LDIF Configuration - file /etc/dirsrv/slapd-*/dse.ldif
¶
-
class
insights.parsers.ldif_config.
LDIFParser
(context)[source]¶ Bases:
insights.core.Parser
,list
Parse the content of the directory server configuration of the
/etc/dirsrv/slapd-*/dse.ldif
file.The file dse.ldif is in the LDIF format. LDIF contains multi-row records where each record is identified by a
dn:
line (“dn” as in “distinguished name”) and the record’s other lines are attributes. The value may be specified as UTF-8 text or as base64 encoded data, or a URI may be provided to the location of the attribute value.Note
- This parser unwraps the multiple ‘aci:’ lines to a single line.
- This parser only keeps the last value of a multiple keys and discrads the others before it.
Sample output:
dn: aci: (targetattr != "aci")(version 3.0; aci "rootdse anon read access"; allow( read,search,compare) userdn="ldap:///anyone";) aci: (target = "ldap:///cn=automember rebuild membership,cn=tasks,cn=config")( ,cn=permissions,cn=pbac,dc=idm";) createTimestamp: 20201026161200Z creatorsName: cn=server,cn=plugins,cn=config modifiersName: cn=Directory Manager modifyTimestamp: 20210608144722Z nsslapd-return-default-opattr: namingContexts nsslapd-return-default-opattr: supportedControl nsslapd-return-default-opattr: supportedExtension nsslapd-return-default-opattr: supportedLDAPVersion nsslapd-return-default-opattr: supportedSASLMechanisms nsslapd-return-default-opattr: vendorName nsslapd-return-default-opattr: vendorVersion objectClass: top dn: cn=changelog5,cn=config cn: changelog5 createTimestamp: 20201026161228Z creatorsName: cn=Directory Manager modifiersName: cn=Directory Manager modifyTimestamp: 20201026161228Z nsslapd-changelogdir: /var/lib/dirsrv/slapd-IDM-NYPD-FINEST/cldb nsslapd-changelogmaxage: 7d objectClass: top objectClass: extensibleobject
Returns: A list of dictionaries for each ‘dn’ attribute block of the ldif configuration. Return type: list Examples
>>> ldif_config[0]['dn'] '' >>> ldif_config[0]['aci'] # the 2 aci are connected into one '(targetattr != "aci")(version 3.0; aci "rootdse anon read access"; allow(read,search,compare) userdn="ldap:///anyone";)(target = "ldap:///cn=automember rebuild membership,cn=tasks,cn=config")(,cn=permissions,cn=pbac,dc=idm";)' >>> ldif_config[0]['nsslapd-return-default-opattr'] # only keep the last 'vendorVersion' >>> ldif_config[1]['dn'] 'cn=changelog5,cn=config' >>> ldif_config[1]['modifiersName'] 'cn=Directory Manager' >>> ldif_config[1]['modifyTimestamp'] '20201026161228Z'
-
search
(**kwargs)[source]¶ Get the list for the ‘dn’ attribute block by searching the ldif configuration. This uses the
insights.parsers.keyword_search()
function for searching, see its documentation for usage details. If no search parameters are given or does match the search, then nothing will be returned.Returns: A list of dictionaries for each ‘dn’ attribute block of the ldif configuration that match the given search criteria. Return type: list Examples
>>> ldif_config.search(dn__contains='cn=config')[0] == ldif_config[1] True >>> ldif_config.search(dn='cn=sasl,cn=config') == [] True >>> ldif_config.search(cn='changelog5')[0] == ldif_config[1] True