================================================== ===============
LDaemon Optimizer v1.0.0 5/15/2003 David L. Koontz
================================================== ===============
Introduction:
-------------
MDaemon's LDaemon is a porting of the OpenLDAP project. However,
there are several inherent problems with LDaemon's Implementation
that effect speed, performance, stability and maintenance of the
LDAP database for Mid to large size installations.
1) Using LDaemon as the Server Account Storage is unstable.
2) MDaemon Schema Extension do not scale well with many users
3) LDaemon has no method of removing LDAP Entries
LDaemon Optimizer is the answer! If you want to offer your users
LDAP address book lookups from their email clients like Outlook,
Netscape, ThunderBird, etc. this tool will help you to provide a
FAST LDAP lookup service, and will keep your LDAP database fresh
by removing old MDaemon accounts and adding new ones.
Note: This script currently only works with the text file database
setup (Userlist.dat). If there is significant need, a future
version may include ODBC setups, or perhaps alias entries.
Setup Instructions:
-------------------
BACKUP your entire LDaemon Directory including the Database files!
Make sure you are not using LDaemon or ODBC for your system's
account database. (Click Accounts->Account Database). This script
only works with the USERLIST.DAT option.
Included in this ZIP file are three files. Copy these files to
your LDaemon Directory and edit each one using Notepad or another
text editor.
* slapd.conf
This is an optimized version of the LDAP configuration file that
removes the unneeded MDaemon Account Schema Extensions. Edit
this file and replace "Your Organization", postmaster address and
Country Code entries with your domains. If you are unsure what
these are, please refer to your existing slapd.conf file. You will
find the areas you need to change by looking for the three(3)
#---> CHANGE TO MATCH YOUR SITE <---# lines. You will
notice notation as to what code I added, and you will see the old
configuration at the bottom of the file commented out.
* createDB.bat
This file is called from the MDaemon-LDiff.vbs file below and
is what actually rebuilds the database. I choose to make this
external to the script to make it easier to manually refresh.
Edit this file and make sure the paths are correct.
* MDaemon-LDif.vbs
This is the script that does all the magic. Edit this file and
change the domain information to match that of your own (top section).
You have the option for it to only include accounts that authenticate
against your NT Domain. Also, be sure that if you are not running
LDaemon as a "Service" (default) to set RunningAsService to False.
Simply setup the Windows Scheduler to run this script once or twice
a day as needed. It only take a few seconds to create a database
with several thousand users.
CONGRATULATIONS! YOU NOW HAVE A VERY FAST LDAP SERVER!
Troubleshooting:
----------------
The script should automatically shutdown the LDaemon Service and
restart it once the database has been updated.
If you are not seeing your database being updated, be sure to check
all the paths in the included files. Also watch and make sure that
the script is terminating the LDaemon Service. If you are running
LDaemon manually, then you will want to exit the console before
running this script.
Some sites may experience a problem where all users are not properly
added to the LDAP database. This is likely due to a bug in some
versions of MDaemon where you could actually have two records for
the same user. You can test this by going to a command prompt and
running the createDB.bat file. If you see a line similar to the one
below, you have duplicate users that you will need to manually remove.
slapadd: could not add entry dn="o=Your Organization, c=US" (line=xx)
If all else fails, restore from the backup you made before you started
(you did make a backup didn't you? <g>).
Warranty:
---------
No warranty of fitness of this software is made for any purpose. Use
this software at your own risk. (I hate having to add a disclaimer.)
MDaemon-LDIF.vbs
کد:
'---------------------------------------------------------------------
' MDaemon - Create LDIF File For LDaemon - 5/15/03 Dave Koontz
'---------------------------------------------------------------------
'
dim UserName, Password, FullName, Count, MDUserCount
dim fso, args, argument, pos, WriteFile, UserRecord
dim LineInput, x, LineOut, OU, CAPS
' Change The following to reflect your domain info and path
'---------------------------------------------------------------------
Const MDUserFile = "C:\MDaemon\App\UserList.dat"
Const LdifFile = "C:\MDaemon\LDaemon\MDaemon.ldif"
Const LDaemonPath = "C:\MDaemon\LDaemon\"
Const LDaemonDBPath = "C:\MDaemon\LDaemon\DB\"
Const NT_Domain = "\\NT-Domain-Name"
Const Postmaster_Email = "postmaster@yoursite.com"
Const Organization = "Your Company Name"
Const Country_Code = "US"
' The Following Option Only Populates NT Authenticated Accounts to LDAP
Const Only_NT_Accounts = False
' Is LDaemon running as a system Service? (True/False) True Stops Service
' And Then Later Restarts It
Const RunningAsService = True
Const Machine = "127.0.0.1"
' End User Defined Variables
'---------------------------------------------------------------------
' LDAP Header Is Required To REGENERATE The Database from Scratch.
