Déclaration annuaire LDAP Documentum
Comme toute opération d'administration sous Documentum, les personnes auront tendance à utiliser DA pour effectuer les diverses manipulations. Après de multiples tentatives, il paraît beaucoup plus simple d'effectuer cette opération manuellement et par script.
En effet, il est nécessaire que le serveur, où est hébergé DA, ait un accès à l'annuaire LDAP pour mener à bien la création. Lors des différents onglets de création, des vérifications de connexion peuvent être réalisés par exemple. Or dans des environnements de production, il n'est pas rare de voir que seul le flux est ouvert entre le content server et l'annuaire LDAP.
Un deuxième argument pour adopter cette approche concerne le déploiement d'application en production. Il est beaucoup plus simple de fournir au équipes quelques scripts API / DQL / shell que de devoir rédiger une documentation complète sur les manipulations dans DA.
Cet article se propose donc de lister les différents scripts pour mener à bien l'installation d'une telle configuration.
Sommaire
Votre avis
Current user rating: 99/100 (2 votes)
|
|
Environnement LDAP
La première étape consiste à créer:
- Une ACL pour l'objet de configuration.
- Un répertoire où seront stockées les configurations LDAP.
Les droits d'accès sont définis ainsi.
Accessor name | Permit |
---|---|
dm_world | 2 (relate) |
dm_owner | 7 (delete) |
docu | 3 (read) |
Pour cette création, un script API suffit:
create,c,dm_acl set,c,l,object_name LDAP_acl set,c,l,owner_name dm_dbo grant,c,l,dm_world,2 grant,c,l,dm_owner,7 grant,c,l,docu,5,3 save,c,l
Le répertoire est ensuite créer sous /System
avec le nom LDAPConfig
. Encore une fois, l'utilisation d'un script API est ce qu'il y a de plus simple.
create,c,dm_folder set,c,l,object_name LDAPConfig set,c,l,acl_name LDAP_acl set,c,l,acl_domain dm_dbo link,c,l,/System save,c,l
Création configuration LDAP
Une fois l'environnement mis en place, il faut créer l'objet dm_ldap_config
qui sera stocké dans le nouveau répertoire. Dans cet exemple, la configuration utilisera le mode SSL avec un certificat. L'objectif est:
Attribut | Valeur |
---|---|
Nom (object_name) | My LDAP Config |
ACL (acl_name et acl_domain) | LDAP_acl@dm_dbo
Correspond aux droits d'accès créé précédemment |
Server LDAP (ldap_host) | ldapServer
Il est également possible de mettre une adresse IP ce qui serait une mauvaise pratique. |
Numéro port (port_number) | 389
Numéro classique. |
Classe des personnes (person_obj_class) | personClass |
Classe des groupes (group_obj_class) | groupClass |
Recherche de base pour les utilisateurs (per_search_base) | ou=people,dc=mycompany |
Recherche de base pour les groupes (grp_search_base) | ou=groups,dc=mycompany |
Filtre des utilisateurs (per_search_filter) | (uid=*) |
Filtre des groupes (grp_search_filter) | (cn=*) |
Compte de connexion (bind_dn) | uid=admin,ou=applis,dc=mycompany |
Type Documentum utilisateurs (user_subtype) | dm_user |
Renommer les utilisateurs lors de la synchronisation (rename_user_option) | F
Les comptes ne seront pas renommés en cas de modification détectés par la synchronisation. |
Désactivation d'un utilisateur (deactivate_user_option) | T
Si un utilisateur n'est plus dans l'annuaire le compte Documentum sera désactivé. Il est préférable de ne jamais les supprimer. |
Renommer les groupes lors de la synchronisation (rename_group_option) | F
Les groupes ne seront pas renommés en cas de modification détectés par la synchronisation. |
Mode import (import_mode) | both
Les utilisateurs et les groupes seront synchronisés. |
Type de recherche (bind_type) | bind_search_dn
Les objets seront recherchés dans l'annuaire à partir du dn. L'identifiant LDAP sera fournis à l'annuaire lors de la connexion. |
Utilisation programme externe de connexion (use_ext_auth_prog) | F
On laisse l'annuaire réaliser l'authentification. |
Activation mode ssl (ssl_mode) | 1 |
Numéro port SSL (ssl_port) | 636
Numéro classique. |
Emplacement du certificat (certdb_location) | ldapcertdb_loc
C'est la valeur par défaut correspondant à un object
|
Synchronisation initiale (first_time_sync) | F
Utilisé par la synchronisation afin d'identifié si elle doit être incrémentale ou complète. Ici, elle sera incrémentale. |
Nombre d'essai en cas d'échec (retry_count) | 3 |
Intervalle entre tentative (retry_interval) | 3 |
Temps de latence avant bascule sur l'annuaire secondaire (failover_use_interval) | 300
Exprimé en secondes, soit 5 minutes. |
Type d'annuaire | netscape
Dans le cas d'une déclaration d'un annuaire OpenLDAP la valeur netscape doit être utilisée. Mais il faut modifier le processus de synchronisation. |
Emplacment | /System/LDAPConfig |
Pour cet exemple, une configuration de mapping est également mise en place sur les groupes et les utilisateurs.
Attribut cible (map_attr) | Valeur source (map_val) | Type cible (map_attr_type) | Type de donné (map_val_type) | Traitement en cas d'erreur (map_rejection) |
---|---|---|---|---|
user_name | cn | dm_user | A | 2 |
user_login_name | uid | dm_user | A | 2 |
user_address | dm_user | A | 0 | |
group_name | cn | dm_group | A | 2 |
Les informations sont particulièrement nombreuses, mais une fois le premier script créé, cela reste plus rapide que de passer par DA.
### Create the LDAP configuration ### create,c,dm_ldap_config set,c,l,object_name My LDAP Config set,c,l,acl_name LDAP_acl set,c,l,acl_domain dm_dbo set,c,l,ldap_host ldapServer set,c,l,port_number 389 set,c,l,person_obj_class personClass set,c,l,group_obj_class groupClass set,c,l,per_search_base ou=people,dc=mycompany set,c,l,grp_search_base ou=groups,dc=mycompany set,c,l,per_search_filter (uid=*) set,c,l,grp_search_filter (cn=*) set,c,l,bind_dn uid=admin,ou=applis,dc=mycompany set,c,l,user_subtype dm_user set,c,l,rename_user_option F set,c,l,deactivate_user_option T set,c,l,rename_group_option F set,c,l,import_mode both set,c,l,bind_type bind_search_dn set,c,l,use_ext_auth_prog F set,c,l,ssl_mode 1 set,c,l,ssl_port 636 set,c,l,certdb_location ldapcertdb_loc set,c,l,first_time_sync F set,c,l,retry_count 3 set,c,l,retry_interval 3 set,c,l,failover_use_interval 300 append,c,l,map_attr user_name append,c,l,map_val cn append,c,l,map_attr_type dm_user append,c,l,map_val_type A append,c,l,map_rejection 2 append,c,l,map_attr user_login_name append,c,l,map_val uid append,c,l,map_attr_type dm_user append,c,l,map_val_type A append,c,l,map_rejection 2 append,c,l,map_attr user_address append,c,l,map_val mail append,c,l,map_attr_type dm_user append,c,l,map_val_type A append,c,l,map_rejection 0 append,c,l,map_attr group_name append,c,l,map_val cn append,c,l,map_attr_type dm_group append,c,l,map_val_type A append,c,l,map_rejection 2 set,c,l,a_application_type netscape link,c,l,/System/LDAPConfig save,c,l
Injection du certificat
Dans la déclaration faite, le mode SSL est activé, nécessitant alors la mise ne place d'un certificat. Cette mise en place doit se réalisée au niveau du content server. Afin de garantir une installation sans accès au content serveur, le certificat va être injecté dans la docbase dans un fichier temporaire.
create,c,dm_document set,c,l,object_name LDAP CERTIFICAT set,c,l,a_content_type crtext setfile,c,l,/tmp/my certificat.cer link,c,l,/System/LDAPConfig save,c,l
Finalisation installation
Enfin, le mot de passe du compte d'accès à l'annuaire, ainsi que le certificat doivent être déployés au niveau du content server. Ici la roue ne sera pas réinventée et le code standard standard d'une méthode serveur est repris. Pour cette partie, le langage utilisé est le Docbasic
, encore largement utilisée au niveau des méthodes d'installation. Seule la dernière méthode est vraiment intéressante pour cette article.
