October 2006 - 389-users - Fedora Mailing-Lists

[Fedora-directory-users] integrating FDS+Postfix+Dovecot+squirrelmail

by sigid＠JINLab

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 dear friends, i'm working on configuring mail server that authenticate using FDS. refering to http://directory.fedora.redhat.com/wiki/Howto:Postfix it seems the FDS need to load schema for supporting postfix MTA, where can i find it? is there any howto similar to url above? thanks sigid -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFOCNSqiPNNgPlDu0RAthBAKC/ni/0ZE9li0YnIKJTlyhseuHlOACffShJ 8VvzgCvzUWfjFjQGuHxv3xE= =0Nm9 -----END PGP SIGNATURE-----

17 years, 6 months

2
1
0 / 0

[Fedora-directory-users] Ldap api for moving entries

by Pavel 'Blaze' Vinogradov

Hello, I write LdapManager on java, and use FDS 1.0.2 as Ldap-server and Novell jLDAP library to work with LDAP-server. All work good, except entry moving. I try to make LdapModifyDNRequest to server, but get answer: Error: LDAPException: Unwilling To Perform (53) Unwilling To Perform LDAPException: Server Message: server does not support moving of entries LDAPException: Matched DN: I don't find any information about features of moving entryes in FDS. Can you help me with this question?

17 years, 6 months

2
3
0 / 0

[Fedora-directory-users] Fedora Directory Server not allowing me to map group names

by cj

Hi all I sent this previously but I sent it from the wrong email address So I think it was rejected my apologies for that. I have just install Fedora 5 and installed Fedora Directory Server 1.0.2-1 and samba 3.0.21b-2 I went through the instruction on the provided link below http://directory.fedora.redhat.com/wiki/Howto:Samba When it came to net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' I get the following error Can't lookup UNIX group Domain Admins Below is the net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' -d 4 command [2006/10/19 16:58:04, 3] param/loadparm.c:lp_load(4211) lp_load: refreshing parameters [2006/10/19 16:58:04, 3] param/loadparm.c:init_globals(1385) Initialising global parameters [2006/10/19 16:58:04, 3] param/params.c:pm_process(574) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/10/19 16:58:04, 3] param/loadparm.c:do_section(3666) Processing section "[global]" doing parameter workgroup = GLENNIES doing parameter security = user doing parameter passdb backend = ldapsam:ldap://ldapserver.glennies.com.au doing parameter ldap admin dn = cn=Directory Manager doing parameter ldap suffix = dc=glennies,dc=com,dc=au doing parameter ldap user suffix = ou=People doing parameter ldap machine suffix = ou=Computers doing parameter ldap group suffix = ou=Groups doing parameter add group script = /usr/sbin/groupadd %g doing parameter log file = /var/log/%m.log doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter os level = 33 doing parameter domain logons = yes doing parameter domain master = yes doing parameter local master = yes doing parameter preferred master = yes doing parameter wins support = yes doing parameter logon home = \\%L\%u\profiles doing parameter logon path = \\%L\profiles\%u doing parameter logon drive = H: doing parameter template shell = /bin/false doing parameter winbind use default domain = no [2006/10/19 16:58:04, 4] param/loadparm.c:lp_load(4242) pm_process() returned Yes [2006/10/19 16:58:04, 2] lib/interface.c:add_interface(81) added interface ip=192.168.200.150 bcast=192.168.200.255 nmask=255.255.255.0 Can't lookup UNIX group Domain Admins [2006/10/19 16:58:04, 2] utils/net.c:main(878) return code = -1 If I add Domain Admins to the file /etc/group I get the following error adding entry for group Domain Admins failed! Below is the net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' -d 4 command [2006/10/19 16:56:26, 3] param/loadparm.c:lp_load(4211) lp_load: refreshing parameters [2006/10/19 16:56:26, 3] param/loadparm.c:init_globals(1385) Initialising global parameters [2006/10/19 16:56:26, 3] param/params.c:pm_process(574) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/10/19 16:56:26, 3] param/loadparm.c:do_section(3666) Processing section "[global]" doing parameter workgroup = GLENNIES doing parameter security = user doing parameter passdb backend = ldapsam:ldap://ldapserver.glennies.com.au doing parameter ldap admin dn = cn=Directory Manager doing parameter ldap suffix = dc=glennies,dc=com,dc=au doing parameter ldap user suffix = ou=People doing parameter ldap machine suffix = ou=Computers doing parameter ldap group suffix = ou=Groups doing parameter add group script = /usr/sbin/groupadd %g doing parameter log file = /var/log/%m.log doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter os level = 33 doing parameter domain logons = yes doing parameter domain master = yes doing parameter local master = yes doing parameter preferred master = yes doing parameter wins support = yes doing parameter logon home = \\%L\%u\profiles doing parameter logon path = \\%L\profiles\%u doing parameter logon drive = H: doing parameter template shell = /bin/false doing parameter winbind use default domain = no [2006/10/19 16:56:26, 4] param/loadparm.c:lp_load(4242) pm_process() returned Yes [2006/10/19 16:56:26, 2] lib/interface.c:add_interface(81) added interface ip=192.168.200.150 bcast=192.168.200.255 nmask=255.255.255.0 [2006/10/19 16:56:26, 2] lib/smbldap_util.c:smbldap_search_domain_info(228) Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=GLENNIES))] [2006/10/19 16:56:26, 2] lib/smbldap.c:smbldap_open_connection(722) smbldap_open_connection: connection opened [2006/10/19 16:56:26, 3] lib/smbldap.c:smbldap_connect_system(905) ldap_connect_system: succesful connection to the LDAP server [2006/10/19 16:56:26, 4] lib/smbldap.c:smbldap_open(969) The LDAP server is succesfully connected [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group adding entry for group Domain Admins failed! [2006/10/19 16:56:26, 2] utils/net.c:main(878) return code = -1 I have looked on the net for the good part of this week trying to find an answer to my problem, It seems a few other people are having a similar issue, but real no concrete solutions to the problem. If any one knows what the cause this error is and how to fix it, It would be appreciated. Regards CJ

