[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: distributed directories

On Wednesday, April 14, 2004, at 11:13 AM, Medievalist wrote:
There actually are ways to store (at least parts of) your LDAP configuration in
LDAP. I do it for my HP-UX hosts. See


I maintain the configurations for our replicas with ssh, rsync, gawk, and sed.
When a sysadmin brings up a new server they use sed on a standard template file
to create the new slapd.conf for the local replica.

When I updated from samba 2.2 to samba 3.0 schema I generated the new
slapd.conf files on all the replicas with these two commands (line breaks in
the first command were added by my mail client) :

# grep replica /etc/openldap/slapd.conf
|gawk -F\: '/^[^#]/{print $1}'
|gawk -F\= '{printf "ssh -2 -i/root/.ssh/id_dsa.ldapsync %s sed
%cs/rid/sambaSID/g\\;s/ntPassword/sambaNTPassword/g\\;s/lmPassword/ sambaLMpasswo
rd/g%c \\\</etc/openldap/slapd.conf \\\>slapd.conf.new\n", $2, 39, 39}'

# bash bush_in_the_skull

Are the greps and awks supposed to get the names of the replica hosts out of the master conf? Yours don't actually work for me, but I think that's because my replica statements are different than yours - mine are like: replica uri=ldap://host.domain. So something like this -

for replica in $(awk -F/ '/replica[ \t]/ { print $NF }' < slapd.conf)
echo updating slapd.conf on $replica >&2
ssh $replica "sed 's/a/x/g;s/b/y/g' < oldfile > newfile; install newfile"

	Donn Cave, donn@u.washington.edu