Const replicate_services_version_label As String = "4.0/4.2.0"
Const repl_version4_2 As String = "4.2.0"
' From mthd4.ebs - get the path of the server config directory
Function getConfig() as string
getConfig = ""
coll$ = dmAPIGet("apply,s0,,LIST_RESOURCES")
if coll$ <> "" then
ret% = dmAPIExec("next,s0," & coll$)
theVal$ = dmAPIGet("get,s0," & coll$ & ",server_init_file")
getConfig = Mid$(theVal$, 1, InStr(theVal$, "server.ini") - 2)
ret% = dmAPIExec("close,s0," & coll$)
end if
End Function
' From mthd4.ebs - get a value from the server.ini file
Function ParseServerINI(Target As String) As String
Dim ServerINIPath As String
Dim Fnum As Integer
Fnum = FreeFile
ParseServerINI = ""
ServerINIPath = getConfig() & Basic.PathSeparator$ & "server.ini"
Open ServerINIPath For Input As #Fnum
Print "FileNum" & Fnum
Do While Not EOF(Fnum)
Line Input Fnum, CurLine$
If Lcase$(Item$(CurLine$,1,1," ")) = Lcase$(Target) Then
ParseServerINI = Item$(CurLine$,3,3," ")
Exit Do
End If
Loop
Close #Fnum
End Function
' This function gets the index store for a type name.
' It makes the assumption that the index store we are retrieving
' is for a type that is neither a small type nor a large type
' (These are defined in server code)
' There are only 2 places the index storage can be defined
' then - either in TYPE_SPECIFIC_STORAGE or in dm_docbase_config::index_store
' dm_docbase_config::index_store is obtained from server.ini
' If neither are defined - we will default to whatever tablespace
' is defined for the user.
Function GetIndexStore(type_name As String, session As String)
Dim collection as String
Dim status as Integer
dbms$ = dmAPIGet("get," & session & ",docbaseconfig,r_dbms_name")
' Only Oracle and Db2 have type specific storage.
If (dbms$ = "Oracle" Or dbms$ = "DB2") Then
indexStore$ = ParseServerINI("database_index_" & type_name)
End If
' We didn't find TYPE_SPECIFIC_STORAGE, just check the default store
' in docbase_config
If (indexStore = "") Then
indexStore = dmAPIGet("get," & session & ",docbaseconfig,index_store")
End If
GetIndexStore = indexStore
End Function
' This function gets the data store for a type name.
' It makes the assumption that the data store we are retrieving
' is for a type that is neither a small type nor a large type
' (These are defined in server code)
' There are only 2 places the data storage can be defined
' then - either in TYPE_SPECIFIC_STORAGE or in server.ini data_store
' This is only used for DB2 and has only been tested on DB2.
Function GetDataStore(type_name As String, session As String)
Dim collection as String
Dim status as Integer
dbms$ = dmAPIGet("get," & session & ",docbaseconfig,r_dbms_name")
' Only Oracle and Db2 have type specific storage.
If (dbms = "Oracle" Or dbms = "DB2") Then
collection = dmAPIGet("apply," & session & ",,LIST_RESOURCES")
If (collection = "") Then
print "Failed to obtain server.ini path from LIST_RESOURCES"
print dmAPIGet("getmessage,s0")
GetDataStore = ""
Exit Function
Else
status = dmAPIExec("next," & session & "," & collection$)
Dim server_ini_path as String
server_ini_path = dmAPIGet("get," & session & "," & collection & ",server_init_file")
dataStore$ = ParseServerINI("database_table_" & type_name)
If (dataStore = "") Then
dataStore = ParseServerINI("data_store")
End If
End If
End If
GetDataStore = dataStore
End Function
Function GenerateIndexStorageSQL(type_name As String, session As String)
dbms$ = dmAPIGet("get," & session & ",docbaseconfig,r_dbms_name")
indexStore$ = GetIndexStore(type_name, session)
if (indexStore <> "") Then
If (dbms$ = "Oracle") Then
GenerateIndexStorageSQL = " TABLESPACE " & indexStore
ElseIf (dbms$ = "DB2") Then
dataStore$ = GetDataStore(type_name, session)
If (dataStore <> "") Then
GenerateIndexStorageSQL = " IN " & dataStore & " INDEX IN " & indexStore
Else
GenerateIndexStorageSQL = ""
End If
Else ' Sybase or SQL Server
GenerateIndexStorageSQL = " ON '" & indexStore & "'"
End If
End If
End Function
Sub rmain(function_name As String, arg2 As String, arg3 As String)
Dim retcode As Integer
retcode = 0
If function_name = "DoSetup" Then
retcode = DoSetup(arg2, arg3)
ElseIf function_name = "ItExists" Then
retcode = ItExists(arg2, arg3)
ElseIf function_name = "mkdir" Then
retcode = my_mkdir(arg2)
ElseIf function_name = "mkfile" Then
retcode = my_mkfile(arg2, arg3)
ElseIf function_name = "mkfile_encrypt_text" Then
retcode = my_mkfile_encrypt_text(arg2, arg3)
Else
Print "Not a valid function"
End If
dmexit retcode
End Sub
Declare Function GetUserName% Lib "advapi32.dll" _
Alias "GetUserNameA" ( _
ByVal lpBuffer As String, nSize As Long)
Function GetUser() As String
Dim TheName As String
Dim UserName As String
Dim TheSize As Long
Dim x As Long
Dim fnum As Integer
On Error Resume Next
If Basic.OS = ebWin32 Then
TheSize = 32
TheName = space(32)
ret& = GetUserName(TheName, TheSize)
UserName = Mid$(TheName, 1, TheSize - 1)
Else
Randomize
x = Random(1, 100000)
tempfile$ = "/tmp/dm" & CStr(x)
ret& = ShellSync("id > " & tempfile$)
fnum = FreeFile
Open tempfile$ For Input As #fnum
Line Input fnum, UserName
StartPos% = InStr(UserName,"(")
EndPos% = InStr(UserName,")")
UserName = Mid$(Username, StartPos% + 1, EndPos% - StartPos% - 1)
Close #fnum
Kill tempfile$
End If
GetUser = UserName
End Function
Function DoSetup(docbase As String, mode As String) As Integer
Dim id As String
Dim docbase_id As String
Dim session As String
Dim minus As Integer
Dim documentum As String
Dim status As Integer
Dim cid As String
Dim qry As String
Dim locname As String
Dim server_version As String
Dim server_number As Integer
Dim security_mode As String
Dim fullpath As String
Dim username As String
Dim size As Long
Dim pathsep As String
Dim result As String
Dim master_major As Integer ' major server version for current docbase
Dim source_only As Integer
Dim configpath As String
Dim replicatepath As String
Dim wc_folder As String
Dim si_folder As String
Dim is_NT As Integer
Dim method_verb As String
Dim f_index As Integer
Dim ver_status As Integer
Dim rf_id As String
Dim rebind_files As String
Dim icount As Integer
pathsep = Basic.PathSeparator$
print "Connecting to " & mode & " docbase"
username = GetUser()
session = dmAPIGet("connect," & docbase & "," & username & ",")
If session = "" Then
result = dmAPIGet("getmessage,current")
print "Cannot connect to docbase: " + result
DoSetup = 0
Exit Function
End If
' status = dmAPIExec("trace,c,10,trace.out,ALL")
print "Checking various " & mode & " docbase parameters..."
server_version = dmAPIGet("get,c,serverconfig,r_server_version")
is_NT = InStr(1, server_version, "Win32", 1)
print "Version: " & server_version
' Server version must be at 3.1.5 or higher for source;
' 4.0.0 or higher for target.
