Task #1613
Story #1476: Create Identity management system
Add LDAP install and config to cn_buildout
100%
History
#1 Updated by Ben Leinfelder over 13 years ago
Some things to consider:
-LDAP multi-master replication configuration requires that all other replication hosts are known. Each buildout node needs to be updated at the same time if the replication topology changes.
-Configuration requires the admin passwords for the LDAP trees that are being replicated. This is quite sensitive information, and again, needs to be on each LDAP replication node. When/where should this be configured? Can we prompt for the passwords at the time of buildout (rather than storing passwords in our files in the SVN repo, that is).
-We can enable the dynamic configuration for openLDAP and replicas will automatically replicate their configurations as well as their contents. I suppose this would (theoretically) allow us to buildout a single node and have it replicate to all existing nodes if there were configuration changes.
#2 Updated by Ben Leinfelder over 13 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 60
The deb package now has the slapd.conf, dataone.schema, and dataone.ldif files and these are copied in as part of the install/configuration.
Using default passwords and no replication settings. For the passwords, Matt suggested we should use debconf:
http://en.wikipedia.org/wiki/Debconf_(software_package)
http://www.fifi.org/doc/debconf-doc/tutorial.html
#3 Updated by Ben Leinfelder over 13 years ago
- Status changed from In Progress to Closed
