Thread-topic: OD search policy arrangement via term command?
On Thursday, March 19, 2009, at 01:22PM, "Mike Wyant Jr"
<email@hidden> wrote:
>
>On Mar 19, 2009, at 10:03 AM, David Boyer wrote:
>
>> Hello, anyway to arrange the policies in OD via a script / command?
>>
>> Thanks
>> Dave
>
>IIRC, you can't rearrange the search order, but since they are added
>in order what I've traditionally done in the past is remove all search
>entries and then re-add them back.
>
>I used to use a script written by Brian Hanson back in 2006. I
>haven't tested the script on Leopard, but the syntax looks like it
>should still be good. Of course, test this on a demo machine first.
>
>Mike
>
>The following excerpts should be enough to get you going. If you want
>a copy of the whole shebang, let me know:
>
>
>
>
>#############################
># Apply OD Search and Contact paths
>#############################
>
># Add OD to Authentication path
>dscl /Search -append / CSPSearchPath "$od_path"
>
># Add OD to Contacts path
>dscl /Search/Contacts -append / CSPSearchPath "$od_path"
>
>
>
>#############################
># Clear any servers already in the LDAP config
>#############################
># This is specific to retro-fitting newly imaged clients with this
>script, who may already
># have a non-trusted bind to OD (ie, as a post-restore action, copying
>the files to the client)
># This is not nice if you have other servers you want to keep in the
>list
>
>clearothers()
>{
> for i in `(dscl localhost list /LDAPv3)`
> do
> if [ $i != "$server_name" ]; then
> echo `(date)`": Removing $i from list" >>
$LOGFILE
> dsconfigldap -f -r $i -u $od_admin -p $od_pass
> dscl /Search -delete / CSPSearchPath /LDAPv3/$i
> dscl /Search/Contacts -delete / CSPSearchPath
/LDAPv3/$i
> fi
> done
>}
>
>
>Mike
>
Thanks Mike, what I've been doing is ARD the DirectoryServices files
that SearchNodeconfig.plist. That has worked fine so I guess I'll
continue to use that. I'll also play around with the code you gave me.
Best
Dave
>
Dave,
Here are the commands I use to change order of the search paths without
removing and re-adding them. The number in each line represents the
order. Number 0, and 1 are always /Local/Default and /BSD/local and
can't be changed, so 2 would be third in the list and so on. You can use
the same commands for the contacts by modifying /Search to
/Search/Contacts
Sudo dscl localhost changei /Search CSPSearchPath 2 /LDAPv3/<LDAP Server
FQDN>
Sudo dscl localhost changei /Search CSPSearchPath 3 /Active\
Directory/<AD Server FQDN>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Client-management mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