'
ver_status = VersionCmp(server_version, "3.1.5")
If ver_status < 0 Then
If mode = "Source" Then
vers$ = "3.1.5"
Else
vers$ = "4.0.0"
End If
print "The " & mode & " docbase must be running at Version " & vers$ & " or Higher."
DoSetup = 0
Exit Function
End If
source_only = 0
ver_status = VersionCmp(server_version, "4.0.0")
If ver_status < 0 Then
If mode = "Source" Then
source_only = 1
Else
print "The "& mode & " docbase must be running at Version 4.0.0 or Higher."
DoSetup = 0
Exit Function
End If
End If
' We used to check here to see whether the last item to install was already
' present and exit if so. Since this is not very reliable, we deleted that
' check and always check each item to make sure it is installed at the
' correct version level.
master_major = Val(Item$(server_version,1,1,"."))
'Security mode must be acl
'security_mode = dmAPIGet("get,c,docbaseconfig,security_mode")
'print "Security Mode: " & security_mode
'If security_mode <> "acl" Then
'print "Security mode of " & mode & " docbase MUST be ACL, please change"
'DoSetup = 0
'Exit Function
'End If
print "Checking for the dm_docbaseid_map entry"
docbase_id = dmAPIGet("get,c,docbaseconfig,r_docbase_id")
If dmAPIGet("id,s0,dm_docbaseid_map where r_docbase_id= " & docbase_id) = "" Then
print "Creating dm_docbaseid_map entry"
result = dmAPIGet("create,s0,dm_docbaseid_map")
status = dmAPISet("set,s0,l,docbase_name", docbase)
status = dmAPISet("set,s0,l,r_docbase_id", docbase_id)
status = dmAPIExec("save,s0,l")
If status = 0 Then
print "Failed to create dm_docbaseid_map entry"
print dmAPIGet("getmessage,s0")
DoSetup = 0
Exit Function
End If
End If
print "Checking for replicate_temp_store existence"
If dmAPIGet("id,c,dm_filestore where name = 'replicate_temp_store'") = "" Then
print "Creating replicate_temp_store filestore"
locname = Get_Storage_01()
documentum = GetLocation("s0", locname)
print mode &" $DOCUMENTUM" & pathsep & "data" & pathsep & "<" & locname & ">: " & documentum
icount = ItemCount(documentum,pathsep)
result = Item$(documentum, 1, icount - 1, pathsep)
fullpath = result & pathsep & "replicate_temp_store"
status = create_loc("s0","replicate_location",fullpath,"replicate_temp_store")
If status = 0 Then
print "Failed to create replicate_temp_store filestore"
DoSetup = 0
Exit Function
End If
End If
print "Creating directory for dumpfiles and filtered dumpfiles"
locname = dmAPIGet("get,sO,serverconfig,temp_location")
If locname = "" Then
print "Fail to get temp_location"
print dmAPIGet("getmessage,s0")
DoSetup = 0
Exit Function
End If
documentum = GetLocation("s0", locname)
fullpath = documentum & pathsep & "replicate"
status = my_mkdir(fullpath)
If status = 0 Then
print "Failed to create directory " + fullpath
DoSetup = 0
Exit Function
End If
fullpath = fullpath & pathsep & docbase
status = my_mkdir(fullpath)
If status = 0 Then
print "Failed to create directory " + fullpath
DoSetup = 0
Exit Function
End If
dbms$ = dmAPIGet("get,c,docbaseconfig,r_dbms_name")
If (dbms$ = "Oracle") Then
datestr$ = "date"
charstr$ = "varchar2"
ElseIf (dbms$ = "DB2") Then
datestr$ = "timestamp"
charstr$ = "varchar"
Else
datestr$ = "datetime"
charstr$ = "char"
End If
print "Checking for existence of dm_replication_events table"
If dmAPIGet("id,c,dm_registered where table_name = 'dm_replication_events'") = "" Then
mmsg$ = dmAPIGet("getmessage,c") ' Clear msgs
status = dmAPIExec("execsql,c,DROP TABLE dm_replication_events")
print "Creating table--dm_replication_events..."
qry = "create table dm_replication_events (event_id int not null,job_id char(16) not null, full_refresh " & charstr$ & "(8) not null, replication_date " & datestr$ & " not null, target_docbase " & charstr$ & "(64) not null, replication_request " & charstr$ & "(255) not null)"
If (dbms$ = "Sybase") Then
qry = qry + " lock datarows"
End If
if (dbms = "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replication_events", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "CREATE INDEX dm_rep_events_ix ON dm_replication_events (job_id, replication_date)"
if (dbms <> "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replication_events", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "register table dm_dbo.dm_replication_events (event_id integer,job_id char(16), full_refresh char(8), replication_date date, target_docbase char(64), replication_request char(255))"
cid = dmAPIGet("query,c," & qry)
If cid <> "" Then
status = dmAPIExec("close,c," & cid)
End If
qry = "update dm_registered object set group_permit = 3, set world_permit = 3, set owner_table_permit = 15 where table_name = 'dm_replication_events'"
cid = dmAPIGet("query,c," & qry)
If cid <> "" Then
status = dmAPIExec("close,c," & cid)
Else
print "Problem creating dm_replication_events..."
DoSetup = 0
Exit Function
End If
End If
If master_major = 3 Then
ref_object_id_str$ = ""
ref_object_id_not_null_str$ = ""
object_id_i_str$ = ", object_id_i int "
object_id_i_not_null_str$ = object_id_i_str$ + " not null"
Else
ref_object_id_str$ = ", ref_object_id char(16)"
ref_object_id_not_null_str$ = ref_object_id_str$ + " not null"
object_id_i_str$ = ""
object_id_i_not_null_str$ = ""
End If
print "Checking for the dm_replica_catalog table"
If dmAPIGet("id,c,dm_registered where table_name = 'dm_replica_catalog'") = "" Then
mmsg$ = dmAPIGet("getmessage,c") ' Clear msgs
status = dmAPIExec("execsql,c,DROP TABLE dm_replica_catalog")
print "Creating Source Docbase registered tables--dm_replica_catalog..."
qry = "create table dm_replica_catalog (version_no int not null,job_id char(16) not null, event_id int not null, order_no int not null, object_id char(16) not null" + object_id_i_not_null_str$ + ref_object_id_not_null_str$ + ")"
If (dbms$ = "Sybase") Then
qry = qry + " lock datarows"
End If
if (dbms = "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_catalog", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "CREATE INDEX dm_rep_cat_index ON dm_replica_catalog (job_id, event_id, order_no)"
if (dbms <> "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_catalog", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "CREATE INDEX dm_rep_cat_index2 ON dm_replica_catalog (object_id, job_id)"
if (dbms <> "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_catalog", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "register table dm_dbo.dm_replica_catalog (version_no integer,job_id char(16), event_id integer, order_no integer, object_id char(16)" + object_id_i_str$ + ref_object_id_str$ + ")"
cid = dmAPIGet("query,c," & qry)
If cid <> "" Then
status = dmAPIExec("close,c," & cid)
End If
qry = "update dm_registered object set group_permit = 3, set world_permit = 3, set owner_table_permit = 15 where table_name = 'dm_replica_catalog'"
cid = dmAPIGet("query,c," & qry)
If cid <> "" Then
status = dmAPIExec("close,c," & cid)
Else
print "Problem creating dm_replica_catalog..."
