OpenLDAP configuration utilities. These utilities make configuration of OpenLDAP easier - especially after the switch to the OLC-stype configuration which uses the cn=config LDAP suffix.
THIS PROJECT IS DISCONTINUED. It is no longer actively maintained and there are no further plans to maintain it in the future. This source code repository is provided for historic (archival) reasons only.
$ sudo slapdconf list-suffixes
dc=evolveum,dc=com
dc=example,dc=com
$ sudo slapdconf get-suffix-prop dc=example,dc=com
olcDatabase : {2}mdb
olcDbDirectory : /var/lib/ldap/example
.... (shorted for clarity) ....
$ sudo slapdconf set-server-prop idle-timeout:120
$ sudo slapdconf get-server-prop
olcIdleTimeout : 120
olcLogLevel :
stats
stats2
There are two utilities in this project:
slapdconf - Command-line tool to configure a running OpenLDAP. slapdadm - Command-line tool to configure stopped OpenLDAP.
This command-line tool is used to configure a running OpenLDAP server instance. It uses LDAP protocol to change the cn=config subtree of an OpenLDAP server. The configuration changes are applied without a server restart.
It can reconfigure the sever, create new directory suffixes, setup replication, etc.
slapdconf -h myserver.example.com -D "uid=admin,ou=people,dc=example,dc=com" -w secret get-server-prop
slapdconf -Y EXTERNAL list-suffixes
slapdconf -Y EXTERNAL create-suffix dc=example,dc=com --dbDir /var/lib/ldap/dc=example,dc=com --rootPassword supersecret
This command-line tool is used to configure a stopped OpenLDAP instance. The configuration is done by direct manipulation of files in C</etc/ldap/slapd.d> directory and the database files.
It can be used for operations that slapdconf cannot do. E.g. it can claen-up the OpenLDAP configuration that is provided by your Linux distribution and that somehow never quite fits. Then a slapdconf tool can be used to replace it with a proper setup.
slapdadm delete-suffix dc=example,dc=com
slapdadm delete-all
THIS PROJECT IS DISCONTINUED. It is no longer actively maintained and there are no further plans to maintain it in the future. This source code repository is provided for historic (archival) reasons only.
The tools are written in Perl. The slapdconf uses Net::LDAP module which is easy to use LDAP client. The Perl was chosen because of its flexibility. It also looks like it is kind of a tradition to use Perl for LDAP server administration tools.