On these events (which happen often enough, such as on reboot) it completely blows away the entire LDAP db, creates an LDIF with all the users from the SME accounts db, then recreates the LDAP db from scratch using that LDIF. This would not be nice in a Rolodap type environment.
For an example see /etc/e-smith/events/console-save/S80ldap-rebuild JP On Fri, 19 Apr 2002, John Lederer wrote: > If e-smith does it by using ldapadd it should consist of nothing more > than chnaging the name, and possibly an attribute or two. > > John > > John Powell wrote: > > >SME's LDAP can be disabled if you don't care about it, it performs no > >other function than providing addresses for email clients. The main thing > >you would lose by disabling it and replacing it with Rolodap is the > >auto-insertion into the LDAP db of new users (and the reverse, removal of > >deleted users). That is quite a handy feature, as it makes the LDAP > >portion automatic. > > > >I guess the best thing to do would be to have SME insert and delete out of > >Rolodap. Probably not trivial, but almost certainly doable from the SME > >side (all the mechanisms are there, specifically event scripts). I guess > >I will have to dig into Rolodap to see how easy it will be to add/remove > >users without using the Rolodap web interface. > > > >If anyone out there thinks differently (like LDAP serves some other > >purpose I don't know about) please let us know. > > > >JP > > > >On Thu, 18 Apr 2002, John Lederer wrote: > > > >>Is e-smith's ldap a necessary part of e-smith? Are they using it for > >>authorization or for mail delivery? If it is just an internal employee > >>address book, rolodap could take that function over. > >> > >>John > >> > >>John Powell wrote: > >> > >>>On Wed, 17 Apr 2002, John Lederer wrote: > >>> > >>>>OpenLDAp can run multiple "driectories" at once. We used to do that, but > >>>>don';t anymore. Wish I could rember why..... > >>>> > >>>I am REAL familiar with how e-smith does their LDAP and I can assure you > >>>it would be real difficult to get it to interoperate with another > >>>directory. They blow away the whole database and rebuild it on many > >>>events (such as reboot). It is actually quite simple and a bright way to > >>>do it, but does not make interoperating with something like Rolodap very > >>>easy. I will look deeper, perhaps there is something I missed. > >>> > >>>JP > >>> > >>> > >> > >> > >>-- > >>Please report bugs to [EMAIL PROTECTED] > >>Please mail [EMAIL PROTECTED] (only) to discuss security issues > >>Support for registered customers and partners to [EMAIL PROTECTED] > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >>Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org > >> > >> > >> > > > > > >-- > >Please report bugs to [EMAIL PROTECTED] > >Please mail [EMAIL PROTECTED] (only) to discuss security issues > >Support for registered customers and partners to [EMAIL PROTECTED] > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > >Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org > > > > > > -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
