Chaining database links
by Reinhard Nappert
Hi,
I was wondering if you can chain to a LDAP v2 directory?
Thanks,
-Reinhard
14 years, 9 months
Fedora DS with virtual machines
by Nick Gresham
Hi All
Does anyone have any experience running DS in a virtual machine? Our
current LDAP infrastructure is quite busy, 500-1000 connections/
minute, with >6.5 million operations per day. The VMs will have up to
8GB of RAM, though we think we'll only need 6.
We're performing testing with slamd, but it's hard to get truly
representative stress testing using this tool I think.
What has your experience been like? Any snafus to watch out for?
Thanks,
Nick
14 years, 9 months
DS for the authentication of samba
by Michael Jonsson
Hi all,
I intend to put up a DS for the authentication of samba, proftpd and
other services.
DS will be installed on server A
Samba server B
Proftp on server C
All Windows XP to use pgina against the DS.
All home folders should be on server B, when the windows xp
user access server B for the first time, it should automatic creation
a user folder on the server.
Is it possible to do it, this way?
If so is there any one that help me.
I am interested to look at some working configuration files for samba
and proftpd....
Regards
Micke
14 years, 9 months
RE: [389-users] Fedora DS with virtual machines
by Nick Gresham
Thanks for the responses.
We currently have 5GB on disk. I suspect this will increase (with
corresponding increase in mem usage) as we want to increase our
indexing to address some performance issues - mainly by increasing
nsslapd-allidsthreshold and tweaking the cache sizes.
Cheers
Nick
On 15/07/2009, at 2:00 AM, lbigum(a)iseek.com.au wrote:
> I wouldn't think you'd need much more RAM over the size of your LDAP
> database files, so unless you've got 8GB of LDAP information, 8GB of
> RAM sounds a lot to me. Our LDAP database is only about 40MB, which
> is close to the RAM usage of the VE.
14 years, 9 months
SSL timeouts
by Ian Hayes
I have a Directory server with a read-only replication partner. The servers
and all my client workstations are set to use TLS for commuication, and the
clients are set up with with both hostnames in /etc/ldap.conf.
During a recent maintenace period, we noticed that if we take down the
primary server, it takes 5 minutes for the clients to realize the primary is
down, and to switch over to the backup sever. I'm assuming this is due to
the 300 second timeout for the TLS session. Is there a way to shorten this
to a more acceptable time?
14 years, 9 months
trouble with admin access
by Maurizio Marini
i have played with password syntax, enabling and disabling and restarting each time dirsrv,
until i was not able to see anything in the directory tree
then, i logged off by admin console and when i try to access again i see
Cannot connect to directory server:
netscape.ldap.LDAPException: error result(49): password expired!; Invalid Credentials
i followed Rich suggestion and i read this:
http://directory.fedoraproject.org/wiki/Howto:AdminServerLDAPMgmt
but i cannot find anything o=netscaperoot related:
/usr/bin/ldapsearch -x -b o=netscaperoot -D "cn=directory manager" -w xxxx "objectclass=nsAdminConfig"
# extended LDIF
#
# LDAPv3
# base <o=netscaperoot> with scope subtree
# filter: objectclass=nsAdminConfig
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
so admin config was lost? can i recover in same way?
should i reinstall again?
tia
-m
14 years, 9 months
Console error from Winsrv 2003
by Prashanth Sundaram
Hi All,
I am trying to access the FDS using Java mgmt. console installed on Windows
Server 2003. There was a similar case posted before, but I mine differs as I
have not changed any hostname.
https://www.redhat.com/archives/fedora-directory-users/2008-February/msg0023
0.html
Error Message:
--------------------------------------------
³Initialization Failure
Cannot connect to the directory server ldap://fedorads-lin.fedorads.net:389
LDAP Error: failed to connect to server ldap://fedorads-lin.fedorads.net:389
Would you like to attempt to restart the Directory Server?²
--------------------------------------------
System: Fedora 11 and FedoraDS 1.1.3, Selinux and Firewall disabled
Winserver 2003 and FedoraConsole 20090403.msi. Also has DNS, DHCP, DC and AD
roles. I have NAT enabled on this machine, so the firewall is disabled.
Installation: I had everything default and the hostname is
fedorads-lin(never changed). The mgmt. console works fine on Unix box.
Console details: User: cn=Directory Manager, Pass:** , URL:
http://192.178.1.12:9830
Test conducted: I am able to ping fedorads-lin via IP and DN(DNS is fine).
Disabled Firewall and SElinux on FDS box. Checked Name resolution, fine.
Suspected Problem: Previously when firewall was enabled, I got a different
message like server is not running..... So I am sure it is able to connect
to the FDS but just not initializing.
Any ideas??
Thanks,
Prashanth
14 years, 9 months
to avoid reinstalling again
by Maurizio Marini
Afetr loosing netscape root, I have tried to restore backup of this morning at
4 o'clock, yestarday and sunday, without any successs.
I wnder you if saving with rsync or tar or wichever
/var/lib/dirsrv/slapd-pdc/db
/etc/dirsrv
i could avoids reinstalling everything.
As far as I can see, all data are there, conf are /etc/dirsrv, saving in a
binary fashion these 2 dirs can be sufficient to restore excatly as it was 1 day
before
tia
-m
14 years, 9 months
several samba servers with multimaster replication
by muzzol
hi,
i've configured 3 FDS servers with multimaster replication and 1 samba
in the "A" node.
B and C nodes will be located at different sites and connected through
vpn links.
i need samba on B and C nodes but im not sure if i must configure them
as PDCs, BDCs or just regular file servers feeding from FDS database.
is anyone using a similar setup?
regards,
muzzol
--
========================
^ ^
O O
(_ _)
muzzol(a)muzzol.com
========================
jabber id: muzzol(a)jabber.dk
========================
No atribueixis qualitats humanes als ordinadors.
No els hi agrada.
========================
"El gobierno español sólo habla con terroristas, homosexuales y
catalanes, a ver cuando se decide a hablar con gente normal"
Jiménez Losantos
========================
<echelon spamming>
bomb terrorism bush aznar teletubbies
</echelon spamming>
14 years, 9 months
FDS authentication through AD
by Prashanth Sundaram
Dear All,
I would like to build a system where the FDS authentication is delegated to
Active Directory. I do not want the password to be stored in FDS or Synced
using PassSync.msi.
I am asking the community if anyone has come this way? I am trying to put
together the pieces of this puzzle with PAM, Pass-through Authentication,
Winbind, Windows ADAM and ADFS, Samba etc.
I would like to get some comments and see if this can be achieved without
modifying the code.(As Rich mentioned: ³what type of PAM stack to use to
authenticate to AD²)
Anyone interested in working along me or correct me at stages of
implementation?
Note: I have couple of posts in today¹s thread with feedback from Rich
Megginson and Nathan Kinder. This post is to seek problems someone might
have faced and work together.
Thanks
Prashanth
14 years, 9 months