17 years, 6 months

1
0
0 / 0

[Fedora-directory-users] userPassword versus Password

by Dave Augustus

I have an external applet that authenticates via LDAP. However, it will only use the userPassword attribute, not the Password attribute. How can I tell FDS to use the Password attribute for Passwords? Thanks, Dave

17 years, 6 months

2
2
0 / 0

[Fedora-directory-users] (no subject)

by cj

Hi all I have just install Fedora 5 and installed Fedora Directory Server 1.0.2-1 and samba 3.0.21b-2 I went through the instruction on the provided link below http://directory.fedora.redhat.com/wiki/Howto:Samba When it came to net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' I get the following error Can't lookup UNIX group Domain Admins Below is the net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' -d 4 command [2006/10/19 16:58:04, 3] param/loadparm.c:lp_load(4211) lp_load: refreshing parameters [2006/10/19 16:58:04, 3] param/loadparm.c:init_globals(1385) Initialising global parameters [2006/10/19 16:58:04, 3] param/params.c:pm_process(574) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/10/19 16:58:04, 3] param/loadparm.c:do_section(3666) Processing section "[global]" doing parameter workgroup = GLENNIES doing parameter security = user doing parameter passdb backend = ldapsam:ldap://ldapserver.glennies.com.au doing parameter ldap admin dn = cn=Directory Manager doing parameter ldap suffix = dc=glennies,dc=com,dc=au doing parameter ldap user suffix = ou=People doing parameter ldap machine suffix = ou=Computers doing parameter ldap group suffix = ou=Groups doing parameter add group script = /usr/sbin/groupadd %g doing parameter log file = /var/log/%m.log doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter os level = 33 doing parameter domain logons = yes doing parameter domain master = yes doing parameter local master = yes doing parameter preferred master = yes doing parameter wins support = yes doing parameter logon home = \\%L\%u\profiles doing parameter logon path = \\%L\profiles\%u doing parameter logon drive = H: doing parameter template shell = /bin/false doing parameter winbind use default domain = no [2006/10/19 16:58:04, 4] param/loadparm.c:lp_load(4242) pm_process() returned Yes [2006/10/19 16:58:04, 2] lib/interface.c:add_interface(81) added interface ip=192.168.200.150 bcast=192.168.200.255 nmask=255.255.255.0 Can't lookup UNIX group Domain Admins [2006/10/19 16:58:04, 2] utils/net.c:main(878) return code = -1 If I add Domain Admins to the file /etc/group I get the following error adding entry for group Domain Admins failed! Below is the net groupmap add rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins' -d 4 command [2006/10/19 16:56:26, 3] param/loadparm.c:lp_load(4211) lp_load: refreshing parameters [2006/10/19 16:56:26, 3] param/loadparm.c:init_globals(1385) Initialising global parameters [2006/10/19 16:56:26, 3] param/params.c:pm_process(574) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2006/10/19 16:56:26, 3] param/loadparm.c:do_section(3666) Processing section "[global]" doing parameter workgroup = GLENNIES doing parameter security = user doing parameter passdb backend = ldapsam:ldap://ldapserver.glennies.com.au doing parameter ldap admin dn = cn=Directory Manager