I just started using FDS. I've got my linux box authenticating to FDS
but, when I login the user's home directory isn't there. I know that the
home directories can be nfs(openafs?). How do you set this up? Can you
mount openafs home directories?
Any useful tuts/links would be appreciated.
I've tried everything but failed to make MS outlook sort properly with FDS. I have added displayname attribute with each group and user entry but it still wouldn't work. Any help would be greatly appreciated.
Yahoo! Mail goes everywhere you do. Get it on your phone.
I inherited an ldap with odd design. It has a custom
attribute as the rdn in the dn for all entries. The
rdn is not the uid. People entries are provisioned
automatically and users choose a uid after their entry
has been created for login purposes. The custom
attribute for the rdn serves as a unique identifier.
The uid is also unique.
I found that getting products to work with this ldap
is difficult because they expect the uid to be in the
dn. Comments? Should I put the uid back in the dn?
Seems like it would make my life a lot simpler.
And what methods are best to create entries for users
without a uid? Maybe assign a temp and have them
change it? Or just assign them which is always the
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
Hi at all, I'm configuring Postfix with Fedora DS, but reading
documentation, I need two object in all ldap entry:
I know some workaround but, for my skill and to avoid problems in future
I would to know how can I extend schema or import this objects for all
thanks in advance
I'm attempting to monitor fds logs for things such as password changes,
and so forth; I'm assuming that the log file that I should be looking
for is the access logfile under my slapd directory; does anyone know the
operation number (op=?) that I should be looking for to check for
successful password changes (assuming of course that fds is recording
this information and that I'm looking in the proper logfile? Thanks
The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.
> I'm attempting to monitor fds logs for things such as password changes,
> and so forth; I'm assuming that the log file that I should be looking
> for is the access logfile under my slapd directory; does anyone know the
> operation number (op=?) that I should be looking for to check for
> successful password changes (assuming of course that fds is recording
> this information and that I'm looking in the proper logfile?
FDS logs don't report attribute level modifications, at least not at reasonable log levels.
What you want to do is a persistent search.
> I would like to know if the FDS docs are available for downlaod? I have
> only seen the online doc.
They are here, and apply mostly to FDS, except for the features in FDS which are newer than those in the last RHDS release:
My server has a structure like:
each domain has an attribute administrator (taken from phpQLAdmin, I am using ldap for
qmail-ldap) which has full dn of a uid. For example say the administrator of
o=domain1,o=isp is uid=user1,o=domain1,o=isp, and that of o=domain2,o=isp is
Now when I bind as uid=user1,o=domain1,o=isp I must have full write permission for domain1
and all users under it, and if I bind as uid=user1,o=domain2,o=isp I must have write
access to domain2 and so on.
I am looking for a minimum aci that can do this, Preferably one that is applied at o=isp.
I have played with aci and userattr, but seems it's not working. The one I tried is
aci: (target="ldap:///o=*,o=isp")(targetattr=*) (version 3.0;acl
"manager-write"; allow (all) userattr = "administrator#USERDN";)
I have taken this from the examples in docs, but this is not working as expected.
Thanks for your help,
I apologize if this is a frequently asked question (I checked and scanned
LOTs of documents), but...
Is there a way to add/change/delete one attribute when another attribute
The real question is a little more complicated. The idea is to
add/change/delete a 'memberOf' (a group) attribute for a uid when the uid
is added/changed/deleted to a 'group'.
Can anyone help?