From 9cad2e25e0fc6710a6fd542e4372be753117943b Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 5 Mar 2012 18:32:12 +0000 Subject: [PATCH] Remove eDirectory references in RST docs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25731 dc483132-0cff-0310-8789-dd5450dbe970 --- .../admin_commands/kdb5_ldap_util.rst | 325 ------------------ .../ldap_operations/edir_create_realm.rst | 44 --- .../ldap_operations/edir_create_so.rst | 74 ---- .../database/ldap_operations/index.rst | 10 - .../ldap_operations/ldap_create_realm.rst | 2 - .../ldap_operations/ldap_mod_realm.rst | 2 - .../krb_build/options2configure.rst | 3 - 7 files changed, 460 deletions(-) delete mode 100644 doc/rst_source/krb_admins/database/ldap_operations/edir_create_realm.rst delete mode 100644 doc/rst_source/krb_admins/database/ldap_operations/edir_create_so.rst diff --git a/doc/rst_source/krb_admins/admin_commands/kdb5_ldap_util.rst b/doc/rst_source/krb_admins/admin_commands/kdb5_ldap_util.rst index 58fa2b1dc..5d58ee016 100644 --- a/doc/rst_source/krb_admins/admin_commands/kdb5_ldap_util.rst +++ b/doc/rst_source/krb_admins/admin_commands/kdb5_ldap_util.rst @@ -200,22 +200,6 @@ Creates realm in directory. Options: *KRB5_KDB_PWCHANGE_SERVICE* flag on the principal in the database. -Command options specific to eDirectory: - -.. _kdb5_ldap_util_create_edir: - -**-kdcdn** *kdc_service_list* - Specifies the list of KDC service objects serving the realm. The - list contains the DNs of the KDC service objects separated by - colon (``:``). - -**-admindn** *admin_service_list* - Specifies the list of Administration service objects serving the - realm. The list contains the DNs of the Administration service - objects separated by colon (``:``). - -.. _kdb5_ldap_util_create_edir_end: - EXAMPLE: :: @@ -357,43 +341,6 @@ Modifies the attributes of a realm. Options: *KRB5_KDB_PWCHANGE_SERVICE* flag on the principal in the database. -Command options specific to eDirectory: - -.. _kdb5_ldap_util_modify_edir: - -**-kdcdn** *kdc_service_list* - Specifies the list of KDC service objects serving the realm. The - list contains the DNs of the KDC service objects separated by a - colon (``:``). This list replaces the existing list. - -**-clearkdcdn** *kdc_service_list* - Specifies the list of KDC service objects that need to be removed - from the existing list. The list contains the DNs of the KDC - service objects separated by a colon (``:``). - -**-addkdcdn** *kdc_service_list* - Specifies the list of KDC service objects that need to be added to - the existing list. The list contains the DNs of the KDC service - objects separated by a colon (``:``). - -**-admindn** *admin_service_list* - Specifies the list of Administration service objects serving the - realm. The list contains the DNs of the Administration service - objects separated by a colon (``:``). This list replaces the - existing list. - -**-clearadmindn** *admin_service_list* - Specifies the list of Administration service objects that need to - be removed from the existing list. The list contains the DNs of - the Administration service objects separated by a colon (``:``). - -**-addadmindn** *admin_service_list* - Specifies the list of Administration service objects that need to - be added to the existing list. The list contains the DNs of the - Administration service objects separated by a colon (``:``). - -.. _kdb5_ldap_util_modify_edir_end: - EXAMPLE: :: @@ -739,278 +686,6 @@ EXAMPLE: .. _kdb5_ldap_util_list_policy_end: -Commands specific to eDirectory -------------------------------- - -setsrvpw -~~~~~~~~ - -.. _kdb5_ldap_util_setsrvpw: - - **setsrvpw** - [**-randpw\|-fileonly**] - [**-f** *filename*] - *service_dn* - -Allows an administrator to set password for service objects such as -KDC and Administration server in eDirectory and store them in a file. -The **-fileonly** option stores the password in a file and not in the -eDirectory object. Options: - -**-randpw** - Generates and sets a random password. This options can be - specified to store the password both in eDirectory and a file. - The **-fileonly** option can not be used if **-randpw** option is - already specified. - -**-fileonly** - Stores the password only in a file and not in eDirectory. The - **-randpw** option can not be used when **-fileonly** options is - specified. - -**-f** *filename* - Specifies complete path of the service password file. By