doing parameter ldap suffix = dc=glennies,dc=com,dc=au doing parameter ldap user suffix = ou=People doing parameter ldap machine suffix = ou=Computers doing parameter ldap group suffix = ou=Groups doing parameter add group script = /usr/sbin/groupadd %g doing parameter log file = /var/log/%m.log doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter os level = 33 doing parameter domain logons = yes doing parameter domain master = yes doing parameter local master = yes doing parameter preferred master = yes doing parameter wins support = yes doing parameter logon home = \\%L\%u\profiles doing parameter logon path = \\%L\profiles\%u doing parameter logon drive = H: doing parameter template shell = /bin/false doing parameter winbind use default domain = no [2006/10/19 16:56:26, 4] param/loadparm.c:lp_load(4242) pm_process() returned Yes [2006/10/19 16:56:26, 2] lib/interface.c:add_interface(81) added interface ip=192.168.200.150 bcast=192.168.200.255 nmask=255.255.255.0 [2006/10/19 16:56:26, 2] lib/smbldap_util.c:smbldap_search_domain_info(228) Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=GLENNIES))] [2006/10/19 16:56:26, 2] lib/smbldap.c:smbldap_open_connection(722) smbldap_open_connection: connection opened [2006/10/19 16:56:26, 3] lib/smbldap.c:smbldap_connect_system(905) ldap_connect_system: succesful connection to the LDAP server [2006/10/19 16:56:26, 4] lib/smbldap.c:smbldap_open(969) The LDAP server is succesfully connected [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group [2006/10/19 16:56:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2305) ldapsam_getgroup: Did not find group adding entry for group Domain Admins failed! [2006/10/19 16:56:26, 2] utils/net.c:main(878) return code = -1 I have looked on the net for the good part of this week trying to find an answer to my problem, It seems a few other people are having a similar issue, but real no concrete solutions to the problem. If any one knows what the cause this error is and how to fix it, It would be appreciated. Regards CJ

17 years, 6 months

1
0
0 / 0

[Fedora-directory-users] Root changing user password

by Greg Copeland

I've quickly checked the archive and I can find people having trouble with users changing their own password but not the other way around. Here, users can change their own password without issue but root fails. What do I need to do to allow root, using the passwd command on RHES 4, to change user passwords? I've tried setting rootbinddn in my /etc/ldap.conf file. Without an /etc/ldap.secret file, I observe an error in my logs, complaining about the missing ldap.secret file. When I create it, the error goes away but the passwd command still fails with, "passwd: Authentication token manipulation error". In the logs I can observe, "passwd[23689]: pam_ldap: error trying to bind (Invalid credentials)." I've tried placing the admin password in cleartext, and base64 in the ldap.secret file. Frankly, I'd rather root be prompted for the LDAP admin password than the password be stored in a file anyways. Is this possible? Best Regards, Greg Copeland

17 years, 6 months

1
0
0 / 0

[Fedora-directory-users] Help beta test Fedora DS 1.0.3

by Rich Megginson

If you are interested in beta testing 1.0.3, contact me off list.

