FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 07-17-2008, 02:39 PM
Rich Megginson
 
Default password sync documentation

omight wrote:

Hi,
I'm trying to follow the documentation to setup synchronisation to
windows active directory.
>From the documentation:
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Windows_Sync-Configuring_Windows_Sync.html
Quote:
2. Create a new cert8.db and key.db using certutil.exe on the Password
Sync machine.
certutil.exe -d . -N
ln -s slapd-serverID-cert8.db cert8.db
ln -s slapd-serverID-key3.db key3.db
If I execute that in a new directory:
# certutil.exe -d . -N
# ln -s slapd-rhds-cert8.db cert8.db
ln: creating symbolic link `cert8.db' to `slapd-rhds-cert8.db': File exists

I don't follow why the ln -s should be executed? Why not start with part 3:
On the Directory Server, export the server certificate using pk12util.
pk12util -d . -o servercert.pfx -n Server-Cert

Yes. It looks like that section of the docs has not been updated for
RHDS 8.0/Fedora DS 1.1. The key/cert db do not have a prefix anymore,
so the ln -s step should be omitted.

Because SSL is already configured on this linux machine, so I guess I
can use the server-cert from that cert8.db?
Can someone clarify/confirm this? Thanks!

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 07-17-2008, 06:31 PM
lingu
 
Default password sync documentation

HI,

*Instead of creating symbolic links u can create all certificates in one directory and copy into the directory instance directory.For example copy all certficates inito /etc/dirsrv/slapd-xxx/.If any file is already existing it will ask u for overwrite* while copying tell yes to all.


Recently i implemented the user and pass sync from windows 2003 AD box.If you have any query mail me back.


Regards
lingu

On Thu, Jul 17, 2008 at 4:49 PM, omight <omight@gmail.com> wrote:

Hi,

I'm trying to follow the documentation to setup synchronisation to

windows active directory.

>From the documentation:

http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Windows_Sync-Configuring_Windows_Sync.html


Quote:

2. Create a new cert8.db and key.db using certutil.exe on the Password

Sync machine.

certutil.exe -d . -N

ln -s slapd-serverID-cert8.db cert8.db

ln -s slapd-serverID-key3.db key3.db


If I execute that in a new directory:

# certutil.exe -d . -N

# ln -s slapd-rhds-cert8.db cert8.db

ln: creating symbolic link `cert8.db' to `slapd-rhds-cert8.db': File exists



I don't follow why the ln -s should be executed? Why not start with part 3:

On the Directory Server, export the server certificate using pk12util.

pk12util -d . -o servercert.pfx -n Server-Cert



Because SSL is already configured on this linux machine, so I guess I

can use the server-cert from that cert8.db?

Can someone clarify/confirm this? Thanks!



--

Fedora-directory-users mailing list

Fedora-directory-users@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 

Thread Tools




All times are GMT. The time now is 02:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org