' Format is Default LDaemon Specific
'---------------------------------------------------------------------
Const WriteHeader = True
LDAPHeader = "dn: o=" & Organization & ", c=" & Country_Code & VBCRLF
LDAPHeader = LDAPHeader & "o: " & Organization & VBCRLF
LDAPHeader = LDAPHeader & "objectClass: organization" & VBCRLF
LDAPHeader = LDAPHeader & VBCRLF
LDAPHeader = LDAPHeader & "dn: ou=ComAgent Public Contacts, o=" & Organization &", c=" & Country_Code & VBCRLF
LDAPHeader = LDAPHeader & "cn: postmaster" & VBCRLF
LDAPHeader = LDAPHeader & "ou: ComAgent Public Contacts" & VBCRLF
LDAPHeader = LDAPHeader & "mail: " & Postmaster_Email & VBCRLF
LDAPHeader = LDAPHeader & "objectClass: MDaemonContact" & VBCRLF
LDAPHeader = LDAPHeader & "objectClass: OrganizationalUnit" & VBCRLF
Const vbMinimizedNoFocus = 6
Const ForReading = 1
Const ForWriting = 2
const ForAppending = 8
Set WS = WScript.CreateObject("Wscript.Shell")
Set fso = CreateObject("Scripting.FileSystemObject")
Set args = WScript.Arguments
Set WriteFile = fso.OpenTextFile(LdifFile, ForWriting, True)
'---------------------------------------------------------------------
' Turn Off LDaemon Service & Remove Existing DB Files
'---------------------------------------------------------------------
On Error Resume Next
If RunningAsService Then
Set Server=GetObject("WinNT://" & Machine & ",computer")
Set LDaemon=Server.GetObject("Service","LDaemon")
LDaemon.Stop
While Not LDaemon.Status = 1
Sleep (2500)
WEnd
End IF
set DBFolder = fso.GetFolder (LDaemonDBPath)
for each file in DBFolder.files
file.delete
next
'---------------------------------------------------------------------
' Check Full Database Flag (Headers on or Off?)
'---------------------------------------------------------------------
If WriteHeader = True Then
WriteFile.WriteLine LDAPHeader
End If
'---------------------------------------------------------------------
' Write LDIF Entry For Each User Listed In MD Database
'---------------------------------------------------------------------
set MDUserList = fso.OpenTextFile(MDUserFile,ForReading, true)
while not MDUserList.AtEndOfStream
MDUserCount=MDUserCount+1
MDUserData=MDUserList.ReadLine
If Only_NT_Accounts and Ucase(Trim(Mid(MDUserData,196,20) )) <> NT_Domain Then
' Skips Account If No Domain Match and NT Only Selected
Else
UserName=Trim(Mid(MDUserData,46,30))
FullName=Trim(Mid(MDUserData,76,30))
Email_Domain="@" & Trim(Mid(MDUserData,1,45))
UserRecord=AddUserLDIF(UserName, FullName)
WriteFile.WriteLine UserRecord
End If
wend
MDUserList.Close
'---------------------------------------------------------------------
' Rebuild The LDAP Database
'---------------------------------------------------------------------
WS.Run LDaemonPath & "CreateDB.bat", True, 10
'---------------------------------------------------------------------
' Turn On LDaemon Service
'---------------------------------------------------------------------
If RunningAsService Then
WS.Run LDaemonPath & "RemoveLD /Start"
End If
'MsgBox "Finished! Processed " & MDUserCount & " Email Records"
'---------------------------------------------------------------------
' End Of Program
'---------------------------------------------------------------------
Function AddUserLDIF(UserName, FullName)
'----------------------------------------
' Format User Record For LDAP LDIF file
'----------------------------------------
SearchBase = "ou=ComAgent Public Contacts, o=" & Organization & ", c=" & Country_Code
Const ObjectClass= "objectClass: MDaemonContact"
AddUserLDIF = "dn: mail=" & UserName & Email_Domain & ", " & SearchBase & VBCRLF
AddUserLDIF = AddUserLDIF & ObjectClass & VBCRLF
AddUserLDIF = AddUserLDIF & "cn: " & FullName & VBCRLF
AddUserLDIF = AddUserLDIF & "mail: " & UserName & Email_Domain & VBCRLF
end function
CreateDB.bat
کد:
C:
cd \mdaemon\ldaemon
slapadd -f slapd.conf -l mdaemon.ldif -v
slapd.conf
کد:
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.4 2000/08/26 17:06:18 kurt Exp $
#
#
#---> CHANGE TO MATCH YOUR SITE <---#
defaultsearchbase "o=Mary Baldwin College, c=US"
