[Fedora-directory-users] Installing on Cent OS 5.1
by Todd Nine
Hi all,
I'd like to install Fedora Directory server 1.1 on Cent OS 5.1 I'm in the
process of installing it now, and everything is going well. However, I feel
a bit like Alice in Wonderland. I basically want to replace Active
Directory functionality with Fedora Core. I *think* I may need to install
and integrate Kerberos as well. What I basically need is to allow users to
log in via SSH and PAM to Fedora Directory, as well as authenticate our
numerous webapps with the LDAP functionality. Are there any good books or
tutorials available that I can read? I've read the quick tutorials on the
website regarding integrating PAM, but I can't seem to get the user
information to work. When a user logs in, their home directory is not
created, and their UID and GID aren't downloaded. I'm a bit lost, so any
documentation that is at a higher level system architecture would be greatly
appreciated, I'm not sure I have all the components I need to build this .
I want to build a solid framework to allow us to easily administer users and
groups.
Thanks,
Todd
16 years, 2 months
[Fedora-directory-users] Replication from Critical Path to FDS 1.0.4
by Branimir
Hi everyone!
I hope someone could give me an advice for the issue described in the
subject. I contacted CP support and they suggested that we should buy
their Meta Directory server which can process incremental updates
between CP and FDS (or any other LDAP) and, initially, to dump our DIT
into LDIF and import it to FDS.
I created a few shell scripts that manage daily "replication" between
two servers using LDIF dump and exporting the dump into FDS. I know that
this is far from an elegant solution (especially concerning incremental
updates) but before we make a decision to buy CP Meta Directory server,
I wonder if we have other options?
Thank you in advance!
Regards
Branimir
16 years, 2 months
[Fedora-directory-users] One step build for platforms other than Fedora
by Rich Megginson
I've updated the one step build scripts for Fedora DS 1.1. The new
version allows you to pick and choose which components you want to build
from source and which you want to just use from the operating system. I
don't have a tarball up yet, but you can get it from anonymous CVS:
cvs -d :pserver:anonymous@cvs.fedoraproject.org:/cvs/dirsec co dsbuild
or if you don't want the CVS directories
cvs -d :pserver:anonymous@cvs.fedoraproject.org:/cvs/dirsec export
-rHEAD dsbuild
FAQ:
* How does it work?
after checkout/export
cd dsbuild/meta/ds
make help
Help only tells about SASL_SOURCE and SNMP_SOURCE - but if you look at
the meta/ds/Makefile you will see that there are many COMPONENT_SOURCE
variables (NSPR_SOURCE, NSS_SOURCE, etc.). The script is not smart
enough to figure out which components are provided by your OS, so if you
want to build something from source you'll have to explicitly specify it.
Use make PREFIX=/opt/dirsrv to compile and install directly into /opt/dirsrv
Use make PREFIX=/opt/dirsrv DESTDIR=/var/tmp to compile and install into
/var/tmp for packaging that at runtime will use /opt/dirsrv e.g. for
native system packaging systems
* What's missing?
All console/java code is still incomplete - jss, ldapjdk, etc.
dsbuild/README needs to be updated
make help needs to be updated
* What platforms are supported?
You'll need relatively recent versions of GNU make, sed, wget, bzip2,
gzip, tar, patch, md5sum
16 years, 2 months
[Fedora-directory-users] SSL issue
by Anand Vaddarapu
Hi,
Restarted my FDS as soon as enable SSL service. I try to restarted my
dirsrv-admin, its promt me for password. When i enter valid password , the
error mesg appers saying "incorrect password". I m damn sure that entered
password was correct. When it happened to me first time i tought i forgot
password and reinstall the FDS. Again happened second time. Please let me
know how can i recover password or any alternative way to restart my
dirsrv-admin.
Thanks
Vivek
16 years, 2 months
[Fedora-directory-users] ldif error on startup
by Ken Marsh
Hi,
Thanks to all the Fedora DS development team for supporting us poor
souls and creating a great product.
