OpenLDAP Management
11 May 2016I like OpenLDAP. OpenLDAP server is famous for its speed and good open source character. But it is really infamous for ease of management. Or rather a lack of anything that could be called "easy" when it comes to managing OpenLDAP. Managing OpenLDAP content is not that difficult. For manual management there is excellent Apache Directory Studio. For automated management and synchronization there is our very own midPoint. No, it is not the content that is a problem. It is the configuration.
OpenLDAP has a really cool but quite cumbersome and very under-documented OLC-style configuration. It is configuration of LDAP server using the LDAP protocol, which seems to become quite a standard feature of all good LDAP servers. But it is really a pain to use that in practice: you have to prepare LDIF file, figure out the correct DN, compose a long ldapmodify command-line, etc. Not very practical at all. But what about this?
$ sudo slapdconf list-suffixes dc=evolveum,dc=com dc=example,dc=com
$ sudo slapdconf get-suffix-prop dc=example,dc=com olcDatabase : {2}mdb olcDbDirectory : /var/lib/ldap/example .... (shortened for clarity) ....
$ sudo slapdconf set-server-prop idle-timeout:120
$ sudo slapdconf get-server-prop olcIdleTimeout : 120 olcLogLevel : stats stats2
This is my micro-project slapdconf. Very handy tool. If have been using it and maintaining it for last two years, but some parts go back more than 10 years. But now I'm looking for a help with this little project. Firstly, it is written in Perl. Perl was the cool thing when this all started. I'm an old Perl monk and when you have a hammer every problem looks like a nail. So I've nailed it in Perl. But despite the long-awaited Perl 6 release the Perl is not a very suitable tool any more. So I'm looking for someone that is fluent in Python to rewrite these little scripts in Python. I can maintain them in Python, but I'm not confident enough to get the right Python style when starting from scratch. I'm also looking for someone who would help me to properly package this in deb packages so it can be easily distributed. Anyone willing to help?
(Reposted from Evolveum blog)