[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP and MySQL



On Wed, May 24, 2006 at 09:45:30AM -0400, Russell Handorf wrote:

>Just as a quick bit of history, MySQL support is necessary because of 
>our MTA. All the user accounts and related settings are currently being 
>stored in this system for email auth. Currently, users have to maintain 
>2 passwords (fugly), and I'd like to centralize this. Unfortunately, to 
>move the mail server to LDAP auth would be far more of a complicated 
>project than testing out a MySQL auth'd back end. Maybe i'm trying to 
>use the wrong tool for the job, but this is the approach I was looking 
>to use (MySQL for back end to keep mail services uninterrupted, yet 
>passwords synced).

Maybe this would be a better solution for you:
1) Add an action or status field in your user table.  I'll assume action
   field and valid values of 'active', 'change', 'disable', 'deleted'.
2) Write a perl daemon.  It should:
   a) Read in all rows with action='change' and add/modify the entry in
      the directory.
   b) Set their action to 'active' in the database.
   c) Read in all rows with action='disable' and remove the entry from
      the directory.
   d) Set their action to 'deleted' in the database.
	In reality this is mixing an action field with a status field,
	but you can add the status field as well to get the desired
         full view without having to read between the lines.
   e) sleep 5 or 10 seconds.
   f) loop back up to the beginning.
3) Have your user provisioning utils populate that action field with 
   the value 'change' when a user is created or modified.
4) Have your user provisioning utils populate that action field with
   the value 'delete' when a user is deleted.
5) Have a housecleaning script that you run once per $INTERVAL to catch
   inconsistencies.  A good interval is a day/week/month (in other
   words, whatever works for you).

-- 
Regards...		Todd
I've visited conferences where the wireless LAN was deemed "secure" by
the organisation because they had outlawed sniffers.    --Neils Bakker
Linux kernel 2.6.12-18mdksmp   2 users,  load average: 0.13, 0.04, 0.02