<div>The way I have set it up, using <a href="http://domain.org">domain.org</a>, that host is accessible - when <a href="http://domain.org">domain.org</a> is contacted, it forwards it to the server. So just like I am able to ssh into the server itself by contacting <a href="http://domain.org">domain.org</a> and getting the port forwarded to itself, it does have access to itself via the domain. So I am not using <a href="http://ldap.domain.org">ldap.domain.org</a>, just <a href="http://domain.org">domain.org</a></div>
<div><br>>You should use dc=domain,dc=org for your user and group entries.</div>
<div>Thanks Rich, I will add that (if it lets me).</div>
<div> </div>
<div>nick</div>
<div class="gmail_quote">On Fri, Feb 29, 2008 at 10:30 AM, Rich Megginson <<a href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>
<div></div>
<div class="Wj3C7c">Nick P wrote:<br>> I am trying to install and configure my first FDS, and first LDAP<br>> server. I have spent many hours with little fruit so far. Currently,<br>> I am receiving an error at the end of the setup-ds-admin script:<br>
> [08/02/29:02:37:41] - [Setup] Fatal Could not register the directory<br>> server with the configuration directory server.<br>><br>> The error is similar to what is described in this bug:<br>> <a href="https://bugzilla.redhat.com/show_bug.cgi?id=431103" target="_blank">https://bugzilla.redhat.com/show_bug.cgi?id=431103</a>. However, my<br>
> configuration directory is _not_ on another host. I answered 'no' to<br>> the question of whether I would be registering with a current<br>> configuration server. I don't know if the solution presented there<br>
> would work - I am forwarding a port to the server, and do not have a<br>> <a href="http://hostname.domain.org/" target="_blank">hostname.domain.org</a> to use there. I have had trouble adding entries,<br>> so if I added them and it didn't fix the problem, I would not know if<br>
> the solution failed or if I failed to add the entries properly. The<br>> server is NAT'ed and receiving a forwarded port. so I have been using<br>> <a href="http://mydomain.org/" target="_blank">mydomain.org</a> for the servername and identifying the port that gets<br>
> forwarded.<br>><br>> If you can help me make some sense of this, I would very much<br>> appreciate it. If the workaround in the bug above is the answer,<br>> could you address my specific situation of not having a FQDN with a<br>
> host and everything - how will this effect the entries? After failing<br>> to add entries with success many times I have started to use a windows<br>> client, Ldapadmin - could I use this, if the work around is the<br>
> solution? Should the entries go in o=netscaperoot or dc=domain,dc=org<br>> ?<br>><br></div></div>You should use dc=domain,dc=org for your user and group entries.<br>
<div class="Ih2E3d">> I am also including a portion of the log file that was created during<br>> the installation. Is there anything here that shows what the root of<br>> the problem is?<br>><br></div>I think the problem is that the setup script assumes that if you want<br>
the server to use hostname <a href="http://ldap.domain.org/" target="_blank">ldap.domain.org</a> then the hostname<br><a href="http://ldap.domain.org/" target="_blank">ldap.domain.org</a> must be available to resolve to the setup program. I<br>
suppose an enhancement to setup would be to allow you to specify the<br>hostname you want the client requests to use, and the hostname you want<br>the setup program to use internally to connect to and set up the server.<br>
<div>
<div></div>
<div class="Wj3C7c">> Thanks,<br>><br>> Nick<br>><br>> --------------------<br>><br>> +Entry cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences,<br>> ou=admin, o=NetscapeRoot is added<br>> +++check_and_add_entry: Entry not found cn=defaultplugin,<br>
> cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,<br>> o=NetscapeRoot error No such object<br>> +Entry cn=defaultplugin, cn=topologyplugin, ou=1.1, ou=Admin,<br>> ou=Global Preferences, ou=admin, o=NetscapeRoot is added<br>
> +++check_and_add_entry: Entry not found cn=UI,ou=1.1, ou=Admin,<br>> ou=Global Preferences, ou=admin, o=NetscapeRoot error No such object<br>> +Entry cn=UI,ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,<br>
> o=NetscapeRoot is added<br>> +Processing /usr/share/dirsrv/data/12dsconfig.mod.tmpl ...<br>> +++check_and_add_entry: Found entry cn=config<br>> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>
> "Configuration Administrators Group"; allow (all)<br>> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,<br>> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=config<br>> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>
> "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,<br>> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";) to entry<br>> cn=config<br>> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE<br>
> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora<br>> Directory Server, cn=Server Group, cn=server, ou=admin,<br>> o=NetscapeRoot";) to entry cn=config<br>> +++check_and_add_entry: Found entry cn=SNMP,cn=config<br>
> +++Adding attr=aci<br>> value=(target="ldap:///cn=SNMP,cn=config")(targetattr !="aci")(version<br>> 3.0;acl "snmp";allow (read, search, compare)(userdn =<br>> "ldap:///anyone");) to entry cn=SNMP,cn=config<br>
> +++check_and_add_entry: Found entry<br>> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config<br>> +++Adding attr=aci value=(targetattr != "aci")(version 3.0; acl "VLV<br>> Request Control"; allow( read, search, compare, proxy ) userdn =<br>
> "ldap:///all";) to entry<br>> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config<br>> +Processing /usr/share/dirsrv/data/13dsschema.mod.tmpl ...<br>> +++check_and_add_entry: Found entry cn=schema<br>
> +++Adding attr=aci value=(target="ldap:///cn=schema")(targetattr<br>> !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search,<br>> compare) userdn = "ldap:///anyone";) to entry cn=schema<br>
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>> "Configuration Administrators Group"; allow (all)<br>> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,<br>> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=schema<br>
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl<br>> "Configuration Administrator"; allow (all)<br>> userdn="ldap:///uid=admin,ou=Administrators, ou=TopologyManagement,<br>> o=NetscapeRoot";) to entry cn=schema<br>
> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE<br>> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora<br>> Directory Server, cn=Server Group, cn=server, ou=admin,<br>
> o=NetscapeRoot";) to entry cn=schema<br>> +Processing /usr/share/dirsrv/data/14dsmonitor.mod.tmpl ...<br>> +++check_and_add_entry: Found entry cn=monitor<br>> +++Adding attr=aci value=(target ="ldap:///cn=monitor*")(targetattr !=<br>
> "aci || connection")(version 3.0; acl "monitor"; allow( read, search,<br>> compare ) userdn = "ldap:///anyone";) to entry cn=monitor<br>> +Processing /usr/share/dirsrv/data/16dssuffixadmin.mod.tmpl ...<br>
> +++check_and_add_entry: Entry not found dc=hpconnect,dc=org error No such object<br>> Could not authenticate as user 'uid=admin, ou=Administrators,<br>> ou=TopologyManagement, o=NetscapeRoot' to server<br>
> 'ldap://server:46645/o=NetscapeRoot'. Error: Invalid credentials<br>> Could not register the directory server with the configuration directory server.<br>><br>><br>> -----------------------------------------------<br>
><br></div></div>> --<br>> Fedora-directory-users mailing list<br>> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
><br><br><br>--<br>Fedora-directory-users mailing list<br><a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br><a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
<br></blockquote></div><br>