DoSetup = 0
Exit Function
End If
End If
print "Checking for existence of the dm_replica_delete_info table"
If dmAPIGet("id,c,dm_registered where table_name = 'dm_replica_delete_info'") = "" Then
mmsg$ = dmAPIGet("getmessage,c")
status = dmAPIExec("execsql,c,DROP TABLE dm_replica_delete_info")
print "Creating Source Docbase registered tables--dm_replica_delete_info..."
qry = "create table dm_replica_delete_info (job_id char(16) not null,event_id int not null,order_no int not null,object_id char(16) not null)"
If (dbms$ = "Sybase") Then
qry = qry + " lock datarows"
End If
if (dbms = "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_delete_info", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "CREATE INDEX dm_rep_delete_ind ON dm_replica_delete_info (job_id,event_id,order_no)"
if (dbms <> "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_delete_info", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "CREATE INDEX dm_rep_delete_ind2 ON dm_replica_delete_info (object_id,job_id)"
if (dbms <> "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_delete_info", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "register table dm_dbo.dm_replica_delete_info (job_id char(16),event_id integer,order_no integer,object_id char(16))"
cid = dmAPIGet("query,c," & qry)
If cid <> "" Then
status = dmAPIExec("close,c," & cid)
End If
qry = "update dm_registered object set group_permit = 3, set world_permit = 3, set owner_table_permit = 15 where table_name = 'dm_replica_delete_info'"
cid = dmAPIGet("query,c," & qry)
If cid <> "" Then
status = dmAPIExec("close,c," & cid)
Else
print "Problem creating dm_replica_delete_info..."
DoSetup = 0
Exit Function
End If
End If
print "Source setup phase completed successfully"
' If the server version is only 3.1.5, we only set up the source-side
' information.
If source_only = 1 Then
DoSetup = 1
Exit Function
End If
ownername$ = dmAPIGet("get,c,sessionconfig,r_user_name")
ownerid$ = dmAPIGet("retrieve,c,dm_user where user_name = '" & ownername$ & "'")
dfolder$ = dmAPIGet("get,c," & ownerid$ & ",default_folder")
' Create the Workspace Customizations folder if necessary
'
wc_folder = dmAPIGet("id,c,dm_folder where folder('" & dfolder$ & "') and object_name = 'Workspace Customizations'")
print "wc folder = " & wc_folder$
If wc_folder = "" Then
wc_folder = dmAPIGet("create,c,dm_folder")
status = dmAPISet("set,c,l,object_name", "Workspace Customizations")
status = dmAPISet("set,c,l,owner_name", ownername$)
status = dmAPIExec("link,c,l," & dfolder$)
status = dmAPIExec("save,c,l")
End If
' Create the Startup Items folder if necessary
'
si_folder = dmAPIGet("id,c,dm_folder where folder('" & dfolder$ & _
"/Workspace Customizations') and object_name = 'Startup Items'")
If si_folder = "" Then
mmsg$ = dmAPIGet("getmessage,c") ' flush msg
si_folder = dmAPIGet("create,c,dm_folder")
status = dmAPISet("set,c,l,object_name", "Startup Items")
status = dmAPISet("set,c,l,owner_name", ownername$)
status = dmAPIExec("link,c,l," & wc_folder)
status = dmAPIExec("save,c,l")
If status = 0 Then
Print "Failed to create Startup Items folder"
mmsg$ = dmAPIGet("getmessage,current")
Print mmsg$
DoSetup = 0
Exit Function
End If
End If
id = dmAPIGet("id,c,dm_script where object_name = 'repl_job.dsc'")
If id <> "" Then
status = dmAPIExec("destroy,c," + id)
End If
id = dmAPIGet("id,c,dm_document where object_name = 'replicate.vrf'")
If id <> "" Then
status = dmAPIExec("destroy,c," + id)
End If
id = dmAPIGet("id,c,dm_procedure where object_name = 'repl_job.ebs'")
If id <> "" Then
status = dmAPIExec("destroy,c," + id)
End If
rebind_files = "F"
print "Checking for existence of replicate_folder method"
rf_id = dmAPIGet("retrieve,c,dm_method where object_name = 'replicate_folder'")
If rf_id = "" Then
print "Creating replicate_folder method"
rf_id = dmAPIGet("create,c,dm_method")
status = dmAPISet("set,c,l,object_name","replicate_folder")
If is_NT <> 0 Then ' source is NT
method_verb = ".\dmbasic.exe -f.\replicate_folder.ebs -eReplicateMain"
Else
method_verb = "./dmbasic -f./replicate_folder.ebs -eReplicateMain"
End If
status = dmAPISet("set,c,l,method_verb",method_verb)
status = dmAPISet("set,c,l,method_type","dmbasic")
'status = dmAPISet("set,c,l,use_method_content","T")
status = dmAPISet("set,c,l,run_as_server","T")
status = dmAPISet("set,c,l,trace_launch","F")
status = dmAPISet("set,c,l,launch_direct","T")
status = dmAPISet("set,c,l,launch_async","T")
status = dmAPISet("set,c,l,timeout_min","30")
status = dmAPISet("set,c,l,timeout_max","604800")
status = dmAPISet("set,c,l,timeout_default","86400")
status = dmAPISet("set,c,l,group_permit","1")
status = dmAPISet("set,c,l,world_permit","1")
status = dmAPISet("set,c,l,a_special_app",repl_version4_2)
status = dmAPISet("set,c,l,success_return_codes","0")
status = dmAPISet("set,c,l,success_status","Replicate Operation Complete.")
'status = dmAPIExec("setfile,c,l,replicate_folder.ebs,text")
status = dmAPIExec("save,c,l")
If status = 0 Then
print "Failed to create replicate_folder method"
print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
rebind_files = "T"
Else
ver_status = CheckCurrent()
If ver_status < 0 Then
status = dmAPISet("set,c,l,a_special_app",repl_version4_2)
status = dmAPISet("set,c,l,success_return_codes","0")
status = dmAPISet("set,c,l,success_status","Replicate Operation Complete.")
'status = dmAPIExec("setfile,c,l,replicate_folder.ebs,text")
status = dmAPIExec("save,c,l")
If status = 0 Then
Print "Failed to update replicate_folder method"
Print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
rebind_files = "T"
End If
End If
' The replicate_folder_master method is actually in replicate_folder.ebs
' and is invoked by using a different entry point.
'
print "Checking for existence of replicate_folder_master method"
id = dmAPIGet("retrieve,c,dm_method where object_name = 'replicate_folder_master'")
If id = "" Then
print "Creating replicate_folder_master method"
id = dmAPIGet("create,c,dm_method")
status = dmAPISet("set,c,l,object_name","replicate_folder_master")
If is_NT <> 0 Then 'tgt is NT
method_verb = ".\dmbasic.exe -f.\replicate_folder.ebs -eMasterMain"
Else
method_verb = "./dmbasic -f./replicate_folder.ebs -eMasterMain"
End If
status = dmAPISet("set,c,l,method_verb",method_verb)
status = dmAPISet("set,c,l,method_type","dmbasic")
'status = dmAPISet("set,c,l,use_method_content","T")
status = dmAPISet("set,c,l,launch_direct","T")
status = dmAPISet("set,c,l,run_as_server","T")
status = dmAPISet("set,c,l,trace_launch","F")
status = dmAPISet("set,c,l,timeout_min","30")
status = dmAPISet("set,c,l,timeout_max","604800")
status = dmAPISet("set,c,l,timeout_default","86400")
status = dmAPISet("set,c,l,group_permit","1")
status = dmAPISet("set,c,l,world_permit","1")
status = dmAPISet("set,c,l,a_special_app",repl_version4_2)
'status = dmAPIExec("bindfile,c,l,0," & rf_id & ",0")
status = dmAPIExec("save,c,l")
If status = 0 Then
print "Failed to create replicate_folder_master method"
print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
Else
ver_status = CheckCurrent()
If ver_status < 0 Or rebind_files = "T" Then
status = dmAPISet("set,c,l,a_special_app",repl_version4_2)
'status = dmAPIExec("bindfile,c,l,0," & rf_id & ",0")
status = dmAPIExec("save,c,l")
If status = 0 Then
Print "Failed to update replicate_folder_master method"
Print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
End If
End If
' The replicate_folder_target method is actually in replicate_folder.ebs
' and is invoked by using a different entry point.
