[389-users] DNA plugin woes on a fresh centos-DS 8.1 install
Daniel Maher
dma+389users at witbe.net
Tue Apr 13 15:21:29 UTC 2010
Hello,
First off, my apologies if this is not an appropriate forum for asking
questions related to the CentOS Directory Server. The 389-users
archives contain numerous messages related to this platform, so...
The situation : fresh install of CentOS 5.4 x86_64, installed the DS via
yum from the standard repos :
# yum install centos-ds centos-ds-base nss_ldap
The DS is up and running. I can create groups and users, run queries,
and so forth. I followed the following procedure to enable the DNA plugin :
Main menu of Directory Server
TAB: Servers and Applications
<domain> -> <server> -> Server Group -> Directory Server
TAB: Configuration
<server> -> Plug-ins -> Distributed Numeric Assignment
[X] Enable plug-in
Save
I then dutifully restarted DS afterwards.
Finally, in the user creation menu, in the Posix User section, i checked
Enable Posix User Attributes, but none of the fields were auto-populated.
Initially, i tried adding the following ldif (i realise this is for the
Fedora DNS, but hey, i thought it'd be worth a shot) :
http://cvs.fedoraproject.org/viewvc/ldapserver/ldap/servers/plugins/dna/posix.ldif?view=co&root=dirsec
Unsurprisingly (?), this did not work :
ldap_add: DSA is unwilling to perform
ldap_add: additional info: Not a valid DNA configuration entry.
I read through a number of items on the subject, including the following
notable items :
http://www.directory.fedora.redhat.com/wiki/DNA_Plugin
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/dna.html
In section 3.6.3.1 of the Red Hat document it outlines the steps to
activate the plug-in. Steps 1 and 2 appear to have already been
executed by the graphical manager, as the necessary changes are present
in the configuration file :
/etc/dirsrv/<server>/dse.ldif
I attempted to perform step 3 (with appropriate modifications to the
dc's). This did not work :
adding new entry cn=Account UIDs,cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config
ldap_add: DSA is unwilling to perform
ldap_add: additional info: Not a valid DNA configuration entry.
(It may be worth noting that the screenshot they include at the base of
that page bears absolutely no resemblance to that of the actual plugin.)
My questions are :
1. Is the expected behaviour of the DNA plug-in to auto-populate the
Posix fields ?
2a. If so, how can i properly activate this functionality ?
2b. If not, does this functionality exist ? And as a corollary, what is
the DNA plug-in for, exactly ?
3. Should i, in fact, be attempting to use the Fedora DS offering
instead of that included in CentOS ? (I.e. is it « better » ?)
I am happy to provide any logs, debug output, configuration elements, etc..
Thank you for your kind consideration, and keep up the great work !
--
Daniel Maher <dma + 389users AT witbe DOT net>
More information about the 389-users
mailing list