Issue #4: Need way to update DS without requiring DM password - freeipa

freeipa

#4 Need way to update DS without requiring DM password

Closed: Fixed None Opened 13 years ago by rcritten.

The upgrade process for IPA needs to be seamless and not require user intervention. For this reason we need a way to apply LDAP changes without prompting for the Directory Manager password.

Alternatives include:

Use the 389-ds upgrade schema, setup-ds.pl -u
Write an LDIF handler for ipa-ldap-update to do offline updates
Turn off the 389-ds listeners and do online updates over ldapi

rcritten commented 13 years ago

I've decided to go with updating over ldapi and disabling the TCP listeners. I will also enable autobind so if we are root we'll bind over ldapi as DM and have full access without requiring a password.

rcritten commented 13 years ago

Committed upsteam

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 2.0 - 2010/06

7 years ago

Metadata

Assignee

rcritten

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 2.0 - 2010/06

None

affects_doc

None

source

None

knownissue

None

type

task

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#4 Need way to update DS without requiring DM password Closed: Fixed None Opened 13 years ago by rcritten.

Metadata

#4 Need way to update DS without requiring DM password

Closed: Fixed None Opened 13 years ago by rcritten.