'
print "Checking for existence of replicate_folder_target method"
id = dmAPIGet("retrieve,c,dm_method where object_name = 'replicate_folder_target'")
If id = "" Then
print "Creating replicate_folder_target method"
id = dmAPIGet("create,c,dm_method")
status = dmAPISet("set,c,l,object_name","replicate_folder_target")
If is_NT <> 0 Then 'tgt is NT
method_verb = ".\dmbasic.exe -f.\replicate_folder.ebs -eTargetMain"
Else
method_verb = "./dmbasic -f./replicate_folder.ebs -eTargetMain"
End If
status = dmAPISet("set,c,l,method_verb",method_verb)
status = dmAPISet("set,c,l,method_type","dmbasic")
'status = dmAPISet("set,c,l,use_method_content","T")
status = dmAPISet("set,c,l,launch_direct","T")
status = dmAPISet("set,c,l,run_as_server","T")
status = dmAPISet("set,c,l,trace_launch","F")
status = dmAPISet("set,c,l,timeout_min","30")
status = dmAPISet("set,c,l,timeout_max","604800")
status = dmAPISet("set,c,l,timeout_default","86400")
status = dmAPISet("set,c,l,group_permit","1")
status = dmAPISet("set,c,l,world_permit","1")
status = dmAPISet("set,c,l,a_special_app",repl_version4_2)
'status = dmAPIExec("bindfile,c,l,0," & rf_id & ",0")
status = dmAPIExec("save,c,l")
If status = 0 Then
print "Failed to create replicate_folder_target method"
print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
Else
ver_status = CheckCurrent()
If ver_status < 0 Or rebind_files = "T" Then
status = dmAPISet("set,c,l,a_special_app",repl_version4_2)
'status = dmAPIExec("bindfile,c,l,0," & rf_id & ",0")
status = dmAPIExec("save,c,l")
If status = 0 Then
Print "Failed to update replicate_folder_target method"
Print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
End If
End If
print "Reiniting the server for new methods..."
status = dmAPIExec("reinit,c")
If status = 0 Then
print "Failed to reinit server"
print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
print "Checking for existence of default acl"
id = dmAPIGet("id,c,dm_acl where object_name = 'replica_acl_default'")
If id = "" Then
print "Creating default acl for replication"
id = dmAPIGet("create,c,dm_acl")
status = dmAPISet("set,c,l,owner_name", "dm_dbo")
status = dmAPISet("set,c,l,object_name","replica_acl_default")
status = dmAPIExec("grant,c,l,dm_world,5")
status = dmAPIExec("grant,c,l,dm_group,5")
status = dmAPIExec("grant,c,l,dm_owner,7")
status = dmAPIExec("save,c,l")
If status = 0 Then
print "Failed to create default acl"
print dmAPIGet("getmessage,c")
DoSetup = 0
Exit Function
End If
End If
print "Checking for existence of config location"
configpath = GetLocation("s0", "config")
If configpath = "" Then
print "Creating config location (for password file)"
locname = dmAPIGet("get,sO,serverconfig,log_location")
If locname = "" Then
print "Fail to get temp_location"
print dmAPIGet("getmessage,s0")
DoSetup = 0
Exit Function
End If
configpath = GetLocation("s0", locname)
icount = ItemCount(configpath,pathsep)
result = Item$(configpath, 1, icount - 1, pathsep)
configpath = result & pathsep & "config"
status = create_loc("s0", "config", configpath, "skip_this")
If status = 0 Then
DoSetup = 0
Exit Function
End If
End If
print "Checking for existence of default replica filestore"
replicatepath = GetLocation("s0", "replica_storage_01")
If replicatepath = "" Then
print "Creating default location, filestore, and index objs for replica content"
locname = Get_Storage_01()
replicatepath = GetLocation("s0", locname)
print "Target $DOCUMENTUM" & pathsep & "data" & pathsep & "<" & locname & ">: " & replicatepath
icount = ItemCount(replicatepath,pathsep)
result = Item$(replicatepath, 1, icount - 1, pathsep)
replicatepath = result & pathsep & "replica_content_storage_01"
status = create_loc("s0", "replica_storage_01", replicatepath, "replica_filestore_01")
If status = 0 Then
print "Failed to create dumpfile location/filestore"
DoSetup = 0
Exit Function
End If
End If
print "checking for existence of dm_replica_delete table"
id = dmAPIGet("id,c,dm_registered where table_name = 'dm_replica_delete'")
mmsg$ = dmAPIGet("getmessage,c")
If id = "" Then
status = dmAPIExec("execsql,c,DROP TABLE dm_replica_delete")
print "creating dm_replica_delete table"
qry = "execsql,c,CREATE TABLE dm_replica_delete (object_id CHAR(16),ref_object_id CHAR(16),job_id CHAR(16),order_no int not null)"
If (dbms$ = "Sybase") Then
qry = qry + " lock datarows"
End If
if (dbms = "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_delete", "c")
End If
status = dmAPIExec(qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
qry = "CREATE INDEX dm_replica_del_ind ON dm_replica_delete (job_id,order_no)"
if (dbms <> "DB2") Then
qry = qry & GenerateIndexStorageSQL("dm_replica_delete", "c")
End If
status = dmAPIExec("execsql,c," & qry)
if (status = 0) Then
Print qry & " failed to run."
mmsg$ = dmAPIGet("getmessage,c")
Print mmsg$
DoSetup = 0
Exit Function
End If
dum$ = dmAPIGet("query,c,REGISTER TABLE dm_dbo.dm_replica_delete (object_id CHAR(16),ref_object_id CHAR(16),job_id CHAR(16),order_no integer)")
status = dmAPIExec("close,c,q0")
dum$ = dmAPIGet("query,c,UPDATE dm_registered OBJECT set group_permit = 3, set world_permit = 3, SET owner_table_permit = 15 WHERE table_name = 'dm_replica_delete'")
status = dmAPIExec("close,c,q0")
If status = 0 Then
print "Failed to create dm_replica_delete registered table"
DoSetup = 0
Exit Function
End If
End If
print "checking for existence of lookup_holder table"
id$ = dmAPIGet("id,c,dm_registered where table_name = 'lookup_holder'")
If id$ = "" Then
status = dmAPIExec("execsql,c,DROP TABLE lookup_holder")
print "creating lookup_holder table"
qry = "execsql,c,CREATE TABLE lookup_holder (name_list " & charstr$ & "(255))"
If (dbms$ = "Sybase") Then
qry = qry + " lock datarows"
End If
status = dmAPIExec(qry)
dum$ = dmAPIGet("query,c,REGISTER TABLE dm_dbo.lookup_holder (name_list CHAR(255))")
status = dmAPIExec("close,c,q0")
dum$ = dmAPIGet("query,c,UPDATE dm_registered OBJECT set group_permit = 3, set world_permit = 3, SET owner_table_permit = 15 WHERE table_name = 'lookup_holder'")
status = dmAPIExec("close,c,q0")
If status = 0 Then
print "Failed to create lookup_holder registered table"
DoSetup = 0
Exit Function
End If
End If
print "Replica setup phase complete"
DoSetup = 1
End Function
Function ItExists (job_docbase as string, cnt_docbase as string) As Integer
Dim documentum As String
Dim fullpath As String
Dim pathsep As String
Dim passwd As String
Dim fnum As Integer
pathsep = Basic.PathSeparator$
documentum = Environ$("DOCUMENTUM")
If documentum <> "" Then
fullpath = documentum & pathsep & "dba" & pathsep
fullpath = fullpath & "config" & pathsep & job_docbase
fullpath = fullpath & pathsep & cnt_docbase & ".cnt"
' Print fullpath
ret% = FileExists(fullpath)
' Print format$(ret%)
If ret% < 0 Then
' file exists--function returns -1
' Print "file exists"
' print "Connecting to " & job_docbase
username$ = GetUser()
session$ = dmAPIGet("connect," & job_docbase & "," & username$ & ",")
If session$ = "" Then
result$ = dmAPIGet("getmessage,current")
' print "Cannot connect to docbase: " + result$
ItExists = 0
Exit Function
End If
fnum = FreeFile
Open fullpath For Input Access Read Lock Write As #fnum
Line Input fnum, passwd
Close #fnum
ret% = dmAPIExec("execsql,c,DELETE FROM lookup_holder")
ret% = dmAPIExec("execsql,c,INSERT INTO lookup_holder (name_list) VALUES('" & passwd & "')")
ItExists = 1
Else
' Print "file doesn't exist--function returns 0"
ItExists = 0
End If
Else ' something is wrong
print "Warning: The environment variable DOCUMENTUM is NULL"
ItExists = 0
End If
End Function
Function my_mkdir (filepath as string) As Integer
Dim pathsep As String
On Error Resume Next
pathsep = Basic.PathSeparator$
Err = 0 ' reset error code; a basic bug
MkDir filepath
errcode% = Err
If errcode% <> 0 Then
Select Case errcode%
Case 58 ' file already exist; leave it
' print filepath + " already exists"
my_mkdir = 1
Case 55 ' file already open; this really means permission error
' print "mkdir failed on " + filepath + " due to permission error."
