ApacheDS 2.0.0-M23 non-gui adding a partition

Wed, 06 Nov 2019 01:37:30 -0800

Emmanuel helped me a lot when I added the new section to the wiki more than 2 years ago. The users mailing list thread carried the subject "ApacheDS 2.0.0-M23 non-gui adding a partition".
I am slowly working my way through migration of my ubuntu 16.04 LTS i386 apacheds M23 production system to an ubuntu 18.04 LTS amd64 AM25 platform. I won't bore you with my war stories, but I intend to reflect some of my lessons learnt in the wiki. 


I've had a painful and frustrating time trying to follow my own 
instructions in the wiki! Eventually, I realised my M23 partition was 
working fine /even though/ its ads-contextentry value has always been 
completely wrong! I haven't investigated how this might have happened, 
but I want to be sure the new partition I create on my AM25 system is 
correct.



I have created a series of scripts and crib sheets to document clearly 
how the ads-contextentry base64 hash has been generated for the example 
partition. However, I now realise I am not 100% clear how to create a 
valid base64 for my own partition.



By carefully hashing 4 specific lines of the example root entry I can 
generate the correct hash. These lines are:


dn: dc=example,dc=com
dc: example
objectclass: domain
objectclass: top


The dn value corresponds to the ads-partitionsuffix attribute. The dc 
value corresponds to the ads-partitionid attribute.



The objectclass value of top is required in all ldapobjects, but I don't 
see where the "objectclass: domain" comes from, or even why it is 
specified before top, because their respective orders will alter the 
value of the base64 hash.



Also, I am puzzled about what ldapattributes I need to hash for my own 
partition. It's top-level ldapentry follows the "old school" convention, 
and I am very reluctant to change it because there are so many 
dependencies within the directory, but also the various applications 
which rely on the directory.


The top entry looks like this:

dn: O=PingToo.com
objectclass: top
objectclass: organization
o: PingToo.com


Obviously, the order of these attributes and also the exact use of 
letter case (and any white space ) will alter the resultant 
ads-contextentry hash.


Can anyone offer me some advice on how and why to do this correctly, please?


Once I have successfully created my new partition I hope to understand 
the algorithm properly and will update the wiki page to explain the 
process more clearly.


Regards,

Brian

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org























					Reply via email to