[Fedora-directory-users] Re: newbie question
by Jonathan Loh
Richard wrote:
>Please post your admin server access and error log files, and the output
>of startconsole -D
Did you want the whole access log? pretty big.
727 lines in ~40 mins.
Though now I'm noticing a bunch of lines with err=32. Here's a snippet:
> [15/Dec/2006:10:39:59 -0800] conn=0 op=15 SRCH base="o=NetscapeRoot" scope=0
filter="(objectClass=*)" attrs=ALL
> [15/Dec/2006:10:39:59 -0800] conn=0 op=14 RESULT err=0 tag=103 nentries=0
etime=0
> [15/Dec/2006:10:39:59 -0800] conn=0 op=15 RESULT err=32 tag=101 nentries=0
etime=0
> [15/Dec/2006:10:39:59 -0800] conn=0 op=16 ADD dn="o=NetscapeRoot"
> [15/Dec/2006:10:39:59 -0800] conn=0 op=16 RESULT err=0 tag=105 nentries=0
etime=0
Here's my errors file:
> Fedora-Directory/1.0.4 B2006.312.435
> alphascorp.lchq.us:389 (/opt/fedora-ds/slapd-alphascorp)
> [15/Dec/2006:10:39:57 -0800] - Fedora-Directory/1.0.4 B2006.312.435 starting
up
> [15/Dec/2006:10:39:58 -0800] - slapd started. Listening on All Interfaces
port 389 for LDAP requests
Thats is it, nothing much.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
17 years, 4 months
[Fedora-directory-users] Password Policy Question
by Steve Rigler
Is it possible to specify different types of password encryption on a
subtree level from the that which is specified in the global policy?
Using 1.0.4, it seems that if I specify "crypt" on the global level,
specifying "sha" on a subtree level has no affect on the hashing
algorithm used on that subtree.
Thanks,
Steve
17 years, 4 months
[Fedora-directory-users] FDS newbie
by Jonathan Loh
So I've decided to learn FDS by doing. But am running into trouble.
I can't log in to the console.
Here's what I've done so far:
I'm running FC3.
I have 1.5GB disk space which should not be a problem since it's about 200M per
user and there's just one user
I also have 512M of Ram.
I'm running the 2.6.12-1.1381 version of the kernel.
installed j2sdk 1.4.2-13
made the kernel and other fs tweaks listed on the directory.fedora.redhat.com
site.
installed fedora-ds 1.0.4
So I did the startconsole thing and couldn't login. The password was even copy
and pasted from /opt/fedora-ds/setup/myinstall.inf!
nmap originally found my admin port when run within minutes of my initial setup
but 10-15 mins later the admin port was gone.
I tried running setup/setup again and this time it did give me some errors.
But there are none in the errors or access log. Below is the edited output of
my last setup command.
-----------------------------------------------
In order to reconfigure your installation, the Configuration Directory
Administrator password is required. Here is your current information:
Configuration Directory: ldap://<hostname>.<domainname>:<port>/o=NetscapeRoot
Configuration Administrator ID: admin
At the prompt, please enter the password for the Configuration Administrator.
administrator ID: admin
Password:
Converting slapd-<hostname> to new format password file . . .
Copying new schema ldiffiles . . .
Starting slapd-<hostname> . . .
NMC_ErrInfo:
NMC_STATUS: -2
Start Slapd Starting Slapd server reconfiguration.
Info Slapd No old nsperl references found
Configuring Administration Server...
InstallInfo: Apache Directory "ApacheDir" is missing.
You can now use the console. Here is the command to use to start the console:
cd /opt/fedora-ds
./startconsole -u admin -a http://<hostname.domainname>:<port>/
INFO Finished with setup, logfile is setup/setup.log
----------------------------------------------
Any ideas?
____________________________________________________________________________________
Cheap talk?
Check out Yahoo! Messenger's low PC-to-Phone call rates.
http://voice.yahoo.com
17 years, 4 months
[Fedora-directory-users] Using FDS to replace ActiveDirectory
by Wayne Johnson
I've tried to research this but been coming up relatively empty, so any references and examples you can give would be appreciated. I've used LDAP but not in this context.
We have a network at our school of various Fedora Core servers and Windows desktops. We'd like to create a homogeneous login system. Fedora can use LDAP of course, but what about Windows. I know ActiveDirectory runs an LDAP server, but can we use FDS as a replacement to AD so that the Windows98 and XP machines we have will use FDS for authentication? Will FDS also do the various other AD functions (like Outlook addresses, etc)?
