Changeset 1294
- Timestamp:
- Aug 10, 2009, 8:54:28 PM (15 years ago)
- Location:
- trunk/server
- Files:
-
- 2 deleted
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/server/doc/install-howto.sh
r1259 r1294 86 86 service named start 87 87 chkconfig named on 88 89 # XXX: This sometimes doesn't exist, but it really sucks if it90 # does exist. So check for it.91 # yum remove nss_ldap, because nss-ldapd conflicts with it92 88 93 89 # In the case of the Kerberos libraries, you'll be told that -
trunk/server/fedora/Makefile
r1289 r1294 21 21 upstream_yum = krb5 httpd openssh php 22 22 upstream = openafs $(upstream_yum) 23 oursrc = execsys tokensys accountadm httpdmods logview sql-signup nss_nonlocal nss_nonlocal.i586 whoisd mit-zephyr nss-ldapd nss-ldapd.i586athrun php_scripts scripts-base23 oursrc = execsys tokensys accountadm httpdmods logview sql-signup nss_nonlocal nss_nonlocal.i586 whoisd mit-zephyr athrun php_scripts scripts-base 24 24 allsrc = $(upstream) $(oursrc) 25 25 oursrcdir = ${PWD}/../common/oursrc … … 39 39 server_arch = "fedora.stable" 40 40 openafs_url = "http://dl.openafs.org/dl/openafs/1.4.11/openafs-1.4.11-1.1.1.src.rpm" 41 nss_ldapd_url = "http://download.opensuse.org/repositories/network:/ldap/openSUSE_Factory/src/nss-ldapd-0.6.10-6.5.src.rpm"42 41 43 42 .PHONY: minimal-clean … … 64 63 #wget -qO- -nv $(server_url)/$(server_arch) | xargs make 65 64 cd $(dload) && yumdownloader --source $(upstream_yum) 66 wget -P $(dload) $(nss_ldapd_url)67 65 wget -P $(dload) $(openafs_url) 68 66 touch download_stamp -
trunk/server/fedora/config/etc/nss-ldapd.conf
r910 r1294 6 6 7 7 # The uri pointing to the LDAP server to use for name lookups. 8 # Mul itple entries may be specified. The address that is used8 # Multiple entries may be specified. The address that is used 9 9 # here should be resolvable without using LDAP (obviously). 10 10 #uri ldap://127.0.0.1/ … … 12 12 #uri ldapi://%2fvar%2frun%2fldapi_sock/ 13 13 # Note: %2f encodes the '/' used as directory separator 14 uri ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/14 # uri ldap://127.0.0.1/ 15 15 16 16 # The LDAP version to use (defaults to 3 … … 19 19 20 20 # The distinguished name of the search base. 21 base dc=scripts,dc=mit,dc=edu 21 # base dc=example,dc=com 22 22 23 23 # The distinguished name to bind to the server with. 24 24 # Optional: default is to bind anonymously. 25 #binddn cn=proxyuser,dc= padl,dc=com25 #binddn cn=proxyuser,dc=example,dc=com 26 26 27 27 # The credentials to bind with. 28 28 # Optional: default is no credentials. 29 # Note that if you set a bindpw you should check the permissions of this file. 29 30 #bindpw secret 30 31 … … 35 36 36 37 # Customize certain database lookups. 37 base group ou=Groups,dc=scripts,dc=mit,dc=edu 38 base passwd ou=People,dc=scripts,dc=mit,dc=edu 39 #base shadow ou=People,dc=example,dc= net38 #base group ou=Groups,dc=example,dc=com 39 #base passwd ou=People,dc=example,dc=com 40 #base shadow ou=People,dc=example,dc=com 40 41 #scope group onelevel 41 42 #scope hosts sub 42 43 43 44 # Bind/connect timelimit. 44 bind_timelimit 12045 #bind_timelimit 30 45 46 46 47 # Search timelimit. 47 timelimit 12048 #timelimit 30 48 49 49 50 # Idle timelimit. nslcd will close connections if the 50 51 # server has not been contacted for the number of seconds. 51 idle_timelimit 360052 #idle_timelimit 3600 52 53 53 # Netscape SDK LDAPS 54 #ssl on 55 56 # Netscape SDK SSL options 57 #sslpath /etc/ssl/certs 58 59 # OpenLDAP SSL mechanism 60 # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 54 # Use StartTLS without verifying the server certificate. 61 55 #ssl start_tls 62 #ssl on 63 64 # OpenLDAP SSL options 65 # Require and verify server certificate (yes/no) 66 # Default is to use libldap's default behavior, which can be configured in 67 # /etc/openldap/ldap.conf using the TLS_REQCERT setting. The default for 68 # OpenLDAP 2.0 and earlier is "no", for 2.1 and later is "yes". 69 #tls_checkpeer yes 56 #tls_reqcert never 70 57 71 58 # CA certificates for server certificate verification 72 # At least one of these are required if tls_checkpeer is "yes"73 59 #tls_cacertdir /etc/ssl/certs 74 60 #tls_cacertfile /etc/ssl/ca.cert … … 137 123 #map group uniqueMember member 138 124 #map group gidNumber gid 125 uid nslcd 126 gid ldap 127 # This comment prevents repeated auto-migration of settings from /etc/ldap.conf. 128 uri ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/ 129 base dc=scripts,dc=mit,dc=edu 130 timelimit 120 131 bind_timelimit 120 132 idle_timelimit 3600 133 base group ou=Groups,dc=scripts,dc=mit,dc=edu 134 base passwd ou=People,dc=scripts,dc=mit,dc=edu
Note: See TracChangeset
for help on using the changeset viewer.