my_mkdir = 0
Case Else
' print "mkdir failed on " + filepath + ": " + Error(errcode%)
my_mkdir = 0
End Select
Else
If Basic.OS = ebWin32 Then
ret% = ShellSync("." & pathsep & "dmutil chmod 700 " & filepath)
Else
ret% = ShellSync("chmod 700 " & filepath)
End If
If ret% = 0 Then
' print "mkdir/chmod 700 " + filepath + " succeeded"
my_mkdir = 1
Else
' print "mkdir/chmod failed on " + filepath
my_mkdir = 0
End If
End If
End Function
Function rewriteFedFile(filepath as string, _
memDocbase, _
passwd)
Dim fnum1 as integer, fnum2 as integer
Dim ps as string
On Error Resume Next
ps = Basic.PathSeparator$
Kill filepath & ".old"
Name filepath As filepath & ".old"
fnum2 = FreeFile
Open filepath For Output Access Write Lock Write As #fnum2
Close #fnum2
If Basic.OS = ebWin32 Then
ret% = ShellSync("." & ps & "dmutil chmod 700 " & filepath)
Else
ret% = ShellSync("chmod 700 " & filepath)
End If
If ret% = 0 Then
fnum1 = FreeFile
Open filepath & ".old" For Input As #fnum1
fnum2 = FreeFile
Open filepath For Output Access Write Lock Write As #fnum2
Do While Not EOF(fnum1)
Input #fnum1, inputString$
If Item$(inputString$, 1, 1, ":") = memDocbase Then
Print #fnum2, memDocbase & ":" & passwd
Else
Print #fnum2, inputString$
End If
Loop
Close #fnum1
Close #fnum2
'Print "rewriteFedFile succeeded"
rewriteFedFile = 1
Else
'Print "rewriteFedFile failed on "; filepath; " for "; memDocbase
rewriteFedFile = 0
End If
End Function
Function my_mkfile (passwd as string, filepath as string) As Integer
Dim pathsep As String
Dim fnum As Integer
Dim thisDocbaseName As String
Dim newPass As String
Dim numberOfSubDirs As Integer
Dim theUser As String
Dim thePass As String
Dim theDomain As String
Dim newLine As String
On Error Resume Next
Kill filepath & ".old"
Name filepath As filepath & ".old"
pathsep = Basic.PathSeparator$
fnum = FreeFile
Open filepath For Output Access Write Lock Write As #fnum
Close #fnum
If Basic.OS = ebWin32 Then
ret% = ShellSync("." & pathsep & "dmutil chmod 700 " & filepath)
Else
ret% = ShellSync("chmod 700 " & filepath)
End If
'
' Get the docbase name from the path
'
numberOfSubDirs = (ItemCount(filepath, pathsep)) - 1
thisDocbaseName = Item$(filepath$, numberOfSubDirs,numberOfSubDirs, pathsep)
newPass = passwd
If ret% = 0 Then
'
' Initialize crypto db
'
status = dmAPIExec("initcrypto,apisession")
If status = 0 Then
Print "Failed to initialize keystore"
Exit Function
End If
' If the password is for federation
If InStr(passwd, ":") > 0 Then
'
' passwd passed in is of the form
' user:password:domain
'
' Get actual password from 'passwd' variable, and check
' if it is encrypted. If not encrypt it
'
theUser = Item$(passwd$, 1,1,":")
thePass = Item$(passwd$, 2,2,":")
theDomain = Item$(passwd$, 3,3,":")
'
' If password is not encrypted, encrypt it
'
If InStr(thePass, "DM_ENCR_PASS=") <= 0 Then
newPass = dmAPIGet("encryptpass,apisession," & thePass)
If "" = newPass Then
Print "Password could not be encrypted"
Exit Function
End If
'
' generate the new line with encrypted password
'
newLine = theUser + ":" + newPass + ":" + theDomain
Else
newPass = thePass
newLine = passwd
End If
' compute docbase name from filepath variable
numParts% = ItemCount(filepath, pathsep)
memDocbase$ = Item$(filepath, numParts%, numParts%, pathsep)
actualLen% = Len(memDocbase$) - 4 ' subtract off .cnt
memDocbase$ = Left$(memDocbase$, actualLen%)
' use left part of filepath to get federation.cnt path
docbaseStart% = InStr(filepath, memDocbase$)
fedFilepath$ = Left$(filepath, docbaseStart% - 1) & "federation.cnt"
If FileExists(fedFilepath$) Then
' call routine to update federation.cnt
ret% = rewriteFedFile(fedFilepath$, memDocbase$, newLine)
End If
Else
' Fix for Bug 66285 - Encrypt the replication password
' Check whether password is already encrypted. Federation
' creation sends over encrypted password.
