Univention Bugzilla – Bug 19753
Unterstützung für mehrere LDAP-Server für einige Dienste
Last modified: 2013-11-19 06:43:11 CET
Über ldap/server/addition lassen sich zusätzliche LDAP Server angeben, die bei Ausfall von ldap/server/name verwendet werden sollen. An Ticket#: 2010083010001382 ist aufgefallen, dass hier noch nicht alle Konfigurationen abgedeckt sind. Der LDAP Server auf dem System musste abgeschaltet werden und es sollte auf einen anderen Server ausgewichen werden. Neben dem setzen von "ldap/server/addition" auf den neuen LDAP Server mussten folgende Dateien angepasst werden: /etc/imapd/pam_ldap_imap.conf /etc/pam.d/imap /etc/pam.d/lmtp /etc/pam.d/smtp /etc/pam.d/sieve /etc/pam.d/pop /etc/imapd/imapd.conf /etc/postfix/main.cf /etc/postfix/master.cf /etc/kolab2/resmgr.conf Das betroffene System ist ein UCS 2.2
Der Fall aus Bug #8686 sollte berücksichtigt werden.
*** Bug 8686 has been marked as a duplicate of this bug. ***
Sollte geprüft werden
We will not ship a UCS 3.1-2 release; the next UCS release will be UCS 3.2. As such, this bug is moved to the new target milestone.
(In reply to Tobias Scherer from comment #0) > /etc/imapd/pam_ldap_imap.conf Not available on UCS 3.2 > /etc/pam.d/imap > /etc/pam.d/lmtp > /etc/pam.d/smtp > /etc/pam.d/sieve > /etc/pam.d/pop These are all pam_univentionmailcyrus.c > /etc/imapd/imapd.conf imapd.conf does not use ldap connections in UCS 3. > /etc/postfix/main.cf > /etc/postfix/master.cf They have been separated: /etc/postfix/ldap.canonicalrecipient /etc/postfix/ldap.canonicalsender /etc/postfix/ldap.distlist /etc/postfix/ldap.groups /etc/postfix/ldap.sharedfolderlocal /etc/postfix/ldap.sharedfolderremote /etc/postfix/ldap.transport /etc/postfix/ldap.virtual /etc/postfix/ldap.virtualdomains /etc/postfix/ldap.virtualwithcanonical > /etc/kolab2/resmgr.conf This file is no longer maintained by UCS 3.
Two new helper functions have been added to python-univention-lib misc.py: - getLDAPURIs → returns a string with LDAP URIs - getLDAPServersCommaList → returns a comma-separated string with all LDAP Servers Theses functions are now used in univention-ldap-client: /etc/ldap/ldap.conf univention-mail-postfix: /etc/postfix/ldap.* univention-mail-postfix: /etc/pam.d/smtp univention-mail-cyrus: /etc/pam.d/imap univention-mail-cyrus: /etc/pam.d/pop univention-mail-cyrus: /etc/pam.d/sieve pam_univentionmailcyrus now supports a comma-seperated list of LDAP servers for the ldap_host option. Changelog: r42226 Code: univention-lib: r42215 + r42218 univention-ldap: r42216 univention-mail-postfix: r42217 + r42220 + r42223 univention-mail-cyrus: r42219 + r42224 pam-univentionmailcyrus: r42221
ldap/server/addition is now used but not registered by /etc/postfix/ldap.transport /etc/postfix/ldap.groups
(In reply to Arvid Requate from comment #7) > ldap/server/addition is now used but not registered by > /etc/postfix/ldap.transport > /etc/postfix/ldap.groups fixed
* univention-apache/conffiles/etc/pam.d/http doesn't use ldap/server/addition yet * univention-postgresql/conffiles/etc/postgresql/pam_ldap.conf could also use the new library function. * univention-mail-cyrus-murder/conffiles/etc/pam.d/mupdate does not use ldap/server/addition yet. * The message about ldap_server_name in univention-updater/script/preup.sh may be misleading if ldap/server/addition is set. * univention-squid/conffiles/etc/squid3/squid.conf does not use ldap/server/addition yet, maybe we should separate this as enhancement bug, as this requires more changes.
(In reply to Arvid Requate from comment #9) > * univention-apache/conffiles/etc/pam.d/http doesn't use > ldap/server/addition yet The file is no longer used: Bug #32293 > * univention-postgresql/conffiles/etc/postgresql/pam_ldap.conf could also > use the new library function. fixed: - code: r43385 - changelog: r43386 + r43387 > * univention-mail-cyrus-murder/conffiles/etc/pam.d/mupdate does not use > ldap/server/addition yet. fixed: - code: r43388 - changelog: I think the cyrus changelog entry matches already. > * The message about ldap_server_name in univention-updater/script/preup.sh > may be misleading if ldap/server/addition is set. fixed: - code: r43389 - changelog: will be one generic changelog entry for Bug #31676 > * univention-squid/conffiles/etc/squid3/squid.conf does not use > ldap/server/addition yet, maybe we should separate this as enhancement bug, > as this requires more changes. Yes: Bug #32294.
Verified: Ok Changelog: Ok
UCS 3.2 has been released: http://docs.univention.de/release-notes-3.2-en.html http://docs.univention.de/release-notes-3.2-de.html If this error occurs again, please use "Clone This Bug".