The way I have set it up, using domain.org, that host is accessible - when domain.org is contacted, it forwards it to the server.  So just like I am able to ssh into the server itself by contacting domain.org and getting the port forwarded to itself, it does have access to itself via the domain.  So I am not using ldap.domain.org, just domain.org

>You should use dc=domain,dc=org for your user and group entries.
Thanks Rich, I will add that (if it lets me).
 
nick
On Fri, Feb 29, 2008 at 10:30 AM, Rich Megginson <rmeggins@redhat.com> wrote:
Nick P wrote:
> I am trying to install and configure my first FDS, and first LDAP
> server.  I have spent many hours with little fruit so far.  Currently,
> I am receiving an error at the end of the setup-ds-admin script:
> [08/02/29:02:37:41] - [Setup] Fatal Could not register the directory
> server with the configuration directory server.
>
> The error is similar to what is described in this bug:
> https://bugzilla.redhat.com/show_bug.cgi?id=431103.  However, my
> configuration directory is _not_ on another host.  I answered 'no' to
> the question of whether I would be registering with a current
> configuration server.  I don't know if the solution presented there
> would work - I am forwarding a port to the server, and do not have a
> hostname.domain.org to use there.  I have had trouble adding entries,
> so if I added them and it didn't fix the problem, I would not know if
> the solution failed or if I failed to add the entries properly.   The
> server is NAT'ed and receiving a forwarded port.  so I have been using
> mydomain.org for the servername and identifying the port that gets
> forwarded.
>
> If you can help me make some sense of this, I would very much
> appreciate it.  If the workaround in the bug above is the answer,
> could you address my specific situation of not having a FQDN with a
> host and everything - how will this effect the entries?  After failing
> to add entries with success many times I have started to use a windows
> client, Ldapadmin - could I use this, if the work around is the
> solution?  Should the entries go in o=netscaperoot or dc=domain,dc=org
> ?
>
You should use dc=domain,dc=org for your user and group entries.
> I am also including a portion of the log file that was created during
> the installation.  Is there anything here that shows what the root of
> the problem is?
>
I think the problem is that the setup script assumes that if you want
the server to use hostname ldap.domain.org then the hostname
ldap.domain.org must be available to resolve to the setup program.  I
suppose an enhancement to setup would be to allow you to specify the
hostname you want the client requests to use, and the hostname you want
the setup program to use internally to connect to and set up the server.
> Thanks,
>
> Nick
>
> --------------------
>
> +Entry cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences,
> ou=admin, o=NetscapeRoot is added
> +++check_and_add_entry: Entry not found cn=defaultplugin,
> cn=topologyplugin, ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,
> o=NetscapeRoot error No such object
> +Entry cn=defaultplugin, cn=topologyplugin, ou=1.1, ou=Admin,
> ou=Global Preferences, ou=admin, o=NetscapeRoot is added
> +++check_and_add_entry: Entry not found cn=UI,ou=1.1, ou=Admin,
> ou=Global Preferences, ou=admin, o=NetscapeRoot error No such object
> +Entry cn=UI,ou=1.1, ou=Admin, ou=Global Preferences, ou=admin,
> o=NetscapeRoot is added
> +Processing /usr/share/dirsrv/data/12dsconfig.mod.tmpl ...
> +++check_and_add_entry: Found entry cn=config
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrators Group"; allow (all)
> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,
> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=config
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,
> ou=Administrators, ou=TopologyManagement, o=NetscapeRoot";) to entry
> cn=config
> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE
> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora
> Directory Server, cn=Server Group, cn=server, ou=admin,
> o=NetscapeRoot";) to entry cn=config
> +++check_and_add_entry: Found entry cn=SNMP,cn=config
> +++Adding attr=aci
> value=(target="ldap:///cn=SNMP,cn=config")(targetattr !="aci")(version
> 3.0;acl "snmp";allow (read, search, compare)(userdn =
> "ldap:///anyone");) to entry cn=SNMP,cn=config
> +++check_and_add_entry: Found entry
> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
> +++Adding attr=aci value=(targetattr != "aci")(version 3.0; acl "VLV
> Request Control"; allow( read, search, compare, proxy ) userdn =
> "ldap:///all";) to entry
> oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
> +Processing /usr/share/dirsrv/data/13dsschema.mod.tmpl ...
> +++check_and_add_entry: Found entry cn=schema
> +++Adding attr=aci value=(target="ldap:///cn=schema")(targetattr
> !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search,
> compare) userdn = "ldap:///anyone";) to entry cn=schema
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrators Group"; allow (all)
> groupdn="ldap:///cn=Configuration Administrators, ou=Groups,
> ou=TopologyManagement, o=NetscapeRoot";) to entry cn=schema
> +++Adding attr=aci value=(targetattr="*")(version 3.0; acl
> "Configuration Administrator"; allow (all)
> userdn="ldap:///uid=admin,ou=Administrators, ou=TopologyManagement,
> o=NetscapeRoot";) to entry cn=schema
> +++Adding attr=aci value=(targetattr = "*")(version 3.0; acl "SIE
> Group"; allow (all) groupdn = "ldap:///cn=slapd-server, cn=Fedora
> Directory Server, cn=Server Group, cn=server, ou=admin,
> o=NetscapeRoot";) to entry cn=schema
> +Processing /usr/share/dirsrv/data/14dsmonitor.mod.tmpl ...
> +++check_and_add_entry: Found entry cn=monitor
> +++Adding attr=aci value=(target ="ldap:///cn=monitor*")(targetattr !=
> "aci || connection")(version 3.0; acl "monitor"; allow( read, search,
> compare ) userdn = "ldap:///anyone";) to entry cn=monitor
> +Processing /usr/share/dirsrv/data/16dssuffixadmin.mod.tmpl ...
> +++check_and_add_entry: Entry not found dc=hpconnect,dc=org error No such object
> Could not authenticate as user 'uid=admin, ou=Administrators,
> ou=TopologyManagement, o=NetscapeRoot' to server
> 'ldap://server:46645/o=NetscapeRoot'.  Error: Invalid credentials
> Could not register the directory server with the configuration directory server.
>
>
> -----------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>


--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users