def install_openldap(args):
'''
Install openldap on current host.
'''
app.print_verbose("Install openldap script-version: %d" % SCRIPT_VERSION)
version_obj = version.Version("InstallOpenLdap", SCRIPT_VERSION)
version_obj.check_executed()
initialize_passwords()
# Do the installation.
enable_selinux()
install_packages()
store_logs_on_file()
configure_ldap_client()
configure_openldap()
configure_sudo_in_ldap()
create_modules()
add_auditlog_overlay()
add_pwdpolicy_overlay()
add_user_domain()
create_certs()
enable_ssl()
require_highest_security_from_clients()
# Let clients connect to the server through the firewall. This is done after
# everything else is done, so we are sure that the server is secure before
# letting somebody in.
iptables.add_ldap_chain()
iptables.save()
version_obj.mark_executed()
def install_sssd(args):
"""
Install ldap client on current host and connect to networks ldap server.
"""
app.print_verbose("Install sssd script-version: %d" % SCRIPT_VERSION)
version_obj = version.Version("InstallSssd", SCRIPT_VERSION)
version_obj.check_executed()
# Get all passwords from installation user at the start of the script.
app.get_ldap_sssd_password()
install_packages()
installOpenLdap.setup_hosts()
iptables.add_ldap_chain()
iptables.save()
ip = config.general.get_ldap_server_ip()
general.wait_for_server_to_start(ip, "636")
install_certs()
# For some reason it needs to be executed twice.
authconfig()
authconfig()
installOpenLdap.configure_client_cert_for_ldaptools()
augeas = Augeas(x)
create_sss_folders()
configure_sssd(augeas)
configure_sudo(augeas)
version_obj.mark_executed()
def install_sssd(args):
'''
Install ldap client on current host and connect to networks ldap server.
'''
app.print_verbose("Install sssd script-version: %d" % SCRIPT_VERSION)
version_obj = version.Version("InstallSssd", SCRIPT_VERSION)
version_obj.check_executed()
# Get all passwords from installation user at the start of the script.
app.get_ldap_sssd_password()
install_packages()
installOpenLdap.setup_hosts()
iptables.add_ldap_chain()
iptables.save()
ip = config.general.get_ldap_server_ip()
general.wait_for_server_to_start(ip, "636")
install_certs()
# For some reason it needs to be executed twice.
authconfig()
authconfig()
installOpenLdap.configure_client_cert_for_ldaptools()
configured_sssd()
configured_sudo()
version_obj.mark_executed()
def install_openldap(args):
'''
Install openldap on current host.
'''
app.print_verbose("Install openldap script-version: %d" % SCRIPT_VERSION)
version_obj = version.Version("InstallOpenLdap", SCRIPT_VERSION)
version_obj.check_executed()
initialize_passwords()
# Do the installation.
enable_selinux()
install_packages()
store_logs_on_file()
configure_ldap_client()
configure_openldap()
configure_sudo_in_ldap()
create_modules()
add_auditlog_overlay()
add_pwdpolicy_overlay()
add_user_domain()
create_certs()
enable_ssl()
require_highest_security_from_clients()
# Let clients connect to the server through the firewall. This is done after
# everything else is done, so we are sure that the server is secure before
# letting somebody in.
iptables.add_ldap_chain()
iptables.save()
_install_web_page()
version_obj.mark_executed()