[Kolab-devel] kolab_setup (part of Kolab bootstrap rewrite)

Stephan Buys list at codefusion.co.za
Tue Mar 23 13:47:44 CET 2004 

Hello,

On Tuesday 23 March 2004 13:08, Bo Thorsen wrote:
> > We have specifically chosen Microsoft terminilogy to make it easy for
> > people with little directory/Unix knowledge to pick up the exact
> > meanings.
> 
> This sounds fishy to me. But I'll comment on specific issues if there are
> any.
> 
> In general, I don't like trying to hide the fact that people are changing
> systems. That obviously doesn't mean trying to specifically make it more
> challenging to change, but it's an annoyment if you're a unix fan
> already.
>
Ok, so we followed the path of least resistance... 
If you run the script, and you know what you are doing, it is very easy to
rename the DN's...
 
> > my $hostname = "";
> > my $email_domain = "";
> > my $base_dn = "";
> > my $user_dn = "";
> > my $contact_dn = "";
> > my $system_dn = "";
> > my $kolab_dn = "";
> > my $manager_pw ="";
> > my $admin_dn = "";
> > my $admin_pw = "";
> > my $postmaster = "";
> > my $abuse = "";
> > my $user_cn = "Users";
> > my $contact_cn = "Contacts";
> > my $system_cn = "System";
> > my $admin_cn = "Administrator";
> 
> ... and I guess this one is the first. Oh well, at least it's a step up
> from the "manager" that is used nowhere else.
>
Ok, I never explained this. We want to create a default user called Administrator
which will be used by users instead of manager (although it will still exists). 
This means that Kolab will bootstrap with one mailbox created by default.
This addresses abuse and postmaster (see later comments)
 
> > print "\nKOLAB BOOTSTRAP SETUP\n\n";
> 
> Why the shouting?
>
NO REASON (I guess CAPS was on?) We can easily change this.
 
> > my $kolab_setup_file = "/kolab/etc/kolab/kolab.bootstrap";
> 
> Don't hardcode paths.
>
Agreed. This will be rewritten during installation of the OpenPKG package using
something like shtool. Will probably become:

my $kolab_setup_file = "@l_prefix@";

So take this path as "post installation" for now...
 

> >   $manager_pw = prompt_input( "Please enter the manager password",
> $manager_pw );
> >   $admin_cn = prompt_input( "Please enter the administrator DN" ,
> $admin_dn );
> >   $admin_pw = prompt_input( "Please enter the administrator password",
> $admin_pw );
> 
> Huh? It's an advanced setup thing to set the administrator and manager
> password?
>

Ok, so we have manager which is the default/root password for the OpenLDAP database.
Users really should not be using this if it can be avoided.

Next we have administrator which is a normal users (with a mailbox) and Administrator 
privileges for day to day management. 

We need a "default" mailbox to be RFC2821 compliant.
 
> >   $postmaster = prompt_input( "Please enter the postmaster e-mail
> address", $postmaster );
> >   $abuse = prompt_input( "Please enter the abuse e-mail address",
> $abuse );
> 
> Not everyone will know what the abuse email address is. Not even advanced
> setuppers.
>
Agreed, although it does not change the RFC and advanced admins will know what
to do with it. Here is an interesting example of it being used:
http://www.investec.com/emaildisclaimer/

Also, this mailbox will be used for all the bounce, etc. messages for Postfix. At the moment
this is a problem with all Kolab installs (you will see things getting bounced in Postfix.log
but an Administrator/Sysadmin doesn't get the bounce messages)...

> 
> Those were the comments I had on the script.
> 
> Generally: What is the difference between the administrator and the
> manager? Is it a bug to have both? Why are there two?
>
As mentioned above:
manager: LDAP default password for a specific database. The manager password breaks
down when you have more than one database in an OpenLDAP tree. manager never even
appears in LDAP tree when you do a search...

administrator: Default administrator for you Kolab server, with a mailbox (which manager
does not have).
 
> Bo.
> 
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at intevation.org
> https://kroupware.org/mailman/listinfo/kolab-devel
> 
> 
> 

-- 
Stephan  Buys
Code Fusion cc.
Tel: +27 11 391 1412
Mobile: +27 83 294 1876
Email: s.buys at codefusion.co.za

E-mail Solutions, Kolab Specialists.
http://www.codefusion.co.za

More information about the devel mailing list