default, - ``/usr/local/var/service_passwd`` is used. - -*service_dn* - Specifies Distinguished Name (DN) of the service object whose - password is to be set. - -EXAMPLE: - :: - - kdb5_ldap_util setsrvpw -D cn=admin,o=org setsrvpw -fileonly -f /home/andrew/conf_keyfile cn=service-kdc,o=org - Password for "cn=admin,o=org": - Password for "cn=service-kdc,o=org": - Re-enter password for "cn=service-kdc,o=org": - -.. _kdb5_ldap_util_setsrvpw_end: - -create_service -~~~~~~~~~~~~~~ - -.. _kdb5_ldap_util_create_service: - - **create_service** - {**-kdc**\|\ **-admin**\|\ **-pwd**} - [**-servicehost** *service_host_list*] - [**-realm** *realm_list*] - [**-randpw**\|\ **-fileonly**] - [**-f** *filename*] - *service_dn* - -Creates a service in directory and assigns appropriate rights. Options: - -**-kdc** - Specifies the service is a KDC service - -**-admin** - Specifies the service is a Administration service - -**-pwd** - Specifies the Password service - -**-servicehost** *service_host_list* - Specifies the list of entries separated by a colon (``:``). Each - entry consists of the hostname or IP address of the server hosting - the service, transport protocol, and the port number of the - service separated by a pound sign (``#``). For example, - ``server1#tcp#88:server2#udp#89``. - -**-realm** *realm_list* - Specifies the list of realms that are to be associated with this - service. The list contains the name of the realms separated by a - colon (``:``). - -**-randpw** - Generates and sets a random password. This option is used to set - the random password for the service object in directory and also - to store it in the file. The **-fileonly** option can not be used - if **-randpw** option is specified. - -**-fileonly** - Stores the password only in a file and not in eDirectory. The - **-randpw** option can not be used when **-fileonly** option is - specified. - -**-f** *filename* - Specifies the complete path of the file where the service object - password is stashed. - -*service_dn* - Specifies Distinguished Name (DN) of the Kerberos service to be - created. - -EXAMPLE: - :: - - shell% kdb5_ldap_util -D cn=admin,o=org create_service -kdc -randpw -f /home/andrew/conf_keyfile cn=service-kdc,o=org - Password for "cn=admin,o=org": - File does not exist. Creating the file /home/andrew/conf_keyfile... - shell% - -.. _kdb5_ldap_util_create_service_end: - -modify_service -~~~~~~~~~~~~~~ - -.. _kdb5_ldap_util_modify_service: - - **modify_service** - [**-servicehost** *service_host_list* | - [**-clearservicehost** *service_host_list*] - [**-addservicehost** *service_host_list*]] - [**-realm** *realm_list* | - [**-clearrealm** *realm_list*] - [**-addrealm** *realm_list*]] - *service_dn* - -Modifies the attributes of a service and assigns appropriate -rights. Options: - -**-servicehost** *service_host_list* - Specifies the list of entries separated by a colon (``:``). Each - entry consists of a host name or IP Address of the Server hosting - the service, transport protocol, and port number of the service - separated by a pound sign (``#``). For example, - ``server1#tcp#88:server2#udp#89``. - -**-clearservicehost** *service_host_list* - Specifies the list of servicehost entries to be removed from the - existing list separated by colon (``:``). Each entry consists of - a host name or IP Address of the server hosting the service, - transport protocol, and port number of the service separated by a - pound sign (``#``). - -**-addservicehost** *service_host_list* - Specifies the list of servicehost entries to be added to the - existing list separated by colon (``:``). Each entry consists of - a host name or IP Address of the server hosting the service, - transport protocol, and port number of the service separated by a - pound sign (``#``). - -**-realm** *realm_list* - Specifies the list of realms that are to be associated with this - service. The list contains the name of the realms separated by a - colon (``:``). This list replaces the existing list. - -**-clearrealm** *realm_list* - Specifies the list of realms to be removed from the existing list. - The list contains the name of the realms separated by a colon - (``:``). - -**-addrealm** *realm_list* - Specifies the list of realms to be added to the existing list. - The list contains the name of the realms separated by a colon - (``:``). - -*service_dn* - Specifies Distinguished Name (DN) of the Kerberos service to be - modified. - -EXAMPLE: - :: - - shell% kdb5_ldap_util -D cn=admin,o=org modify_service -realm ATHENA.MIT.EDU cn=service-kdc,o=org - Password for "cn=admin,o=org": - Changing rights for the service object. Please wait ... done - shell% - -.. _kdb5_ldap_util_modify_service_end: - -view_service -~~~~~~~~~~~~ - -.. _kdb5_ldap_util_view_service: - - **view_service** *service_dn* - -Displays the attributes of a service. Options: - -*service_dn* - Specifies Distinguished Name (DN) of the Kerberos service to be - viewed. - -EXAMPLE: - :: - - shell% kdb5_ldap_util -D cn=admin,o=org view_service cn=service-kdc,o=org - Password for "cn=admin,o=org": - Service dn: cn=service-kdc,o=org - Service type: kdc - Service host list: - Realm DN list: cn=ATHENA.MIT.EDU,cn=Kerberos,cn=Security - shell% - -.. _kdb5_ldap_util_view_service_end: - -destroy_service -~~~~~~~~~~~~~~~ - -.. _kdb5_ldap_util_destroy_service: - - **destroy_service** - [**-force**] - [**-f** *stashfilename*] - *service_dn* - -Destroys an existing service. Options: - -**-force** - If specified, will not prompt for user's confirmation, instead - will force destruction of the service. - -**-f** *stashfilename* - Specifies the complete path of the service password file from - where the entry corresponding to the service_dn needs to be - removed. - -*service_dn* - Specifies Distinguished Name (DN) of the Kerberos service to be - destroyed. - -EXAMPLE: - :: - - shell% kdb5_ldap_util -D cn=admin,o=org destroy_service cn=service-kdc,o=org - Password for "cn=admin,o=org": - This will delete the service object 'cn=service-kdc,o=org', are you sure? - (type 'yes' to confirm)? yes - ** service object 'cn=service-kdc,o=org' deleted. - shell% - -.. _kdb5_ldap_util_destroy_service_end: - -list_service -~~~~~~~~~~~~ - -.. _kdb5_ldap_util_list_service: - - **list_service** [**-basedn** *base_dn*] - -Lists the name of services under a given base in directory. Options: - -**-basedn** *base_dn* - Specifies the base DN for searching the service objects, limiting - the search to a particular subtree. If this option is not - provided, LDAP Server specific search base will be used. For eg, - in the case of OpenLDAP, value of defaultsearchbase from - slapd.conf file will be used, where as in the case of eDirectory, - the default value for the base DN is Root. - -EXAMPLE: - :: - - shell% kdb5_ldap_util -D cn=admin,o=org list_service - Password for "cn=admin,o=org": - cn=service-kdc,o=org - cn=service-adm,o=org - cn=service-pwd,o=org - shell% - -.. _kdb5_ldap_util_list_service_end: - - SEE ALSO -------- diff --git a/doc/rst_source/krb_admins/database/ldap_operations/edir_create_realm.rst b/doc/rst_source/krb_admins/database/ldap_operations/edir_create_realm.rst deleted file mode 100644 index 5b92917b0..000000000 --- a/doc/rst_source/krb_admins/database/ldap_operations/edir_create_realm.rst +++ /dev/null @@ -1,44 +0,0 @@ -.. _edir_create_realm: - -eDir: Creating a Kerberos realm -=============================== - -See :ref:`ldap_create_realm` - -The following are the eDirectory specific options: - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_create_edir: - :end-before: _kdb5_ldap_util_create_edir_end: - -EXAMPLE:: - - shell% kdb5_ldap_util -D cn=admin,dc=example,dc=com -H ldaps://ldap-server1.mit.edu create -sscope 2 - -subtree ou=users,dc=example,dc=com -kdcdn cn=krbkdc,dc=example,dc=com -admindn cn=krbadmin,dc=example,dc=com -r ATHENA.MIT.EDU - - Password for "cn=admin,dc=example,dc=com": - Initializing database for realm 'ATHENA.MIT.EDU' - You will be prompted for the database Master Password. - It is important that you NOT FORGET this password. - Enter KDC database master key: - Re-enter KDC database master key to verify: - shell% - -.. _edir_mod_realm: - - -eDir: Modifying a Kerberos realm -================================ - -See :ref:`ldap_mod_realm` - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_modify_edir: - :end-before: _kdb5_ldap_util_modify_edir_end: - - -Feedback --------- - -Please, provide your feedback at -krb5-bugs@mit.edu?subject=Documentation___edir diff --git a/doc/rst_source/krb_admins/database/ldap_operations/edir_create_so.rst b/doc/rst_source/krb_admins/database/ldap_operations/edir_create_so.rst deleted file mode 100644 index 73ccf8ca8..000000000 --- a/doc/rst_source/krb_admins/database/ldap_operations/edir_create_so.rst +++ /dev/null @@ -1,74 +0,0 @@ -eDir: Creating a Service Object -=============================== - -To create a service object in eDirectory and assign appropriate rights -on the container holding kerberos data, use the -:ref:`kdb5_ldap_util(8)` **create_service** command. - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_create_service: - :end-before: _kdb5_ldap_util_create_service_end: - - -eDir: Modifying a Service Object -================================ - -To modify the attributes of a service and assign appropriate rights, -if realm associations are changed, use the :ref:`kdb5_ldap_util(8)` -**modify_service** command. - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_modify_service: - :end-before: _kdb5_ldap_util_modify_service_end: - - -eDir: Retrieving Service Object Information -=========================================== - -To display the attributes of a service, use the -:ref:`kdb5_ldap_util(8)` **view_service** command. - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_view_service: - :end-before: _kdb5_ldap_util_view_service_end: - - -eDir: Destroying a Service Object -================================= - -The :ref:`kdb5_ldap_util(8)` **destroy_service** command is used to -destroy an existing service. - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_destroy_service: - :end-before: _kdb5_ldap_util_destroy_service_end: - - -eDir: Listing Available Service Objects -======================================= - -The :ref:`kdb5_ldap_util(8)` **list_service** command lists the name -of services under a given base in eDirectory. - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_list_service: - :end-before: _kdb5_ldap_util_list_service_end: - - -eDir: Passwords for Service Objects -=================================== - -The command :ref:`kdb5_ldap_util(8)` **setsrvpw** allows an -administrator to set password for service objects such as KDC and -Administration server in eDirectory and store them in a file. - -.. include:: ../../admin_commands/kdb5_ldap_util.rst - :start-after: _kdb5_ldap_util_setsrvpw: - :end-before: _kdb5_ldap_util_setsrvpw_end: - - -Feedback --------- - -Please, provide your feedback at -krb5-bugs@mit.edu?subject=Documentation___edir diff --git a/doc/rst_source/krb_admins/database/ldap_operations/index.rst b/doc/rst_source/krb_admins/database/ldap_operations/index.rst index 7fdbebaab..daea80779 100644 --- a/doc/rst_source/krb_admins/database/ldap_operations/index.rst +++ b/doc/rst_source/krb_admins/database/ldap_operations/index.rst @@ -31,13 +31,3 @@ LDAP ldap_realm_list.rst ldap_stash_pass.rst ldap_tkt_pol.rst - - -eDirectory ----------- - -.. toctree:: - :maxdepth: 1 - - edir_create_realm.rst - edir_create_so.rst diff --git a/doc/rst_source/krb_admins/database/ldap_operations/ldap_create_realm.rst b/doc/rst_source/krb_admins/database/ldap_operations/ldap_create_realm.rst index b6e6a903c..9589dfbb5 100644 --- a/doc/rst_source/krb_admins/database/ldap_operations/ldap_create_realm.rst +++ b/doc/rst_source/krb_admins/database/ldap_operations/ldap_create_realm.rst @@ -10,8 +10,6 @@ If you need to create a new realm, use the :ref:`kdb5_ldap_util(8)` :start-after: _kdb5_ldap_util_create: :end-before: _kdb5_ldap_util_create_end: -.. seealso:: :ref:`edir_create_realm` - Feedback -------- diff --git a/doc/rst_source/krb_admins/database/ldap_operations/ldap_mod_realm.rst b/doc/rst_source/krb_admins/database/ldap_operations/ldap_mod_realm.rst index 204b566ed..5955f97c5 100644 --- a/doc/rst_source/krb_admins/database/ldap_operations/ldap_mod_realm.rst +++ b/doc/rst_source/krb_admins/database/ldap_operations/ldap_mod_realm.rst @@ -10,8 +10,6 @@ If you need to modify a realm, use the :ref:`kdb5_ldap_util(8)` :start-after: _kdb5_ldap_util_modify: :end-before: _kdb5_ldap_util_modify_end: -.. seealso:: :ref:`edir_mod_realm` - Feedback -------- diff --git a/doc/rst_source/krb_build/options2configure.rst b/doc/rst_source/krb_build/options2configure.rst index fa5dcb0b4..9fca03b89 100644 --- a/doc/rst_source/krb_build/options2configure.rst +++ b/doc/rst_source/krb_build/options2configure.rst @@ -339,9 +339,6 @@ Optional packages **--with-ldap** Compile OpenLDAP database backend module. -**--with-edirectory** - Compile eDirectory database backend module. - **--with-vague-errors** Do not send helpful errors to client. For example, if the KDC should return only vague error codes to clients. -- 2.26.2