[Fedora-directory-users] admin-server SSL restart
by Jo De Troy
Hello,
I've setup the admin-server to use SSL. But I fail to get it restarted
without asking me for the internal token password.
I have created password.conf in /opt/fedora-ds/alias with I think the
correct ownerships.
The contents of password.conf is "internal:<pwd>", should this work?
Thanks in advance,
Jo
17 years, 5 months
Re: [Fedora-directory-users] LDAP run in verbose mode?
by Joe Sheehan
Thanks - did noticed that the performance does decrease substantially with
debug on though.
Thanks - hopefully we'll be able to figure out why the instability in our
env.
Joe
>From: Richard Megginson <rmeggins(a)redhat.com>
>Reply-To: "General discussion list for the Fedora Directory server
>project." <fedora-directory-users(a)redhat.com>
>To: "General discussion list for the Fedora Directory server project."
><fedora-directory-users(a)redhat.com>
>Subject: Re: [Fedora-directory-users] LDAP run in verbose mode?
>Date: Mon, 09 Oct 2006 09:33:31 -0600
>
>Joe Sheehan wrote:
>>Is there anyway to start LDAP in a verbose mode?
>start-slapd -d 1 &
>You can also turn on verbose mode in a server that's already running. See
>http://directory.fedora.redhat.com/wiki/FAQ#Troubleshooting
>>LDAP is periodically dieing and unfortunately the log file gives nothing
>>more than "LDAP died".
>>
>>Thanks
>>
>>Joe
>>
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users(a)redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
><< smime.p7s >>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users(a)redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
17 years, 5 months
[Fedora-directory-users] Cannot Setup PDC use Samba with FDS!
by th3tm4n
Hi everybody,
I've got a problems when I setup PDC use Samba3 with FDS.
I've followed HOWTO:Samba in Documentation Section. But when I map ntgroup to
unix group, It's state like :
"[root@~]# net groupmap add ntgroup="Domain Admins" unixgroup=DomainAdmins
rid=512
adding entry for group Domain Admins failed!"
I've tried to look around, and found some info. I will post here:
1. Kernel message:
"audit(1160332356.611:65): avc: denied { bind } for pid=5752 comm="net"
scontext=root:system_r:samba_net_t:s0-s0:c0.c255
tcontext=root:system_r:samba_net_t:s0-s0:c0.c255 tclass=netlink_route_socket
audit(1160332356.611:66): avc: denied { getattr } for pid=5752 comm="net"
scontext=root:system_r:samba_net_t:s0-s0:c0.c255
tcontext=root:system_r:samba_net_t:s0-s0:c0.c255 tclass=netlink_route_socket
audit(1160332356.611:67): avc: denied { write } for pid=5752 comm="net"
scontext=root:system_r:samba_net_t:s0-s0:c0.c255
tcontext=root:system_r:samba_net_t:s0-s0:c0.c255 tclass=netlink_route_socket
audit(1160332356.611:68): avc: denied { nlmsg_read } for pid=5752
comm="net" scontext=root:system_r:samba_net_t:s0-s0:c0.c255
tcontext=root:system_r:samba_net_t:s0-s0:c0.c255 tclass=netlink_route_socket
audit(1160332356.611:69): avc: denied { read } for pid=5752 comm="net"
scontext=root:system_r:samba_net_t:s0-s0:c0.c255
tcontext=root:system_r:samba_net_t:s0-s0:c0.c255 tclass=netlink_route_socket
"
2. Error when I've try to use webmin to add NTgroups
"Failed to save group : /usr/bin/net failed :
[2006/10/09 02:44:37, 0] utils/net.c:net_maxrid(789)
can't get current maximum rid
"
Thanks,
th3tm4n
17 years, 5 months
[Fedora-directory-users] DB object limit question
by John Call
Aloha list,
Is there a known limit of objects / db? I've recently encountered strange
behaviour in my FDS. The strange behaviour exhibits itself by not allowing
searchs within ou containers. Although if I bind as "Directory Manager" I
can search, but it takes a painfully long time for the results to come... on
average about 10 minutes.
Let me elaborate a little bit about my setup. I have three ou containers.
The largest container has 253603 entries, the other two containers have
9625, and 4846 objects. All three of these containers use the same userRoot
db. Through some random tinkering I created another FDS, but instead of
userRoot I gave each ou its own db. The results of each ou having its own
db have been positive. I'm able to search and all expected funcionality is
available.
Thanks for your time,
John
17 years, 5 months
Re: [Fedora-directory-users] trying to build
by Jo De Troy
Hi Rich,
I've installed all extra components and while compiling the
adminserver I got the error that I needed icu v3.4, so that's what I
did. Afterwards while again trying to compile the ldapserver.
I get an error at the point where it tries to compile LDAP server console
What am I still missing?
Thanks again,
Jo
==== Starting LDAP Server Console ==========
gmake BUILD_OPT=1 NO_JAVA=1 buildDirectoryConsole
gmake[1]: Entering directory `/home/ldap/ds71/ldapserver'
cd ldap/admin/src/java/com/netscape/xmltools; gmake BUILD_OPT=1
NO_JAVA=1 -w package
gmake[2]: Entering directory
`/home/ldap/ds71/ldapserver/ldap/admin/src/java/com/netscape/xmltools'
javac -deprecation -classpath
"/home/ldap/ds71/ldapserver/ldap/admin/src/java:../../../../../../../../dist/classes/ldapjdk.jar:../../../../../../../built/java/optimize/xmltools:../../../../../../../../dist/classes/crimson.jar"
-d ../../../../../../../built/java/optimize/xmltools DSML2LDIF.java
DSML2LDIF.java:44: package netscape.ldap does not exist
17 years, 5 months
Re: [Fedora-directory-users] trying to build
by Jo De Troy
Hi Rich,
it's a manual build using the cvs code [cvs co -r FedoraDirSvr102 ldapserver].
I'm trying to f succeed in building it myself and afterwards
rebuilding it with the patch that will stop crashing the ldapserver
when doing an ldappasswd.
Thanks again,
Jo
17 years, 5 months
[Fedora-directory-users] Trying to run FDS on Core 5
by Dick Steflik
All,
I'm trying to run FDS for a class I teach, I have previously used the
Netscape Directory Server on NT but the hard drive on that machine went
belly up this last summer. I decided that Linux would be the way to go
for a replacement machine. Anyway, I downloaded the
fedora-ds-1.0.2-1FC5.i386.opt.rpm and proceded with the install. Install
seemed to go OK; I started slapd and tried a test query and it worked. I
want to load a doctored up version of the old Airius.ldif file so I
started looking for the admin-server. Anyway it seems like there are
supposed to be start/stop scripts on /opt/fedora-ds but there
aren't....any ideas what might have happened to them? or where I get
them from.
Also, I'm running a 512Mb machine which should be OK; but when I try to
start up the Java based console I get an "out of memory" message. I
would like to think that since only about 30 people are ever going to
be doing ldap queries against it that 512Mb of RAM should be OK (it was
for the old Netscape Directory Server). I could live without the Java
based console if I could get the admin server running as that is the way
I always administerd the old machine.
Dick Steflik
Binghamton University
Binghamton, New York
17 years, 5 months