Wednesday Apr 25, 2007
Directory Server 6.0 and idsconfig
If you are configuring DSEE 6 as naming service for LDAP clients, the following changes are required in the idsconfig script /usr/lib/ldap/idsconfig1. The script checks if the Directory Server is version 5 and will exit if any other version is used. A quick hack around this is to comment out the exit statement: See 'exit 1' code commented out below
chk_ids_version()
{
[ $DEBUG -eq 1 ] && ${ECHO} "In chk_ids_version()"
# check iDS version number.
eval "${LDAPSEARCH} ${SERVER_ARGS} -b cn=monitor -s base \"objectclass=*\" version | ${GREP} \"^version=\" | cut -f2 -d'/' | cut -f1 -d' ' > ${TMPDIR}/checkDSver 2>&1"
if [ $? -ne 0 ]; then
${ECHO} "ERROR: Can not determine the version number of iDS!"
exit 1
fi
IDS_VER=`cat ${TMPDIR}/checkDSver`
IDS_MAJVER=`${ECHO} ${IDS_VER} | cut -f1 -d.`
IDS_MINVER=`${ECHO} ${IDS_VER} | cut -f2 -d.`
if [ "${IDS_MAJVER}" != "5" ]; then
${ECHO} "ERROR: $PROG only works with iDS version 5.x, not ${IDS_VER}."
# exit 1
fi
if [ $DEBUG -eq 1 ]; then
${ECHO} " IDS_MAJVER = $IDS_MAJVER"
${ECHO} " IDS_MINVER = $IDS_MINVER"
fi
2. The end of script instructs you to manually run 'directoryserver' commands for vlv indexes. '/usr/sbin/directoryserver' does not apply to Directory Server 6.0. Here are the equivalent commands for Directory Server 6.0 : (obviously substitute 'company' and the instance of your Directory Server as needed)
./dsadm reindex -l -t company.com.getgrent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.gethostent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getnetent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getrpcent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getspent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getauhoent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getauhoent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getsoluent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getauhoent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getauduent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getauthent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getexecent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getprofent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getmailent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getbootent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getethent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getngrpent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getipnent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getmaskent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getprent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getip4ent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
./dsadm reindex -l -t company.com.getip6ent /var/opt/SUNWdsee/dsins2 dc=company,dc=com
Technorati Tags: Directory Server 6.0 NativeLDAP
Posted at 10:39AM Apr 25, 2007 by Jonathan Gershater in Identity & Directory Server | Comments[2]
Posted by Kevin LeMay on April 25, 2007 at 11:39 AM PDT #
This doesn't really explain how to alter the line of the script that generates directoryserver commands. As far as I can tell, this is what the line should be changed to:
${ECHO} " ./dsadm reindex -l -t ${i} ${_INSTANCE} o=${IDS_DATABASE}" >> ${TMPDIR}/vlvindex_list
This does assume that you use the o=exampledomain.com syntax for your directoryr root instead of the standard cn=exampledomain,cn=com. I'm not sure how to make that work.
Posted by 170.31.86.52 on January 19, 2009 at 10:46 AM PST #