I have a MultiMaster replicated 1.0.4-1 DS running on RHES5 x64. It's
worked fine since it was created a few weeks ago. When the host system
was rebooted, it refused to come up. This is the reason why:
[07/Feb/2008:20:25:41 -0500] dse - The entry cn=schema in file
/opt/fedora-ds/slapd-server2/config/schema/99user.ldif is invalid, error
code 20 (Type or value exists) - attribute type pamMapMethod: Does not
match the O
ID "2.16.840.1.113730.3.1.2070". Another attribute type is already using
the name or OID.
[07/Feb/2008:20:25:41 -0500] dse - Please edit the file to correct the
reported problems and then restart the server.
Fedora-Directory/1.0.4 B2006.338.2215
<host>:<port> (/opt/fedora-ds/slapd-server2)
I edited the file and removed the offending entry, and it restarted. The
offending entry which looks like this in file 99user.ldif:
attributeTypes: ( 2.16.840.1.113730.3.1.2070 NAME 'pamMapMethod' DESC
'How to
map BIND DN to PAM identity' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VAL
UE X-ORIGIN ( 'Red Hat Directory Server' 'user defined' ) )
Grepping around, I found the same OID in 60pam-plugin.ldif:
attributeTypes: ( 2.16.840.1.113730.3.1.2070 NAME 'pamIDMapMethod' DESC
'How to map BIND DN to PAM identity' SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Red Hat Directory
Server' )
My questions are, will my removing this entry break anything? And if so,
what? Should I replace the entry with a corrected value? Since removing
it from 99user.ldif, the DS seems to be running fine now.
This DS was originally populated by replication from a 7.1 DS, if that
makes any difference.
Thanks and keep up the good work,
Ken.
16 years, 2 months
[Fedora-directory-users] Fedora IDM Console???
by Singh Raina, Ajeet
I changed the java to java -version but it dint worked.
PLs Help??
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
16 years, 2 months
[Fedora-directory-users] Fedora DS Console?
by Singh Raina, Ajeet
Where can I find resources related to Fedora Directory Console????
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
16 years, 2 months
[Fedora-directory-users] Managing NIS Servers into LDAP?
by Singh Raina, Ajeet
I want to make it more "clear". Say, I have 300 users on each NIS Users.
The overall DS should resemble the following architecture:
People -------|----Jupr-------------------------------|---<List of Users
belonging to Jupiter NIS Users>
|--- Satn--------------------------|---<List of
Users belonging to Saturn NIS Users>
|----Plo---------------------------|---<List of
Users belonging to Pluto NIS Users>
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
16 years, 2 months
[Fedora-directory-users] Managing NIS Servers into LDAP?
by Singh Raina, Ajeet
Hi Guys,
I have a fedora DS running on RHEL 4.0.I have 3 NIS Servers - Jupiter,
Saturn and Pluto. Each one of them has around 300 users.The users in
Jupiter should not have access rights for other Servers. Let me tell
you about my attempt and where I am facing problem at:
I have migrated all the NIS to Fedora DS through migrate.pl scripts. Now
when I use Fedora DS Console it asks for just /tmp/passwd.ldif file and
doesn't talk about People/Special Group/Group. All I can see in
Directory Server > Directory(TAB) > Click on im > People where I see all
the users get updated to.
What My Plan is to create three sub-division of People - Jupr, Satn and
Plo and restrict one another from accessing the other unrelated
projects.
Can I know what can help me to particularly migrate the Jupiter NIS
Users strictly to Jupr and vice versa
Pls Help.
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
16 years, 2 months
[Fedora-directory-users] FDS + Samba + machine account
by Satish Patel
Dear
I have setup of samba + fds but i am not able to join machine in samba domain so how to add machine in samba domain with FDS backend >???
$ cat ~/satish/url.txt
http://www.linuxbug.org
_____________________________________________________________________________________________________
---------------------------------
Bring your gang together - do your thing. Start your group.
16 years, 2 months