tamarin p wrote: > I'm (still :) trying to fully automate ldap installation for our > specific deployment with setup-ds.pl in silent mode.. I have an inf > which uses ConfigFile directives to try to define indexes, cache sizes > and other settings for the directory server. My problem is, only a > small part of those ConfigFiles are applied when I check dse.ldif > after, but no errors anywhere. I tried using --debug but the only > output I could see of relevance was: > "+Processing config.ldif ..." > "+Processing indexes.ldif ..." > > NONE of the settings in the ConfigFile make it to dse.ldif except > "nsslapd-dbcachesize" and "nsslapd-cachememsize".. These are both set > properly, or I would doubt if the files had been processed at all. But > the the replication manager isn't created and size/timelimits are not > set and so on, and the same with indexes. I can see nothing in the > output log from the script and there's nothing in the logs for the > newly created server. > > If I instead add the ConfigFiles with ldapmodify, things work fine. > > My guess is I'm trying to modify attributes that don't exist yet? The > Red Hat documentation at > http://www.redhat.com/docs/manuals/dir-server/install/8.0/Installation_Guide-Advanced_Configuration-Silent.html > seems to indicate that I should be able to create a replication > manager, but the difference I can tell from the docs is that their RM > is made in the directory itself while I'm trying to use the cn=config > database. Unfortunately, the LDIF modify parser does not work correctly - it does not support the full LDIF modify statement syntax (due to a bug in Mozilla::LDAP). So there are a few limitations, all of which you seem to have run into: > > Here's a snippet from my config.ldif: > > # doesnt get created > dn: cn=replication manager,cn=config > changetype: add > objectClass: inetorgperson > objectClass: person > objectClass: top > cn: replication manager > sn: RM > userPassword: password > passwordExpirationTime: 20380119031407Z Don't use changetype: add - if there is no changetype, the parser assumes you want to add the entry. > > # is set properly > dn: cn=config,cn=ldbm database,cn=plugins,cn=config > changetype: modify > replace: nsslapd-dbcachesize > nsslapd-dbcachesize: 512000000 > > # is not set > dn: cn=default instance config,cn=chaining database,cn=plugins,cn=config > changetype: modify > replace: nsslapd-sizelimit > nsslapd-sizelimit: 20000 > - > replace: nsslapd-timelimit > nsslapd-timelimit: 120 The parser doesn't understand the '-'. So instead, do this: changetype: modify replace: nsslapd-sizelimit replace: nsslapd-timelimit nsslapd-sizelimit: 20000 nsslapd-timelimit: 120 That is, group all of the command statements together, then the attributes and values, without using any '-'. > > # is set > dn: cn=userRoot,cn=ldbm database,cn=plugins,cn=config > changetype: modify > replace: nsslapd-cachememsize > nsslapd-cachememsize: 512000000 > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20090422/f5af8800/attachment.bin