If InStr(passwd, "DM_ENCR_PASS=") <= 0 Then
newPass = dmAPIGet("encryptpass,apisession," & passwd)
If "" = newPass Then
Print "Password could not be encrypted"
Exit Function
End If
End If
End If
' Now we write the password to <remotedocbase>.cnt file
fnum = FreeFile
Open filepath For Output Access Write Lock Write As #fnum
Print #fnum, newPass
Close #fnum
' Print "mkfile " + filepath + " succeeded"
my_mkfile = 1
Else
' print "mkfile failed on " + filepath
my_mkfile = 0
End If
End Function
'
' Encrypt a password using encryptttext API and then
' write the encrypted password to the file
'
Function my_mkfile_encrypt_text(passwd as string, filepath as string) As Integer
Dim pathsep As String
Dim fnum As Integer
Dim newPass As String
On Error Resume Next
'
' Preserve an old copy of the file
'
Kill filepath & ".old"
Name filepath As filepath & ".old"
pathsep = Basic.PathSeparator$
fnum = FreeFile
Open filepath For Output Access Write Lock Write As #fnum
Close #fnum
If Basic.OS = ebWin32 Then
ret% = ShellSync("." & pathsep & "dmutil chmod 700 " & filepath)
Else
ret% = ShellSync("chmod 700 " & filepath)
End If
newPass = passwd
If ret% = 0 Then
'
' Initialize AEK
'
status = dmAPIExec("initcrypto,apisession")
If status = 0 Then
Print "Failed to initialize keystore"
Exit Function
End If
'
' If password is not encrypted, encrypt it
'
If InStr(passwd, "DM_ENCR_TEXT=") <= 0 Then
newPass = dmAPIGet("encrypttext,apisession," & passwd)
If "" = newPass Then
Print "Password could not be encrypted"
Exit Function
End If
End If
' Now we write the password to <remotedocbase>.cnt file
fnum = FreeFile
Open filepath For Output Access Write Lock Write As #fnum
Print #fnum, newPass
Close #fnum
' Print "mkfile (LDAP) " + filepath + " succeeded"
my_mkfile_encrypt_text = 1
Else
' print "mkfile (LDAP) failed on " + filepath
my_mkfile_encrypt_text = 0
End If
End Function
Function create_loc(the_session As String,lname As String,fullpath As String,fname As String) As Integer
Dim status As Integer
ret% = my_mkdir(fullpath)
If ret% = 0 Then
create_loc = 0
Exit Function
End If
id = dmAPIGet("id," & the_session & ",dm_location where object_name = '" & lname & "'")
If id = "" Then
print "Creating Location " & lname
id = dmAPIGet("create," & the_session & ",dm_location")
status = dmAPISet("set," & the_session & ",l,object_name", lname)
status = dmAPISet("set," & the_session & ",l,path_type","directory")
status = dmAPISet("set," & the_session & ",l,file_system_path", fullpath)
If dmAPIExec("save," & the_session & ",l") = 0 Then
print "Failed to create dm_location " & lname
print dmAPIGet("getmessage," + the_session)
create_loc = 0
Exit Function
End If
End If
If fname <> "skip_this" Then
print "Creating Filestore " & fname
id = dmAPIGet("id," & the_session & ",dm_filestore where name = '" & fname & "'")
If id = "" Then
id = dmAPIGet("create," & the_session & ",dm_filestore")
status = dmAPISet("set," & the_session & ",l,name", fname)
status = dmAPISet("set," & the_session & ",l,root", lname)
If dmAPIExec("save," & the_session & ",l") = 0 Then
print "Failed to create dm_filestore " & fname
print dmAPIGet("getmessage," + the_session)
create_loc = 0
Exit Function
End If
End If
End If
create_loc = 1
End Function
Function dm_mkdir(the_session As String,fullpath As String) As Integer
ret% = setup_methods(the_session, "mkdir", fullpath, "")
If ret% = 0 Then
dm_mkdir = 0
Else
dm_mkdir = 1
End If
End Function
Function setup_methods(the_session As String, TheFunction As String, arg1 As String, arg2 As String) As Integer
If arg2 = "" Then
arg2 = "dummy"
End If
coll$ = dmAPIGet("apply," & the_session & ",NULL,DO_METHOD,METHOD,S,replicate_setup_methods,ARGUMENTS,S," & TheFunction & " " & arg1 & " " & arg2)
ret% = dmAPIExec("next," & the_session & "," & coll$)
retval$ = dmAPIGet("get," & the_session & "," & coll$ & ",method_return_val")
If retval$ = "" Then
retval$ = "0"
Else
ret% = dmAPIExec("close," & the_session & "," & coll$)
End If
setup_methods = CInt(retval$)
End Function
Function GetMount(sess As String,_
mount_point_name As String) As String
Dim mount_id As String
print "Entering GetMount function..."
GetMount = ""
print "Location has a mount point..."
cmd = "id," + sess + "," + "dm_mount_point where object_name=" +_
"'" + mount_point_name + "'"
print "GET: " + cmd
mount_id = dmAPIGet(cmd)
If mount_id = "" Then
print "Unable to retrieve mount point id for dump location"
Exit Function
End If
' Get the file system path for the mount point...
cmd = "get," + sess + "," + mount_id + ",file_system_path"
print "GET: " + cmd
mount_path = dmAPIGet(cmd)
GetMount = mount_path
If mount_path = "" Then
print "Unable to get mount point path for dump location."
Exit Function
End If
print "Exiting GetMount function..."
End Function
Function GetLocation(sess As String,location As String) As String
Dim location_id As String
Dim mount_point_name As String
Dim mount_path As String
print "Entering GetLocation function..."
print "Determining location for " + location + " location objects..."
GetLocation = ""
cmd = "id," + sess + "," + "dm_location where object_name=" +_
"'" + location + "'"
print "GET: " + cmd
location_id = dmAPIGet(cmd)
If location_id = "" Then
print "Unable to retrieve location object..."
Exit Function
End If
' Check to see if the location object has a mount point
cmd = "get," + sess + "," + location_id + ",mount_point_name"
print "GET: " + cmd
mount_point_name = dmAPIGet(cmd)
If mount_point_name <> "" Then
mount_path = GetMount(sess,mount_point_name)
If mount_path = "" Then
print "Unable to determine mount point path"
Exit Function
End If
End If
' Get the file system path of the location object
cmd = "get," + sess + "," + location_id + ",file_system_path"
print "GET: " + cmd
location_path = dmAPIGet(cmd)
If location_path = "" Then
print "Unable to retrieve location object file system path..."
Else
If mount_point_name = "" Then
GetLocation = location_path
Else
GetLocation = mount_path + Basic.PathSeparator$ + location_path
End If
End If
print "Exiting GetLocation function..."
End Function
/*
---------------------------------------------------------------------------
Name: VersionCmp
Purpose: The server_version is denoted by <major>.<minor>.<subscript>
version1 is later (more update-to-date) than version2
if version1 is lexical-graphically greater than version2.
Parameters: ver1
ver2
Return Value: 0 equal
1 ver1 is greater than ver2
-1 ver2 is greater than ver1
---------------------------------------------------------------------------
*/
Function VersionCmp(ver1 As String, ver2 As String) As Integer
On Error Resume Next
ver1_major% = Val(Item$(ver1,1,1,"."))
ver1_minor% = Val(Item$(ver1,2,2,"."))
ver1_sub% = Val(Item$(ver1,3,3,"."))
ver2_major% = Val(Item$(ver2,1,1,"."))
ver2_minor% = Val(Item$(ver2,2,2,"."))
ver2_sub% = Val(Item$(ver2,3,3,"."))
If ver1_major% > ver2_major% Then
retval% = 1
ElseIf ver1_major% < ver2_major% Then
retval% = -1
ElseIf ver1_minor% > ver2_minor% Then
retval% = 1
ElseIf ver1_minor% < ver2_minor% Then
retval% = -1
ElseIf ver1_sub% > ver2_sub% Then
retval% = 1
ElseIf ver1_sub% < ver2_sub% Then
retval% = -1
Else
retval% = 0
End If
VersionCmp = retval%
End Function
/*
---------------------------------------------------------------------------
Name: CheckCurrent
Purpose: This function checks the a_special_app attribute of the
current object against the repl_version4_2 version and
returns a status value.
Parameters: None
Return Value: 0 Object was created by this version of the script.
1 Object is newer than this script.
-1 Object is older than this script.
