[Fedora-directory-users] Sync AD
by Pedro Rodrigues
Hi
Does anyone have a document like an howto that can explain how we can
syncronize FDS with AD ? Anyone that have already do this .
Thanks.
--
Cumprimentos Cordiais,
Pedro Rodrigues
Tecnologias de Informação
Centimfe - Centro Tecnológico da Indústria dos Moldes, Ferramentas Especiais e Plásticos
Zona Industrial
Rua da Espanha, Lote 8
Apartado 313
2431-904 Marinha Grande
tel.: (+351) 244 545 600
email.: pedro.rodrigues(a)centimfe.com
Web.: http://www.centimfe.com
18 years, 5 months
[Fedora-directory-users] Schema Conversion
by D Canfield
I don't suppose anyone has found an easy way to convert OpenLDAP schema
into fedora-ds compatible ldif files? We've got about 100 attributes
defined, and I'm really not looking forward to entering them all by hand...
Thanks
DC
18 years, 5 months
[Fedora-directory-users] Available Revisions
by Scott Boggs
I have just started using the Fedora-DS. I have to say that I am very
impressed. I currently am turning my attention towards working with the
server on a SE Linux platform. However, I was wondering if it is best
to keep with the current static version that is provided via the source
download site, or could I get the latest and greatest to see how in
integrates.
Thanks in advance and I look forward to my participation with all of you
on this project..
18 years, 5 months
[Fedora-directory-users] help for building FDS
by speedy zinc
Sorry to direct this question on this list. I've been
trying to subscribe to the dev list 3 times in the
last 3 days, but have never received the confirmation.
Stupid yahoo email...
I'm trying to build FDS on my Ubuntu 5.10 machine
using dsbuild, I've installed on the required
packages (db4-dev, krb5-dev, ncurses-dev, etc).
But I got the following error:
gmake[4]: Entering directory
`/home/csp/redhat/dsbuild/ds/mozilla/work/mozilla/security/nss/lib/pki'
gcc -o Linux2.6_x86_glibc_PTH_OPT.OBJ/asymmkey.o -c
-O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1
-ansi -Wall -pipe -DLINUX -Dlinux -D_POSIX_SOURCE
-D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX -DNSS_3_4_CODE
-UDEBUG -DNDEBUG -D_REENTRANT
-I../../../../dist/Linux2.6_x86_glibc_PTH_OPT.OBJ/include
-I../../../../dist/public/nss
-I../../../../dist/private/nss
-I../../../../dist/public/nspr asymmkey.c
In file included from
../../../../dist/private/nss/nsspki1.h:57,
from nsspki.h:56,
from asymmkey.c:39:
../../../../dist/private/nss/oiddata.h:46: error:
array type has incomplete element type
gmake[4]: ***
[Linux2.6_x86_glibc_PTH_OPT.OBJ/asymmkey.o] Error 1
gmake[4]: Leaving directory
`/home/csp/redhat/dsbuild/ds/mozilla/work/mozilla/security/nss/lib/pki'
gmake[3]: *** [libs] Error 2
gmake[3]: Leaving directory
`/home/csp/redhat/dsbuild/ds/mozilla/work/mozilla/security/nss/lib'
gmake[2]: *** [libs] Error 2
gmake[2]: Leaving directory
`/home/csp/redhat/dsbuild/ds/mozilla/work/mozilla/security/nss'
make[1]: *** [build-custom] Error 2
make[1]: Leaving directory
`/home/csp/redhat/dsbuild/ds/mozilla'
make: *** [dep-../../ds/mozilla] Error 2
Somehow, looks like the file where nss_builtin_oids is
defined was not included.
Could someone give a hint on solving this problem? I
have no problem running FDS on this machine, by
converting the rpm package into a deb package with
alien and installing it.
Distro: Ubuntu 5.10 2.6.12-9-386
gcc/g++: gcc (GCC) 4.0.2 20050808 (prerelease) (Ubuntu
4.0.1-4ubuntu9)
thanks a lot.
sz
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
18 years, 5 months
[Fedora-directory-users] where is the API and library?
by speedy zinc
Sorry if this question should be directed to the dev
list.
I want to write some programs that can use the FDS API
to manipulate entries in the directory, but where can
I find the API and libraries for FDS?
The include directory is empty.
thanks
sz
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
18 years, 5 months
[Fedora-directory-users] How is access control done?
by speedy zinc
Hi all,
Sorry if the question is not FDS-specific. I'm a
university student and trying to learn how LDAP is
used in managing access control. I can setup FDS,
create basic schema (mostly user information), setup
postfix to use FDS as authentication server, set up
PAM on linux to use FDS as authentication server, etc.
But that's only limited to user authentication.
Everyone is talking about how LDAP can be used to
manage access, in fact, it is on every vendor's
features list. But I've never seen a real example of
how it is used. Maybe I'm dumb, but I just couldn't
imagine how it is set up and used.
Let's take the following scenario.
I have a network of servers, running different
services and applications. Let's say, I called my
machines M1, M2, M3, and called the services S1, S2,
S3. All machines runs all 3 services. I have 3 groups
of users, G1, G2, G3.
Now, the question is, how can use LDAP to manage
access control of my users? Let's say, I want to let
users in G1 to access S1 and S2 on M1 only. And here
are the requirements:
G1 -> M1(S1, S2)
G2 -> M1(S3), M2(S1, S2, S3)
G3 -> M3(S1, S2, S3)
Maybe I'm not understanding the meaning of "access
control" correctly. But I just could not figure out
how to set up to achieve this goal.
What I want to know, besides the standard schema for
storing user information, how do I:
- define the schema for storing access control
information?
- tell the servers and services that specific user has
what access permissions?
- define extensible schema, so that if I add more
servers and applications to my network, I can add new
access control information without having to re-design
the schema? If I have to use any features that are
specific to FDS (ie. non-standard), so be it.
Gurus on this list, mind giving any hint on that? Or
if anyone could give a real life example, that would
great.
Thanks in advance
sz
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
18 years, 5 months
[Fedora-directory-users] set of attributes?
by speedy zinc
Hi,
Is it possible to add a set of attribute to an entry,
instead of adding one by one? That would be like a
struct in C, for example
myattr { departmentnumber, manager }
and I would access it
(myattr.manager=john)
or something like that.
thanks
sz
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
18 years, 5 months
[Fedora-directory-users] Question about Kerberos and FDS
by speedy zinc
Hi,
I've read the white paper "Red Hat Identity Management
and Security Solutions", and on page 13, it said that
Red Hat Directory Server supports a variety of
authentication standards and technologies, including:
- ...
- Kerberos tickets via SASL/GSSAPI
- ...
What does that exactly mean? Does that mean RHDS can
issue kerberos ticket out of the box? Or does that
mean I need to setup a kerberos server and use RHDS as
the backend for user information?
And this one:
- Impersonation (proxy) for multi-tier client
applications.
Could someone explain what does it mean and how can it
be used?
Thanks a lot
sz
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
18 years, 5 months