I recently completed Redhats course on Directory Services and decided to setup a test deployment using Fedora. In the course of doing this I came across a couple of issues that I need to answer before I could use Directory as a valid authentication system.
1) The web interface appears to create/handle group entrys different from those migrated from the local files using the Redhat class altered paddle scripts. From the class I remember changing the 'group' schema to 'groups'. End result, is there a way to create/manage 'groups' schema entries using the Directory web page that match those created when my existing /etc/group was migrated using the altered paddle scripts. If not, why does Redhat suggest this change in their class?
2) Is there a way that the Directory web page can be used to create new user accounts that include an autogen uid and gid? Currently it appears to create a new user with all the posix data turned off. This is fine from a management position as long as a uid generator exist to keep me safe from producing duplicate uid/gid numbers.
Any help is appreciated. Best Regards, JD
Deas, Jim wrote:
I recently completed Redhats course on Directory Services and decided to setup a test deployment using Fedora. In the course of doing this I came across a couple of issues that I need to answer before I could use Directory as a valid authentication system.
What did you think about the course?
- The web interface appears to create/handle group entrys different
from those migrated from the local files using the Redhat class altered paddle scripts. From the class I remember changing the 'group' schema to 'groups'. End result, is there a way to create/manage 'groups' schema entries using the Directory web page that match those created when my existing /etc/group was migrated using the altered paddle scripts. If not, why does Redhat suggest this change in their class?
The web interface is not meant to be a full-blown user management solution. You'd do much better with something like phpldapadmin, or writing your own command line tools.
- Is there a way that the Directory web page can be used to create new
user accounts that include an autogen uid and gid? Currently it appears to create a new user with all the posix data turned off. This is fine from a management position as long as a uid generator exist to keep me safe from producing duplicate uid/gid numbers.
I wrote a user addition script which supports uid uniqueness checking for manually specified uids, as well as auto incrementing of uid if desired (does a search, sorts the uid list, and adds 1).
http://www.netauth.com/~jacksonm/ldap/newuser.pl
Just edit the configuration section to match your setup, and you're all set.
NOTE that this is not a very advanced tool, but the price is right :-) I have written some very advanced ones, but they are not open source...
BR, Mike
I am a newbie to Fedora DS. Is there anyone (or site) out there that can walk me through the steps needed?
-----Original Message----- From: fedora-directory-devel-bounces@redhat.com [mailto:fedora-directory-devel-bounces@redhat.com] On Behalf Of Mike Jackson Sent: Friday, July 21, 2006 12:07 PM To: Fedora Directory server developer discussion. Subject: Re: [Fedora-directory-devel] General use questions and diffs fromNetscape
Deas, Jim wrote:
I recently completed Redhats course on Directory Services and decided
to
setup a test deployment using Fedora. In the course of doing this I
came
across a couple of issues that I need to answer before I could use Directory as a valid authentication system.
What did you think about the course?
- The web interface appears to create/handle group entrys different
from those migrated from the local files using the Redhat class
altered
paddle scripts. From the class I remember changing the 'group' schema
to
'groups'. End result, is there a way to create/manage 'groups' schema entries using the Directory web page that match those created when my existing /etc/group was migrated using the altered paddle scripts. If not, why does Redhat suggest this change in their class?
The web interface is not meant to be a full-blown user management solution. You'd do much better with something like phpldapadmin, or writing your own command line tools.
- Is there a way that the Directory web page can be used to create
new
user accounts that include an autogen uid and gid? Currently it
appears
to create a new user with all the posix data turned off. This is fine from a management position as long as a uid generator exist to keep me safe from producing duplicate uid/gid numbers.
I wrote a user addition script which supports uid uniqueness checking for manually specified uids, as well as auto incrementing of uid if desired (does a search, sorts the uid list, and adds 1).
http://www.netauth.com/~jacksonm/ldap/newuser.pl
Just edit the configuration section to match your setup, and you're all set.
NOTE that this is not a very advanced tool, but the price is right :-) I
have written some very advanced ones, but they are not open source...
BR, Mike
Deas, Jim wrote:
I recently completed Redhats course on Directory Services and decided to setup a test deployment using Fedora. In the course of doing this I came across a couple of issues that I need to answer before I could use Directory as a valid authentication system.
- The web interface appears to create/handle group entrys different
from those migrated from the local files using the Redhat class altered paddle scripts. From the class I remember changing the 'group' schema to 'groups'. End result, is there a way to create/manage 'groups' schema entries using the Directory web page that match those created when my existing /etc/group was migrated using the altered paddle scripts. If not, why does Redhat suggest this change in their class?
Hmm - looks like we need to add support for posix groups to the ds gateway . . .
- Is there a way that the Directory web page can be used to create new
user accounts that include an autogen uid and gid? Currently it appears to create a new user with all the posix data turned off. This is fine from a management position as long as a uid generator exist to keep me safe from producing duplicate uid/gid numbers.
There is no uid/gid number generator.
Any help is appreciated. Best Regards, JD
-- Fedora-directory-devel mailing list Fedora-directory-devel@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-devel
389-devel@lists.fedoraproject.org