From 24a0f68b822aa17a5a38ce4848ef3c7225cf1f46 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Mon, 6 Jun 2022 20:53:39 +0100 Subject: [PATCH] Update OpenLDAP clients to use -H option The latest OpenLDAP clients no longer have the -h option so the the docs and tests have been updated to use the -H option instead. --- docs/admin/acme/Managing_DS_Realm.adoc | 10 +++++----- .../acme/Configuring-ACME-with-DS-Database.adoc | 10 +++++----- .../acme/Configuring-ACME-with-DS-Realm.adoc | 2 +- .../acme/Configuring-ACME-with-OpenLDAP-Database.adoc | 2 +- docs/upgrade/v10.5/Upgrading_PKI_Database.adoc | 2 +- tests/bin/ds-create.sh | 2 +- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/docs/admin/acme/Managing_DS_Realm.adoc b/docs/admin/acme/Managing_DS_Realm.adoc index 645a8980b0d..f519df093cd 100644 --- a/docs/admin/acme/Managing_DS_Realm.adoc +++ b/docs/admin/acme/Managing_DS_Realm.adoc @@ -5,7 +5,7 @@ To add a user, execute the following command: ---- -$ ldapadd -h $HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF +$ ldapadd -H ldap://$HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF dn: uid=admin,ou=people,dc=acme,dc=pki,dc=example,dc=com objectClass: person objectClass: organizationalPerson @@ -21,7 +21,7 @@ EOF To enable authentication using a password, execute the following command: ---- -$ ldapmodify -h $HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF +$ ldapmodify -H ldap://$HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF dn: uid=admin,ou=people,dc=acme,dc=pki,dc=example,dc=com changetype: modify replace: userPassword @@ -46,7 +46,7 @@ $ certutil -L -d ~/.dogtag/nssdb -n admin -r | base64 -w 0 Then add the certificate with the following command: ---- -$ ldapmodify -h $HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF +$ ldapmodify -H ldap://$HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF dn: uid=admin,ou=people,dc=acme,dc=pki,dc=example,dc=com changetype: modify add: description @@ -63,7 +63,7 @@ EOF To add a group, execute the following command: ---- -$ ldapadd -h $HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF +$ ldapadd -H ldap://$HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF dn: cn=Administrators,ou=groups,dc=acme,dc=pki,dc=example,dc=com objectClass: groupOfUniqueNames cn: Administrators @@ -76,7 +76,7 @@ EOF To add a group member, execute the following command: ---- -$ ldapmodify -h $HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF +$ ldapmodify -H ldap://$HOSTNAME -D "cn=Directory Manager" -w Secret.123 << EOF dn: cn=Administrators,ou=groups,dc=acme,dc=pki,dc=example,dc=com changetype: modify add: uniqueMember diff --git a/docs/installation/acme/Configuring-ACME-with-DS-Database.adoc b/docs/installation/acme/Configuring-ACME-with-DS-Database.adoc index 9247d014c53..75e3b1fdfee 100644 --- a/docs/installation/acme/Configuring-ACME-with-DS-Database.adoc +++ b/docs/installation/acme/Configuring-ACME-with-DS-Database.adoc @@ -12,7 +12,7 @@ First, add the ACME DS schema by importing link:../../../base/acme/database/ds/schema.ldif[/usr/share/pki/acme/database/ds/schema.ldif] with the following command: ---- -$ ldapmodify -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ +$ ldapmodify -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ -f /usr/share/pki/acme/database/ds/schema.ldif ---- @@ -20,7 +20,7 @@ Next, create the ACME DS indexes by importing link:../../../base/acme/database/ds/index.ldif[/usr/share/pki/acme/database/ds/index.ldif] with the following command: ---- -$ ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ +$ ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ -f /usr/share/pki/acme/database/ds/index.ldif ---- @@ -30,14 +30,14 @@ If necessary, the database can be reindexed by importing link:../../../base/acme/database/ds/indextask.ldif[/usr/share/pki/acme/database/ds/indextask.ldif] with the following command: ---- -$ ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ +$ ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ -f /usr/share/pki/acme/database/ds/indextask.ldif ---- The progress of the reindex task can be monitored with the following command: ---- -$ ldapsearch -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ +$ ldapsearch -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ -b "cn=acme,cn=index,cn=tasks,cn=config" ---- @@ -45,7 +45,7 @@ Once the indexes are ready, create the ACME subtree by importing link:../../../base/acme/database/ds/create.ldif[/usr/share/pki/acme/database/ds/create.ldif] with the following command: ---- -$ ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ +$ ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ -f /usr/share/pki/acme/database/ds/create.ldif ---- diff --git a/docs/installation/acme/Configuring-ACME-with-DS-Realm.adoc b/docs/installation/acme/Configuring-ACME-with-DS-Realm.adoc index ef8119457db..3a2a7c6f6a3 100644 --- a/docs/installation/acme/Configuring-ACME-with-DS-Realm.adoc +++ b/docs/installation/acme/Configuring-ACME-with-DS-Realm.adoc @@ -14,7 +14,7 @@ This example uses `dc=acme,dc=pki,dc=example,dc=com` as the base DN. Import the file with the following command: ---- -$ ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ +$ ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 \ -f /usr/share/pki/acme/realm/ds/create.ldif ---- diff --git a/docs/installation/acme/Configuring-ACME-with-OpenLDAP-Database.adoc b/docs/installation/acme/Configuring-ACME-with-OpenLDAP-Database.adoc index 56935717c44..27d24755b82 100644 --- a/docs/installation/acme/Configuring-ACME-with-OpenLDAP-Database.adoc +++ b/docs/installation/acme/Configuring-ACME-with-OpenLDAP-Database.adoc @@ -21,7 +21,7 @@ This example uses `dc=acme,dc=pki,dc=example,dc=com` as the base DN. Import the file with the following command: ---- -$ ldapadd -h $HOSTNAME -x -D "cn=Manager,dc=example,dc=com" -w Secret.123 \ +$ ldapadd -H ldap://$HOSTNAME -x -D "cn=Manager,dc=example,dc=com" -w Secret.123 \ -f /usr/share/pki/acme/database/openldap/create.ldif ---- diff --git a/docs/upgrade/v10.5/Upgrading_PKI_Database.adoc b/docs/upgrade/v10.5/Upgrading_PKI_Database.adoc index adbe08eb28f..bc7d15447cb 100644 --- a/docs/upgrade/v10.5/Upgrading_PKI_Database.adoc +++ b/docs/upgrade/v10.5/Upgrading_PKI_Database.adoc @@ -38,7 +38,7 @@ caIssuerDN="cn=CA Signing Certificate,ou=pki-tomcat,o=host.com Security Domain" port=389 hostname="localhost.localdomain" -ldapmodify -a -D "$userdn" -W -p $port -h $hostname -x << EOF +ldapmodify-H ldap://$hostname:$port -x -D "$userdn" -W -a << EOF dn: cn=allRevokedCertsByIssuer-$instanceId, cn=$database, cn=ldbm database, cn=plugins, cn=config objectClass: top objectClass: vlvSearch diff --git a/tests/bin/ds-create.sh b/tests/bin/ds-create.sh index 580e83b138d..30210a666c0 100755 --- a/tests/bin/ds-create.sh +++ b/tests/bin/ds-create.sh @@ -13,7 +13,7 @@ sed -i \ dscreate from-file ds.inf -ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF +ldapadd -H ldap://$HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF dn: dc=example,dc=com objectClass: domain dc: example