---------------------------------------------------------------------------
*/
Function CheckCurrent() As Integer
Dim obj_version As String
obj_version = dmAPIGet("get,c,l,a_special_app")
If obj_version = "" Then
obj_version = "1.0"
End If
CheckCurrent = VersionCmp(obj_version, repl_version4_2)
End Function
Function Get_Storage_01() As String
Dim result As String
Dim locname
result = dmAPIGet("retrieve,s0,dmi_type_info where r_type_name = " + _
"'dm_sysobject'")
If result = "" Then
print "Failed to retrieve dmi_type_info object with name = 'dm_sysobject'"
print dmAPIGet("getmessage,s0")
Get_Storage_01 = ""
Exit Function
End If
result = dmAPIGet("get,sO,l,default_storage")
If result = "" Then
print "Fail to get default storage of the dm_sysobject type"
print dmAPIGet("getmessage,s0")
Get_Storage_01 = ""
Exit Function
End If
' Get the store object, depending on the store type
result = Get_Near_Store(result)
If result = "" Then
print "Fail to get near store for default store"
print dmAPIGet("getmessage,s0")
Get_Storage_01 = ""
Exit Function
End If
locname = dmAPIGet("get,c," + result + ",root")
If locname = "" Then
print "Fail to get root (location) of the storage object"
print dmAPIGet("getmessage,s0")
Get_Storage_01 = ""
Exit Function
End If
Get_Storage_01 = locname
End Function
/*
---------------------------------------------------------------------------
Name: Get_Near_Store
Purpose: This function gets the component storage which is near
to the server when the default storage is a distributed
store
Parameters: obj Object id of the storage object
Return Value: id Of the component object which is near to server
---------------------------------------------------------------------------
*/
Function Get_Near_Store(obj As String) As String
Dim stortyp As String
Dim nam As String
Dim i As Integer
Dim nvs As Integer
Get_Near_Store = obj
print "Get the store type of the default storage"
stortyp = dmAPIGet("get,c," + obj + ",store_type")
If stortyp = "" Then
print "Fail to get type of storage"
print dmAPIGet("getmessage,s0")
Get_Near_Store = ""
Exit Function
End If
' Don't need to proceed if we find its filestore object
If stortyp = "1" Then Exit Function
' If the store is a distributed store then get the components
' and check which component store is near to the server
Get_Near_Store = ""
print "Get nearest component of the distributed store " & obj & " to the server"
If stortyp = "4" Then
nvs% = dmAPIGet("get,c," & obj & ",r_component_count")
If nvs = 0 Then
print "Fail to get component count for the distributed store"
print dmAPIGet("getmessage,s0")
Get_Near_Store = ""
Exit Function
End If
print "Distributed store " & obj & " has " & nvs & " components"
' Search for the near component in the distributed store
For i% = 0 To (nvs - 1)
nam = dmAPIGet("get,c," & obj & ",component[" & i & "]")
' If not found in far_stores then that is the component store near
' to the server
If dmAPIGet("locate,c,serverconfig,far_stores," + nam) = "-1" Then
Get_Near_Store = dmAPIGet("get,c," & obj & ",r_component[" & i & "]")
Exit Function
End If
Next i
print "Distributed Store has not been configured properly"
Else
' If the store is not a filestore or distributed store
' generate an error
print "Default storage for replication should be of type filestore " &_
"or distributed"
Get_Near_Store = ""
Exit Function
End If
End Function
Sub updateserver(sess As String, ldapId As String)
Dim cmd As String
Dim collection As String
Dim qry As String
Dim res As String
Dim retcode As Integer
Dim serverId As String
qry = "select r_object_id from dm_server_config"
print "Update server config, query: " & qry
cmd = "query," + sess + "," + qry
collection = dmAPIGet(cmd)
If collection <> "" Then
cmd = "next," + sess + "," + collection
While dmAPIExec(cmd)
serverId = dmAPIGet("get," + sess + "," + collection + ",r_object_id")
print "Update server config: " & serverId
res = dmAPISet("set," + sess + "," + serverId + ",ldap_config_id", ldapId)
res = dmAPIExec("save," + sess + "," + serverId)
Wend
End If
print "End update server config"
End Sub
Function setup_cert(the_session As String, objectId As String, locationPath As String, repositoryName As String, userName As String) As Integer
coll$ = dmAPIGet("apply," & the_session & ",NULL,DO_METHOD,METHOD,S,dm_LDAPCertDbAutomation,ARGUMENTS,S,-operation_id import -launch_type auto -object_id " & objectId & " -user_name " & userName & " -repository_name " & repositoryName & " -database_path " & locationPath & " -user_domain,LAUNCH_DIRECT,B,T,SAVE_RESULTS,B,T,RUN_AS_SERVER,B,T,TRACE_LAUNCH,B,T")
ret% = dmAPIExec("next," & the_session & "," & coll$)
retval$ = dmAPIGet("get," & the_session & "," & coll$ & ",method_return_val")
If retval$ = "" Then
retval$ = "0"
Else
ret% = dmAPIExec("close," & the_session & "," & coll$)
End If
setup_cert = CInt(retval$)
End Function
Sub initldap(docbase as String, ldpaname As String, password As String)
Dim id As String
Dim certId As String
Dim configpath As String
Dim fullpath As String
Dim pathsep As String
Dim query As String
Dim result As String
Dim retcode As Integer
Dim session As String
Dim username As String
pathsep = Basic.PathSeparator$
print "Connecting to " & docbase
username = GetUser()
session = dmAPIGet("connect," & docbase & "," & username & ",")
retcode = 0
If session = "" Then
result = dmAPIGet("getmessage,current")
print "Cannot connect to docbase: " + result
Else
' Inject certificat
' Get the certificat location.
configpath = GetLocation("s0", "ldapcertdb_loc")
' Get the object on which the certificat content is attached.
certId = dmAPIGet("id," & session & ",dm_document where object_name = 'LDAP CERTIFICAT' and folder('/System/LDAPConfig')")
if certId <> "" Then
retcode = setup_cert("s0", certId, configpath, docbase, username)
print "Cert injection result " & CStr(retcode)
End If
' Build the LDAP password.
configpath = GetLocation("s0", "config")
If configpath = "" Then
print "Fail to get config location"
Else
id = dmAPIGet("id," & session & ",dm_ldap_config where object_name = '" & ldpaname & "'")
if id <> "" Then
fullpath = configpath & pathsep & docbase & pathsep & "ldap_" & id & ".cnt"
retcode = my_mkfile_encrypt_text(password, fullpath)
updateserver session, id
End If
End If
ret% = dmAPIExec("disconnect,s0")
End If
dmexit retcode
End Sub
Cette méthode serveur permet de générer un fichier ldap_<OBJECT_ID>.cnt
contenant le mot de passe crypté du compte d'accès à l'annuaire, <OBJECT_ID>
étant l'identifiant de l'objet dm_ldap_config
. Et le contenu du certificat, préalablement injecté en base, va être référencé dans le filesystem d'administration.
Il ne reste plus qu'à créer cette méthode server, sosu le nom amexio_ldap_init
. Le code sera injecté sur celle-ci et l'exécution s'effectue en utilisant le fichier associé, grâce à l'attribut use_method_content
.
create,c,dm_method set,c,l,object_name amexio_ldap_init set,c,l,method_verb ./dmbasic -einitldap set,c,l,timeout_min 30 set,c,l,timeout_max 604800 set,c,l,timeout_default 86400 set,c,l,launch_direct T set,c,l,launch_async F set,c,l,trace_launch F set,c,l,run_as_server T set,c,l,use_method_content T set,c,l,method_type dmbasic set,c,l,use_method_server F set,c,l,a_content_type text setfile,c,l,/tmp/ldap_init_methods.ebs save,c,l
A noter le fichier /tmp/ldap_init_methods.ebs
est l'emplacement du code Docbasic. Il ne reste plus qu'à exécuter la méthode, encore une fois en script API.
apply,c,NULL,DO_METHOD,METHOD,S,amexio_ldap_init,ARGUMENTS,S,<DOCBASE> "<LDAP CONFIG NAME>" <LDAP PASSWORD> close,c,q0
Où il faut remplacer:
- <DOCBASE> par le nom de la docbase
- <LDAP CONFIG NAME> nom de l'objet dm_ldap_config, pour cet exemple
My LDAP Config
- <LDAP PASSWORD> mot de passe du compte d'accès au serveur LDAP.
Dans cet exemple, il existe un bug dans le cas où le nom de l'objet dm_ldap_config
contient le caractère '
. En effet, cette valeur n'est pas échappée lors de la recherche de l'objet.