On 04/02/17 00:39, Emmanuel Lécharny wrote:
Le 03/02/2017 à 14:58, Louis-Gabriel Thibault a écrit :
Hello Brian,
On Thu, Feb 2, 2017 at 9:16 PM, Brian Burch <br...@pingtoo.com> wrote:
Just to be clear, did you mean you did not find a way to create a
partition /after/ config.ldif has been "migrated"?
I must admit I did not look very hard once I got config.ldif working, but
no I have no alternate way at the moment.
You can create a partition. Either you do it using Studio, in an
interactive mode, or you duplicate the example partition's ldif part,
renaming 'example' to whatever fits your need (see more comments at the
end of this mail). :
dn:
ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config
objectclass: top
objectClass: ads-base
objectclass: ads-partition
objectclass: ads-jdbmPartition
ads-partitionSuffix: dc=example,dc=com
ads-contextentry:: ZG46IGRjPWV4YW1wbGUsZGM9Y29tCmRjOiBleGFtcGxlCm9iamVjdGNsY
XNzOiBkb21haW4Kb2JqZWN0Y2xhc3M6IHRvcAoK
ads-jdbmpartitionoptimizerenabled: TRUE
ads-partitioncachesize: 10000
ads-partitionsynconwrite: TRUE
ads-partitionid: example
ads-enabled: TRUE
<snip/>
Once done, you have to change the contextEntry part in dn:
ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config.
Beware that it's a base64 encoded entry :
ads-contextentry:: ZG46IGRjPWV4YW1wbGUsZGM9Y29tCmRjOiBleGFtcGxlCm9iamVjdGNsY
XNzOiBkb21haW4Kb2JqZWN0Y2xhc3M6IHRvcAoK
is equivalent to
dn: dc=example,dc=com
dc: example
objectclass: domain
objectclass: top
so you also have to change 'example' here, encoded it to base64 and
store the result in the entry.
So /THAT/ is why my first attempt apparently had no effect at all. I
cloned and renamed all the entries from config.ldif for "example" to my
own partition, but I had no idea ads-contextentry was so significant, so
I left it unchanged!
I am surprised the default logging scheme did not reveal any error
messages when I restarted the server with the new bad set of config
entries for my new partition. Perhaps if I had increased logging I would
have seen the reason for my failure?
You can add also any index you want.
Last, not least, do not forget to restart the server.
Ok, now, if you don't want to use Studio, then that is a PITA, and I
think it would be a great service for users to provide a script that
does that on teh command line... It should not be complex to add.
I know I could un-base64 the ads-contextentry in my working partition,
but forgive me for being a bit lazy...
Q: should I base64 those four attributes exactly as shown, i.e. with
single spaces, posix newlines, Latin-1 character set... or could I just
use some random base64 string which is unique to the specific server
instance? In other words, how strict are the validation rules which
failed during my first attempt. If you aren't sure, perhaps you could
point me somewhere near the appropriate area in the source code and I'll
work it out for myself.
Thanks for your insight!
Brian
