(SIMP-9704) Split 389-DS and OpenLDAP docs (#432)

* (SIMP-9704) Split 389-DS and OpenLDAP docs

* Added glossary entries
* Updated LDAP references to point to the main landing page in the Users Guide
* Migrated all OpenLDAP material
* Added a placeholder for 389-DS material

SIMP-10187 #close

* linkcheck

* bash shell example had # in front which made it look like a comment.

* update some LDAP statements to include 389-ds info.

Co-authored-by: Jeanne Greulich <jeanne.greulich@onyxpoint.com>

Author: trevor-vaughan

docs/FAQ/10_Password_Complexity.rst

@@ -8,7 +8,11 @@ This is based off of an amalgam of various password policies and may vary based
 on individual policies that are set for your installation.
 
 The default complexity is enforced in both :term:`PAM` and :term:`LDAP`, which
-are managed by SIMP's :pupmod:`simp/pam` and :pupmod:`simp/simp_openldap` modules, respectively.
+are managed by SIMP's modules:
+
+  * :pupmod:`simp/pam` for pam
+  * :pupmod:`simp/simp_openldap` for :term:`OpenLDAP` servers
+  * :pupmod:`simp/simp_ds389` for :term:`389-DS` servers
 
 .. WARNING::
 

docs/HOWTO/00_Accounts_and_Access/Redundant_LDAP.rst

@@ -1,7 +1,9 @@
 HOWTO Enable Redundant LDAP
 ===========================
 
-This section describes how to set up consumer OpenLDAP servers in SIMP.
+This section describes how to set up consumer :term:`OpenLDAP` servers in SIMP.
+
+:term:`389-DS` instructions will be made available at a future date.
 
 .. NOTE::
 

docs/changelogs/6.5.0_Changelog.rst

@@ -9,7 +9,7 @@ prerequisite knowledge are:
 - :term:`Dynamic Host Configuration Protocol` (DHCP) - Internet Systems
   Consortium (ISC) DHCP
 
-- :term:`Lightweight Directory Access Protocol` (LDAP) - OpenLDAP
+- :term:`Lightweight Directory Access Protocol` (LDAP) - :term:`OpenLDAP` for EL7 or :term:`389-DS` for EL8
 
 -  RedHat :term:`Kickstart`, including all technologies involved:
    :term:`Trivial File Transfer Protocol` (TFTP), :term:`PXE`, PXELinux, etc.

docs/changelogs/latest.rst

@@ -123,8 +123,8 @@ def setup(app):
 
 # General information about the project.
 project = 'SIMP'
-copyright = str(datetime.datetime.now().year) + ', THE SIMP TEAM'
-author = 'THE SIMP TEAM'
+copyright = str(datetime.datetime.now().year) + ', The System Integrity Management Project'
+author = 'The System Integrity Management Project'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
@@ -245,7 +245,9 @@ def setup(app):
     # FIXME: Periodically retest with newer versions of `certifi`:
     #    See: https://github.com/certifi/python-certifi/releases
     #
-    r'^https?://wiki\.x2go\.org/?.*'
+    r'^https?://wiki\.x2go\.org/?.*',
+    # Broken cert
+    r'^https?://freeipa.org/?.*'
 ]
 
 # -- Options for HTML output ----------------------------------------------

docs/common/Level_of_Knowledge.rst

@@ -197,7 +197,7 @@ without testing but tests should be added if the changes will be released in
 the future.
 
