[Pkg-openldap-devel] Bug#829749: Is there a better way to handle Kerberos ldap configuration
Sam Hartman
hartmans at debian.org
Tue Jul 17 13:00:27 BST 2018
>>>>> "Ryan" == Ryan Tandy <ryan at nardis.ca> writes:
Ryan> I had not, actually. Assuming our default slapd configuration,
Ryan> adding a schema is just:
Ryan> ldapadd -H ldapi:// -Y EXTERNAL -f /path/to/schema.ldif
Ah, looking back at my notes, you're right. Adding the schema was easy.
The hard parts were:
* setting up a separate database because I wanted the Kerberos stuff
isolated
* Setting up the right indexes
* Configuring access control and the appropriate SASL stuff.
And sadly, a lot of that was custom enough that I can't think of good
automation.
OK, it doesn't look like there's much to do for this bug. I'll think
about leaving the schema and ldif decompressed.
More information about the Pkg-openldap-devel
mailing list