# usr/lib/ldap/idsconfig

It is strongly recommended that you BACKUP the directory server

before running idsconfig.



Hit Ctrl-C at any time before the final confirmation to exit.



Do you wish to continue with server setup (y/n/h)? [n] Y

Enter the directory server's hostname to setup: myserver

Enter the Directory Server's port number (h=help): [389]

Enter the directory manager DN: [cn=Directory Manager] 

Enter passwd for cn=Directory Manager : 

Enter the domainname to be served (h=help): [west.example.com] 

Enter LDAP Base DN (h=help): [dc=west,dc=example,dc=com] 

Enter the profile name (h=help): [default] WestUserProfile

Default server list (h=help): [192.168.0.1] 

Preferred server list (h=help): 

Choose desired search scope (one, sub, h=help):  [one] 

The following are the supported credential levels:

  1  anonymous

  2  proxy

  3  proxy anonymous

Choose Credential level [h=help]: [1] 2

The following are the supported Authentication Methods:

  1  none

  2  simple

  3  sasl/DIGEST-MD5

  4  tls:simple

  5  tls:sasl/DIGEST-MD5

Choose Authentication Method (h=help): [1] 2

Current authenticationMethod: simple



Do you want to add another Authentication Method? N

Do you want the clients to follow referrals (y/n/h)? [n] N

Do you want to modify the server timelimit value (y/n/h)? [n] Y

Enter the server time limit (current=3600): [-1]

Do you want to modify the server sizelimit value (y/n/h)? [n] Y

Enter the server size limit (current=2000): [-1]

Do you want to store passwords in "crypt" format (y/n/h)? [n] Y

Do you want to setup a Service Authentication Methods (y/n/h)? [n]

Client search time limit in seconds (h=help): [30] 

Profile Time To Live in seconds (h=help): [43200] 

Bind time limit in seconds (h=help): [10]

Do you wish to setup Service Search Descriptors (y/n/h)? [n] 

 

              Summary of Configuration



  1  Domain to serve               : west.example.com

  2  Base DN to setup              : dc=west,dc=example,dc=com

  3  Profile name to create        : WestUserProfile

  4  Default Server List           : 192.168.0.1

  5  Preferred Server List         : 

  6  Default Search Scope          : one

  7  Credential Level              : proxy

  8  Authentication Method         : simple

  9  Enable Follow Referrals       : FALSE

 10  Server Time Limit             : -1

 11  Server Size Limit             : -1

 12  Enable crypt password storage : TRUE

 13  Service Auth Method pam_ldap  : 

 14  Service Auth Method keyserv   : 

 15  Service Auth Method passwd-cmd: 

 16  Search Time Limit             : 30

 17  Profile Time to Live          : 43200

 18  Bind Limit                    : 10

 19  Service Search Descriptors Menu



Enter config value to change: (1-19 0=commit changes) [0] 

Enter DN for proxy agent:[cn=proxyagent,ou=profile,dc=west,dc=example,dc=com]

Enter passwd for proxyagent: 

Re-enter passwd: 

 

WARNING: About to start committing changes. (y=continue, n=EXIT) Y

1. Changed timelimit to -1 in cn=config.

2. Changed sizelimit to -1 in cn=config.

3. Changed passwordstoragescheme to "crypt" in cn=config.

4. Schema attributes have been updated.

5. Schema objectclass definitions have been added.

6. Created DN component dc=west.

7. NisDomainObject added to dc=west,dc=example,dc=com.

8. Top level "ou" containers complete.

9. automount maps: auto_home auto_direct auto_master auto_shared processed.

10. ACI for dc=west,dc=example,dc=com modified to disable self modify.

11. Add of VLV Access Control Information (ACI).

12. Proxy Agent cn=proxyagent,ou=profile,dc=west,dc=example,dc=com added.

13. Give cn=proxyagent,ou=profile,dc=west,dc=example,dc=com read permission for 

password.

14. Generated client profile and loaded on server.

15. Processing eq,pres indexes:

      uidNumber (eq,pres)   Finished indexing.

      ipNetworkNumber (eq,pres)   Finished indexing.

      gidnumber (eq,pres)   Finished indexing.

      oncrpcnumber (eq,pres)   Finished indexing.

      automountKey (eq,pres)   Finished indexing.

16. Processing eq,pres,sub indexes:

      ipHostNumber (eq,pres,sub)   Finished indexing.

      membernisnetgroup (eq,pres,sub)   Finished indexing.

      nisnetgrouptriple (eq,pres,sub)   Finished indexing.

17. Processing VLV indexes:

      west.example.com.getgrent vlv_index     Entry created

      west.example.com.gethostent vlv_index   Entry created

      west.example.com.getnetent vlv_index    Entry created

      west.example.com.getpwent vlv_index     Entry created

      west.example.com.getrpcent vlv_index    Entry created

      west.example.com.getspent vlv_index     Entry created

      west.example.com.getauhoent vlv_index   Entry created

      west.example.com.getsoluent vlv_index   Entry created

      west.example.com.getauduent vlv_index   Entry created

      west.example.com.getauthent vlv_index   Entry created

      west.example.com.getexecent vlv_index   Entry created

      west.example.com.getprofent vlv_index   Entry created

      west.example.com.getmailent vlv_index   Entry created

      west.example.com.getbootent vlv_index   Entry created

      west.example.com.getethent vlv_index    Entry created

      west.example.com.getngrpent vlv_index   Entry created

      west.example.com.getipnent vlv_index    Entry created

      west.example.com.getmaskent vlv_index   Entry created

      west.example.com.getprent vlv_index     Entry created

      west.example.com.getip4ent vlv_index    Entry created

      west.example.com.getip6ent vlv_index    Entry created



idsconfig: Setup of myserver is complete.



Note: idsconfig has created entries for VLV indexes.  Use the

      directoryserver(1m) script on myserver to stop

      the server and then enter the following vlvindex

      sub-commands to create the actual VLV indexes:



  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getgrent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.gethostent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getnetent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getpwent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getrpcent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getspent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getauhoent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getsoluent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getauduent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getauthent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getexecent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getprofent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getmailent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getbootent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getethent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getngrpent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getipnent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getmaskent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getprent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getip4ent

  directoryserver -s myserver vlvindex -n userRoot -T west.example.com.getip6ent