 .. _Allow edits from maintainers: https://docs.github.com/en/github/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork
-.. _GitHub GUI to fork and clone: https://docs.github.com/en/github/getting-started-with-github/quickstart/fork-a-repo
+.. _GitHub GUI to fork and clone: https://docs.github.com/en/get-started/quickstart/fork-a-repo
 .. _GitHub Workflow: https://guides.github.com/introduction/flow/
 .. _JIRA Smart Commit Tags: https://support.atlassian.com/bitbucket-cloud/docs/use-smart-commits/
 .. _JIRA issues can be referenced: https://support.atlassian.com/bitbucket-cloud/docs/use-smart-commits/

docs/conf.py

@@ -10,6 +10,14 @@ Glossary of Terms
 .. glossary::
    :sorted:
 
+   389-DS
+   389 Directory Server
+      An enterprise-class :term:`FOSS` :term:`LDAP` server for Linux.
+
+      See: `389 Directory Server <https://directory.fedoraproject.org>`__
+      See Also: :term:`Red Hat Directory Server`
+      See Also: :term:`FreeIPA`
+
    ACL
    Access Control List
       A list of permissions attached to an object. An ACL specifies which users
@@ -317,6 +325,11 @@ Glossary of Terms
       domain and the root zone. An FQDN is distinguished by its unambiguity; it
       can only be interpreted one way.
 
+   FreeIPA
+      A :term:`FOSS` identity management solution.
+
+      See: `FreeIPA <https://freeipa.org/page/Main_Page>`__
+
    Git
       A version control system that supports branches.
 
@@ -585,6 +598,11 @@ Glossary of Terms
 
       Source: `OpenSCAP Features <https://www.open-scap.org/features/>`__
 
+   OpenLDAP
+      A :term:`FOSS` implementation of :term:`LDAP`.
+
+      See: `OpenLDAP <https://www.openldap.org>`__
+
    OPSEC
    Operations Security
       A process that identifies critical information to determine if friendly
@@ -778,6 +796,13 @@ Glossary of Terms
 
       See also :term:`RHEL`.
 
+   Red Hat Directory Server
+   RHDS
+     A commercially supported :term:`LDAP` offering from :term:`Red Hat` based
+     on :term:`389-DS`.
+
+     See: `Red Hat Directory Server <https://www.redhat.com/en/technologies/cloud-computing/directory-server>`__
+
    RHEL
    Red Hat Enterprise Linux
       A commercial Linux operating system produced by :term:`Red Hat®`, Inc.

docs/contributors_guide/Contribution_Procedure.rst

@@ -11,4 +11,4 @@ information on managing LDAP users, refer to the :ref:`User_Management`
 chapter.
 
 If you need to create local system accounts, you can use the ``user`` and
-``group`` Native Types.
+``group`` :term:`Puppet Resources`.

docs/glossary.rst

@@ -65,18 +65,11 @@ will need to reset ``faillock`` before authentication can occur.  To do so, run
 LDAP Lockout
 ------------
 
-If your account is in LDAP, you may have locked yourself out.  Like
-:term:`PAM`, :term:`LDAP` has a maximum number of logins, **5** by default.
-See ``openldap::server::conf::default_ldif::ppolicy_pwd_max_failure``.
+If your account is in :term:`LDAP`, you may have locked yourself out.  Like
+:term:`PAM`, LDAP has a maximum number of logins, **5** by default.
 
-To determine if the account is locked, run the following on the LDAP server:
-
-.. code-block:: bash
-
-   slapcat -a uid=<user>
-
-If you see ``pwdAccountLockedTime`` then the account is locked, and you will
-need to follow the instructions in :ref:`unlock-ldap-label` to unlock it.
+For more information on unlocking LDAP accounts, see the appropriate section for
+the server that you are using in :ref:`Managing LDAP Users`.
 
 Troubleshooting DNS
 -------------------

docs/user_guide/SIMP_Administration/General_Administration/User_Accounts.inc

@@ -91,5 +91,5 @@ the PostgreSQL 9.4 data is not automatically imported into the 9.6 database.
 If for any reason you need to retain this data, which normally is quite
 transitory, see `Upgrading a PostgreSQL Cluster`_ for detailed instructions.
 
-.. _ClamAV Virus Database FAQ: https://www.clamav.net/documents/clamav-virus-database-faq.html
+.. _ClamAV Virus Database FAQ: https://docs.clamav.net/faq/faq-cvd.html
 .. _Upgrading a PostgreSQL Cluster: https://www.postgresql.org/docs/9.6/upgrading.html