1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
Template: slapd/no_configuration
Type: boolean
Default: false
_Description: Omit OpenLDAP server configuration?
If you enable this option, no initial configuration or database will be
created for you.
Template: slapd/dump_database
Type: select
__Choices: always, when needed, never
Default: when needed
_Description: Dump databases to file on upgrade:
Before upgrading to a new version of the OpenLDAP server, the data from
your LDAP directories can be dumped into plain text files in the
standard LDAP Data Interchange Format.
.
Selecting "always" will cause the databases to be dumped
unconditionally before an upgrade. Selecting "when needed" will only
dump the database if the new version is incompatible with the old
database format and it needs to be reimported. If you select "never",
no dump will be done.
Template: slapd/dump_database_destdir
Type: string
Default: /var/backups/slapd-VERSION
_Description: Directory to use for dumped databases:
Please specify the directory where the LDAP databases will be exported.
In this directory, several LDIF files will be created which correspond
to the search bases located on the server. Make sure you have enough
free space on the partition where the directory is located. The first
occurrence of the string "VERSION" is replaced with the server version
you are upgrading from.
Template: slapd/move_old_database
Type: boolean
Default: true
_Description: Move old database?
There are still files in /var/lib/ldap which will probably break
the configuration process. If you enable this option, the maintainer
scripts will move the old database files out of the way before
creating a new database.
Template: slapd/invalid_config
Type: boolean
Default: true
_Description: Retry configuration?
The configuration you entered is invalid. Make sure that the DNS domain name
is syntactically valid, the field for the organization is not left empty and
the admin passwords match. If you decide not to retry the configuration the
LDAP server will not be set up. Run 'dpkg-reconfigure slapd' if you want to
retry later.
Template: slapd/domain
Type: string
_Description: DNS domain name:
The DNS domain name is used to construct the base DN of the LDAP directory.
For example, 'foo.example.org' will create the directory with
'dc=foo, dc=example, dc=org' as base DN.
Template: shared/organization
Type: string
_Description: Organization name:
Please enter the name of the organization to use in the base DN of your
LDAP directory.
Template: slapd/password1
Type: password
_Description: Administrator password:
Please enter the password for the admin entry in your LDAP directory.
Template: slapd/password2
Type: password
_Description: Confirm password:
Please enter the admin password for your LDAP directory again to verify
that you have typed it correctly.
Template: slapd/password_mismatch
Type: note
_Description: Password mismatch
The two passwords you entered were not the same. Please try again.
Template: slapd/purge_database
Type: boolean
Default: false
_Description: Do you want the database to be removed when slapd is purged?
Template: slapd/internal/adminpw
Type: password
Description: Encrypted admin password:
Internal template, should never be displayed to users.
Template: slapd/internal/generated_adminpw
Type: password
Description: Generated admin password:
Internal template, should never be displayed to users.
Template: slapd/upgrade_slapcat_failure
Type: error
#flag:translate!:5
#flag:comment:4
# This paragraph is followed by a (non translatable) paragraph
# containing a command line
#flag:comment:6
# Translators: keep "${location}" unchanged. This is a variable that
# will be replaced by a directory name at execution
_Description: slapcat failure during upgrade
An error occurred while upgrading the LDAP directory.
.
The 'slapcat' program failed while extracting the LDAP directory. This
may be caused by an incorrect configuration file (for example, missing
'moduleload' lines to support the backend database).
.
This failure will cause 'slapadd' to fail later as well. The old database
files will be moved to /var/backups. If you want to try this upgrade
again, you should move the old database files back into place, fix
whatever caused slapcat to fail, and run:
.
slapcat > ${location}
.
Then move the database files back to a backup area and then try running
slapadd from ${location}.
Template: slapd/backend
Type: select
Choices: BDB, HDB, MDB
Default: MDB
_Description: Database backend to use:
HDB and BDB use similar storage formats, but HDB adds support for
subtree renames. Both support the same configuration options.
.
The MDB backend is recommended. MDB uses a new storage format and
requires less configuration than BDB or HDB.
.
In any case, you should review the resulting database configuration for
your needs. See /usr/share/doc/slapd/README.Debian.gz for more details.
Template: slapd/unsafe_selfwrite_acl
Type: note
#flag:comment:3
# Translators: keep "by self write" and "to *" unchanged. These are part
# of the slapd configuration and are not translatable.
_Description: Potentially unsafe slapd access control configuration
One or more of the configured databases has an access control rule that
allows users to modify most of their own attributes. This may be
unsafe, depending on how the database is used.
.
In the case of slapd access rules that begin with "to *", it is
recommended to remove any instances of "by self write", so that users
are only able to modify specifically allowed attributes.
.
See /usr/share/doc/slapd/README.Debian.gz for more details.
Template: slapd/ppolicy_schema_needs_update
Type: select
__Choices: abort installation, continue regardless
DefaultChoice: abort installation
#flag:comment:2
# "ppolicy" and "pwdMaxRecordedFailure" are not translatable.
#flag:comment:3
# This paragraph is followed by the path to the generated file (not
# translatable). The sentence continues in the following paragraph.
#flag:comment:5
# This paragraph continues the sentence started in the previous
# paragraph. It is followed by a command line.
#flag:translate!:4,6
_Description: Manual ppolicy schema update recommended
The new version of the Password Policy (ppolicy) overlay requires the
schema to define the pwdMaxRecordedFailure attribute type, which is not
present in the schema currently in use. It is recommended to abort the
upgrade now, and to update the ppolicy schema before upgrading slapd.
If replication is in use, the schema update should be applied on every
server before continuing with the upgrade.
.
An LDIF file has been generated with the changes required for the upgrade:
.
${ldif}
.
so if slapd is using the default access control rules, these changes can be
applied (after starting slapd) by using the command:
.
ldapmodify -H ldapi:/// -Y EXTERNAL -f ${ldif}
.
If instead you choose to continue the installation, the new attribute
type will be added automatically, but the change will not be acted on
by slapd overlays, and replication with other servers may be affected.
|