Thanks.
---
Wayne Johnson, | There are two kinds of people: Those
3943 Penn Ave. N. | who say to God, "Thy will be done,"
Minneapolis, MN 55412-1908 | and those to whom God says, "All right,
(612) 522-7003 | then, have it your way." --C.S. Lewis
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
17 years, 4 months
[Fedora-directory-users] Extending inetOrgPerson Class
by Ankur Agarwal
Hi,
I want to add some attributes to my users hence want to extend inetOrgPerson class. Have a few questions related to that:
1) I am able to add attributes and create a new class extending inetOrgPerson using Red Hat directory console. But if i want to move these chanegs to other environment do i need to use console only to make chanegs maually? How can i export this new class and attributes and import on target environment?
2) If there is an optional attribute in inetOrgPerson that i want to make mandatory how can i do that?
3) How can i export my new ou and import it to target env?
I have looked at dsadm pdf documentation and could not find any ways to move chanegs using scripts/ldif files. Please help me here.
Thanks,
---------------------------------
Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get things done faster.
17 years, 4 months
Re: [Fedora-directory-users] Sort Objects problem in Directory Server Console
by Renato Ribeiro da Silva
I've made more tests with the Console and the problem is not related to use numbers in attribute uid. Sorry.
The problem is that when I click in "sort objects" the console doesn't sort by "uid" but by "cn" attribute. I need to sort by the uid attribute.
Thanks,
Renato.
> Renato Ribeiro da Silva wrote:
> > Ok,
> > But when I use the ldapsearch command it works succeffuly. ( ./ldapsearch -b <context> objectclass=* -h <host> -S uid )
> > The problem is that I really need to use Personal ID's to identify users on the network. It's not allowed to use another kind of identification.
> > Is there any configuration that I can change to sort the users correctly?
> >
> In what way does it fail in the console?
>
> --
> Pete
>
>
17 years, 4 months
[Fedora-directory-users] FDS and samba
by listman
Ive gone over a fair share of docs that showed up on google and keep
coming back to http://directory.fedora.redhat.com/wiki/Howto:Samba
Mainly because it doesnt involve the conlsole. Ive checked it out a few
times and added a few users with it but what I really want is a
windows/linux pdc and found myself just lost. I checked out
http://www.linux.com/article.pl?sid=06/11/28/2019258 but it doesnt really
go into depth on setting up samba.
So my actual question is, I follow
http://directory.fedora.redhat.com/wiki/Howto:Samba to a tee and when I
get to
/opt/fedora-ds/slapd-<server>/ldif2ldap "cn=Directory manager" password
/tmp/sambaGroups.ldif
I get
Ldap_add: No such object
Ldap_add: matched : dc=localdomain
I assumed dc=localhost was missing so I changed user directory subtree:
from dc=localdomain to dc=localhost,dc=localdomain
But I still get the same error.
I thought maybe I could ignore it so I continue and type net groupmap add
rid=512 ntgroup='Domain Admins' unixgroup='Domain Admins'
And get Cant lookup UNIX group Domain Admins
Do I just need to add the unix group before I run this? Or do I have other
problems?
If there is anything else I can provide to help me figure this out just
let me know.
Oh and yes this is my first encounter with FDS
Thanks for any input
17 years, 4 months
Re: [Fedora-directory-users] Sort Objects problem in Directory Server Console
by Renato Ribeiro da Silva
Ok,
But when I use the ldapsearch command it works succeffuly. ( ./ldapsearch -b <context> objectclass=* -h <host> -S uid )
The problem is that I really need to use Personal ID's to identify users on the network. It's not allowed to use another kind of identification.
Is there any configuration that I can change to sort the users correctly?
Thank you,
Renato.
> Renato Ribeiro da Silva wrote:
> > Hello,
> > I'm trying to sort objects in Directory Server Console ( View Menu -> Sort Objects ) but this function isn't working. I need to use only numbers to identify the users (ex. uid=12345678910). Any idea?
> >
> >
> You should probably use uidNumber from the posixAccount objectclass -
> uid is being sorted alphabetically according to its syntax.
> > Thanks in advance,
> > Renato.
> >
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users(a)redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
>
>
> --
> Pete
>
>
17 years, 4 months