17 years, 6 months

1
0
0 / 0

RE: [Fedora-directory-users] DS Gateway error

by Jo De Troy

Hi Rich, I found the issue. It's resolved now, the host was sitting in another DNS domain and that domain was still in the config files. Thanks again, Jo

17 years, 6 months

1
0
0 / 0

RE: [Fedora-directory-users] DS Gateway error

by Jo De Troy

Hi Rich, I checked these, I see nothing strange. I enabled debug logging in httpd.conf The setup is not totally default eg it runs as ldap user and not as nobody The admin domain is 1 level above of the actual domain of the server. Any idea what could be causing this error? [Mon Oct 16 15:01:06 2006] [notice] [client 10.131.238.21] admserv_host_ip_check: ap_get_remote_host could not resolve 10.131.238.21 [Mon Oct 16 15:01:06 2006] [debug] mod_admserv.c(2518): [client 10.131.238.21] checking user cache for: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot [Mon Oct 16 15:01:06 2006] [debug] mod_admserv.c(2521): [client 10.131.238.21] user found in cache uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot [Mon Oct 16 15:01:06 2006] [debug] mod_admserv.c(1480): [client 10.131.238.21] admserv_check_authz: request for uri [/admin-serv/tasks/operation/StatusPing] [Mon Oct 16 15:01:06 2006] [debug] mod_admserv.c(1692): [client 10.131.238.21] admserv_check_authz: uri [tasks/operation/StatusPing] did not begin with [commands/] - not a command [Mon Oct 16 15:01:06 2006] [debug] mod_admserv.c(1741): [client 10.131.238.21] admserv_check_authz: execute CGI [/opt/fedora-ds/bin/admin/admin/bin/statusping] args [(null)] [Mon Oct 16 15:01:21 2006] [notice] [client 10.131.238.21] admserv_host_ip_check: ap_get_remote_host could not resolve 10.131.238.21 [Mon Oct 16 15:01:21 2006] [debug] mod_admserv.c(2518): [client 10.131.238.21] checking user cache for: uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot [Mon Oct 16 15:01:21 2006] [debug] mod_admserv.c(2521): [client 10.131.238.21] user found in cache uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot [Mon Oct 16 15:01:21 2006] [debug] mod_admserv.c(1480): [client 10.131.238.21] admserv_check_authz: request for uri [/admin-serv/tasks/operation/StatusPing] [Mon Oct 16 15:01:21 2006] [debug] mod_admserv.c(1692): [client 10.131.238.21] admserv_check_authz: uri [tasks/operation/StatusPing] did not begin with [commands/] - not a command [Mon Oct 16 15:01:21 2006] [debug] mod_admserv.c(1741): [client 10.131.238.21] admserv_check_authz: execute CGI [/opt/fedora-ds/bin/admin/admin/bin/statusping Thanks again, Jo

17 years, 6 months

2
1
0 / 0

Re: [Fedora-directory-users] FDS and AD

by Howard Chu

> Date: Mon, 02 Oct 2006 10:01:55 -0600 > From: Richard Megginson <rmeggins(a)redhat.com> > Sergio Diaz wrote: >> Hi Richard; >> >> Openldap: >> >> The *meta* backend to *slapd(8) >> <http://docsrv.caldera.com:8457/cgi-bin/man?mansearchword=slapd&mansection=8>* >> performs basic LDAP proxying with respect >> to a set of remote LDAP servers, called "targets". The information >> contained in these servers can be presented as belonging to a single >> Directory Information Tree (DIT). >> >> Its possible with FDS ?? >> > FDS has a chaining backend which allows you to use another LDAP server > to store the data. It sounds like the FDS chaining backend is similar to OpenLDAP back-ldap and/or the chaining overlay. In OpenLDAP back-ldap forwards a request to one other server (at a time; multiple servers can be configured but the others will only be used if the first server cannot be contacted). The back-meta backend is a superset of back-ldap, it can fanout single requests to multiple servers in parallel and aggregate the results. (There's also attribute mapping and DN rewriting, but those capabilities are no longer unique to back-meta, having been moved into the rewrite overlay.) With these modules you can stitch together a variety of heterogeneous directories into a coherent virtual directory. >> Regards!! >> Sergio >> >> >> >> On Mon, 2006-10-02 at 07:25 -0600, Richard Megginson wrote: >>> Sergio Diaz wrote: >>>> Hi People, >>>> >>>> Its Possible Sync only in One Way ? >>>> >>>> Users Windows AD -> FDS. >>> No, not really. >>>> Or the other scenario its like OpenLDAP have a Meta Backend (2 LDAPs, >>>> 1 AD), its possible with FDS ? >>> It's possible. What does the meta backend do? >>>> >>>> Regards, >>>> Sergio -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/

17 years, 6 months

4
8
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-users October 2006