[389-users] DNA plugin woes on a fresh centos-DS 8.1 install

Daniel Maher dma+389users at witbe.net
Tue Apr 13 15:21:29 UTC 2010


Hello,

First off, my apologies if this is not an appropriate forum for asking 
questions related to the CentOS Directory Server.  The 389-users 
archives contain numerous messages related to this platform, so...

The situation : fresh install of CentOS 5.4 x86_64, installed the DS via 
yum from the standard repos :
# yum install centos-ds centos-ds-base nss_ldap

The DS is up and running.  I can create groups and users, run queries, 
and so forth.  I followed the following procedure to enable the DNA plugin :

Main menu of Directory Server
TAB: Servers and Applications
<domain> -> <server> -> Server Group -> Directory Server
TAB: Configuration
<server> -> Plug-ins -> Distributed Numeric Assignment
[X] Enable plug-in
Save

I then dutifully restarted DS afterwards.

Finally, in the user creation menu, in the Posix User section, i checked 
Enable Posix User Attributes, but none of the fields were auto-populated.

Initially, i tried adding the following ldif (i realise this is for the 
Fedora DNS, but hey, i thought it'd be worth a shot) :
http://cvs.fedoraproject.org/viewvc/ldapserver/ldap/servers/plugins/dna/posix.ldif?view=co&root=dirsec

Unsurprisingly (?), this did not work :
ldap_add: DSA is unwilling to perform
ldap_add: additional info: Not a valid DNA configuration entry.

I read through a number of items on the subject, including the following 
notable items :
http://www.directory.fedora.redhat.com/wiki/DNA_Plugin
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/dna.html

In section 3.6.3.1 of the Red Hat document it outlines the steps to 
activate the plug-in.  Steps 1 and 2 appear to have already been 
executed by the graphical manager, as the necessary changes are present 
in the configuration file :
/etc/dirsrv/<server>/dse.ldif

I attempted to perform step 3 (with appropriate modifications to the 
dc's).  This did not work :
adding new entry cn=Account UIDs,cn=Distributed Numeric Assignment 
Plugin,cn=plugins,cn=config
ldap_add: DSA is unwilling to perform
ldap_add: additional info: Not a valid DNA configuration entry.

(It may be worth noting that the screenshot they include at the base of 
that page bears absolutely no resemblance to that of the actual plugin.)

My questions are :
1. Is the expected behaviour of the DNA plug-in to auto-populate the 
Posix fields ?
2a. If so, how can i properly activate this functionality ?
2b. If not, does this functionality exist ?  And as a corollary, what is 
the DNA plug-in for, exactly ?
3. Should i, in fact, be attempting to use the Fedora DS offering 
instead of that included in CentOS ?  (I.e. is it « better » ?)

I am happy to provide any logs, debug output, configuration elements, etc..

Thank you for your kind consideration, and keep up the great work !


-- 
Daniel Maher <dma + 389users AT witbe DOT net>



More information about the 389-users mailing list