documentation:1.1:sqlconfbackend

SQL configuration backends

There is 3 types of SQL configuration backends for LemonLDAP::NG :

  • CDBI : very simple storage
  • RDBI : triple store storage
  • DBI which has been deprecated: it is a read-only backend that exists just for compatibility with older versions of LemonLDAP::NG. See how to change configuration backend.

To use a SQL backend, configure your lemonldap-ng.ini file (section configuration) :

  • Choose DBI type (RDBI, CDBI or DBI)
  • Configure the connection string (see DBI manual page)
  • Configure user and password
  • If your table is not named lmConfig, set it's name in dbiTable parameter.

Example for MySQL :

[configuration]
type = RDBI
dbiChain    = DBI:mysql:database=lemonldap-ng;host=1.2.3.4
dbiUser     = lemonldap
dbiPassword = password
; optional
dbiTable    = mytablename

RDBI

CREATE TABLE lmConfig (
    cfgNum int(11) NOT NULL,
    field varchar(255) NOT NULL DEFAULT '',
    value longblob,
    PRIMARY KEY (cfgNum,field)
    );

CDBI

CREATE TABLE lmConfig (
    cfgNum int not null primary key,
    data longblob
);

You have to grant read/write access for the manager component. Other components needs just a read access. You can also use the same user for all.

You can use different dbiUser strings :
  • one with read/write rights for servers hosting the manager
  • one with just read rights for other servers

MySQL example (suppose that our servers are in 10.0.0.0/24 network):

GRANT SELECT,INSERT,UPDATE,LOCK TABLES ON lmConfig.*
  TO lemonldap-ng@manager.host IDENTIFIED BY 'mypassword';
GRANT SELECT ON lmConfig.*
  TO lemonldap-ng-USER@'10.0.0.%' IDENTIFIED BY 'myotherpassword';