Some project ideas that have come out of discussions at this week's Ubuntu Developer Summit: * canned slapd.conf / config.ldif with simple tree and Samba3 support * canned config with Heimdal KDC support * canned templates to create LDAP users with POSIX, Samba, and KDC attributes fully populated * for web2ldap * plugin for Linux useradd/userdel
I think the canned configs are pretty small projects - just write a config, do some variable substitution on the database suffix etc., and it should be ready to use. We can provide these in the contrib tree with appropriate READMEs. Any volunteers?
On a separate topic, I've been slowly rewriting nss-ldapd as a slapd overlay (in between technical sessions at the Summit). This will also be showing up in contrib soon. With this approach, we can eliminate all the libldap/libldap_r/version dependencies that currently plague the usual nss-ldap implementation (and nss-ldapd already does that). Plus, we can not only have direct NSS mapping into local slapd databases, but with back-ldap, pcache, and/or translucent, we can also provide excellent NSS performance from a remote LDAP server, as well as locally cached credentials for disconnected host operation.
Which reminds me, it would still be a good idea to develop a back-tdb using Samba's tdb library, as a lightweight/small footprint/easy to configure transactional backend. The last time I checked tdb would only safely support up to about 500,000 objects, but for a lot of smaller sites that would be more than enough, and the limitation would be worth the simplification of the configs/tuning aspects. Again - any volunteers looking for some fun projects?
Howard Chu wrote:
Some project ideas that have come out of discussions at this week's Ubuntu Developer Summit:
- canned slapd.conf / config.ldif with simple tree and Samba3 support
- canned config with Heimdal KDC support
- canned templates to create LDAP users with POSIX, Samba, and KDC
attributes fully populated
- for web2ldap
- plugin for Linux useradd/userdel
I think the canned configs are pretty small projects - just write a config, do some variable substitution on the database suffix etc., and it should be ready to use. We can provide these in the contrib tree with appropriate READMEs. Any volunteers?
I did a script once which asks just a few questions and then setups a tree with support for several services (dns, sudo, dhcp, heimdal kdc, samba, etc) and group based ACLs:
http://wiki.mandriva.com/en/Projects/OpenLDAP_DIT
The source is at: http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/corporate/cs4/devel/open...
It wouldn't be hard to make it a bit more generic and distribution agnostic. Would the project be interest in that?
Howard Chu wrote:
- canned templates to create LDAP users with POSIX, Samba, and KDC
attributes fully populated
What does "fully populated" mean? Are you talking about web2ldap's standard mech for LDIF templates?
Then it would be just extending file etc/web2ldap/templates/add_user.ldif
Ciao, Michael.
<quote who="Howard Chu">
Some project ideas that have come out of discussions at this week's Ubuntu Developer Summit:
- canned slapd.conf / config.ldif with simple tree and Samba3 support
- canned config with Heimdal KDC support
- canned templates to create LDAP users with POSIX, Samba, and KDC
attributes fully populated * for web2ldap * plugin for Linux useradd/userdel
I think the canned configs are pretty small projects - just write a config, do some variable substitution on the database suffix etc., and it should be ready to use. We can provide these in the contrib tree with appropriate READMEs. Any volunteers?
I'll add these to my list. I can add them to the admin guide appendices in the placeholders there.
Do we want templates and some kind of Q&A using shell scripts etc. Obviously using nothing more than we currently require for a basic build.
-
Andreas Hasenack -
Gavin Henry -
Howard Chu -
Michael Ströder