#######################################################################
# ldbm database definitions
#######################################################################
include core.schema
include mdaemon.schema
database ldbm
defaultaccess read
sizelimit 25
# The database directory MUST exist prior to running slapd AND
# should only be accessable by the slapd/tools. Mode 700 recommended.
directory ./db
#---> CHANGE TO MATCH YOUR SITE <---#
suffix "o=Mary Baldwin College, c=US"
rootdn "cn=postmaster, o=Mary Baldwin College, c=US"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw LittleSecret
#---> CHANGE TO MATCH YOUR SITE <---#
# Don't remove the following line. Even though it is a comment
# it is used by the installer
# rootemail postmaster@mbc.edu
# Indices to maintain
index cn pres,eq,sub
# My Working Configuration (Not With LDAP Authentication/UserBase)
Allow read access of root DSE
Allow self write access
Allow authenticated users read access
Allow anonymous users to authenticate
access to dn="*" by * read
access to *
by self write
by users read
by anonymous auth
# if no access controls are present, the default is:
# Allow read by all
#
# rootdn can always write!
### ORIGINAL MDAEMON CONFIG - *NOT* WORKING
# -----------------------------------------------------------------------------
# index sn pres,eq,sub
# index uid eq
#
#
# You can modify your password and authenticate against it
#access to attr=userpassword
# by self write
# by anonymous auth
# This may be deprecated, further testing is needed
# No-one may access their MDaemon attributes
# Must be split to meet max line length limit
#access to attrs=mdMailDir,mdPassword,mdAutoDecode,mdIsForwarding,mdAllowAccess,mdChangeViaEmail,mdKeepForwardedMail,mdHideFromEveryone,mdEncryptMail,mdApplyQuotas,mdEnableMultipop,mdMaxMessageCount,mdMaxDiskSpace,mdMailFormat,mdComments,mdMaxUidlCount,mdMaxMessageSize,mdWebConfig,mdForwardAddress,mdForwardHost,mdForwardSendAs,mdForwardPort,mdAutoRespScript,mdAutoRespProcess,mdAutoRespAddToList,mdAutoRespRemoveFromList,mdAutoRespExclude
# by * none
#access to attrs=mdAutoRespPassMessage,mdPruneUseDefault,mdPruneMaxInactive,mdPruneMaxMessageAge,mdPruneRecurseIMAP,mdRestrictIn,mdRestrictInAction,mdRestrictInAddrList,mdRestrictOut,mdRestrictOutAction,mdRestrictOutAddrList,mdPruneMaxDeletedIMAPMessageAge
# by * none
# Public contacts are stored as children of the Public Contacts orginizational unit
#access to dn="ou=ComAgent Public Contacts,o=Mary Baldwin College,c=US" attr=children
# by users write
# by * read
#access to dn="ou=ComAgent Public Contacts,o=Mary Baldwin College,c=US"
# by users write
# by * read
# Private contacts are stored as children of the bind dn
#access to dn=".*,mail=(.*),o=Mary Baldwin College,c=US"
# by dn="mail=$1,o=Mary Baldwin College,c=US" write
#access to dn="mail=(.*),o=Mary Baldwin College,c=US" attr=children
# by dn="mail=$1,o=Mary Baldwin College,c=US" write
#access to dn="mail=(.*),o=Mary Baldwin College,c=US"
# by dn="mail=$1,o=Mary Baldwin College,c=US" write
LinkBack URL
About LinkBacks
