, ldap_service);
+       talloc_free(ldapi_path);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0,("ldapsrv failed to bind to %s - %s\n",
+                        ldapi_path, nt_errstr(status)));
+       }
+

        return;
 
 failed:
        return;
 
 failed:

diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index 5ca7be99e55846ccd9a200657f8fe3ed1c730b3c..f12c4406ff9b4b9b67a8d6ba80cda214afa2179d 100644 (file)
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -162,6 +162,7 @@ function ldb_erase(info, ldb)
        /* delete the specials */
        ldb.del("@INDEXLIST");
        ldb.del("@ATTRIBUTES");
        /* delete the specials */
        ldb.del("@INDEXLIST");
        ldb.del("@ATTRIBUTES");

+       ldb.del("@OPTIONS");

        ldb.del("@MODULES");
        ldb.del("@PARTITION");
        ldb.del("@KLUDGEACL");
        ldb.del("@MODULES");
        ldb.del("@PARTITION");
        ldb.del("@KLUDGEACL");


@@ -393,6 +394,9 @@ function provision_default_paths(subobj)
        paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + dnsdomain + "-config.ldif";
        paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + dnsdomain + "-schema.ldif";
 
        paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + dnsdomain + "-config.ldif";
        paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + dnsdomain + "-schema.ldif";
 

+       paths.s4_ldapi_socket = lp.get("private dir") + "/ldapi";
+       paths.phpldapadminconfig = lp.get("private dir") + "/phpldapadmin-config.php";
+

        paths.sysvol = lp.get("sysvol", "path");
 
        if (paths.sysvol == undefined) {
        paths.sysvol = lp.get("sysvol", "path");
 
        if (paths.sysvol == undefined) {


@@ -489,6 +493,9 @@ function provision_fix_subobj(subobj, paths)
        var ldap_path_list = split("/", paths.ldapdir);
        subobj.LDAPI_URI = "ldapi://" + join("%2F", ldap_path_list) + "%2Fldapi";
 
        var ldap_path_list = split("/", paths.ldapdir);
        subobj.LDAPI_URI = "ldapi://" + join("%2F", ldap_path_list) + "%2Fldapi";
 

+       var s4ldap_path_list = split("/", paths.s4_ldapi_socket);
+       subobj.S4_LDAPI_URI = "ldapi://" + join("%2F", s4ldap_path_list);
+

        subobj.LDAPMANAGERDN = "cn=Manager," + subobj.DOMAINDN;
 
        subobj.NETLOGONPATH = paths.netlogon;
        subobj.LDAPMANAGERDN = "cn=Manager," + subobj.DOMAINDN;
 
        subobj.NETLOGONPATH = paths.netlogon;


@@ -794,6 +801,10 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
                assert(commit_ok);
        }
 
                assert(commit_ok);
        }
 

+       message("Setting up phpLDAPadmin configuration\n");
+       setup_file("phpldapadmin-config.php", info.message, paths.phpldapadminconfig, subobj);
+       message("Please install the phpLDAPadmin configuration located at " + paths.phpldapadminconfig + " into /etc/phpldapadmin/config.php\n");
+

        return true;
 }
 
        return true;
 }
 

diff --git a/source4/setup/phpldapadmin-config.php b/source4/setup/phpldapadmin-config.php
new file mode 100644 (file)
index 0000000..5a4c2d7
--- /dev/null
+++ b/source4/setup/phpldapadmin-config.php
@@ -0,0 +1,28 @@
+<?php
+/**
+ * The phpLDAPadmin config file, customised for use with Samba4
+ * This overrides phpLDAPadmin defaults
+ * that are defined in config_default.php.
+ *
+ * DONT change config_default.php, you changes will be lost by the next release
+ * of PLA. Instead change this file - as it will NOT be replaced by a new
+ * version of phpLDAPadmin.
+ */
+
+/*********************************************/
+/* Useful important configuration overrides  */
+/*********************************************/
+
+/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
+   to a big random string. */
+
+$i=0;
+$ldapservers = new LDAPServers;
+
+/* A convenient name that will appear in the tree viewer and throughout
+   phpLDAPadmin to identify this LDAP server to users. */
+$ldapservers->SetValue($i,'server','name','Samba4 LDAP Server');
+$ldapservers->SetValue($i,'server','host','${S4_LDAPI_URI}');
+$ldapservers->SetValue($i,'server','auth_type','session');
+$ldapservers->SetValue($i,'login','attr','dn');
+?>