FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 08-11-2008, 09:36 AM
"Kashif Ali"
 
Default ObjectClass PosixGroup + UID/GID auto-generation

Hello All,

After spending a long weekend, configuring Fedora-DS to have central autentication + Central home dirs, I now have two issues which I would like to know if anyone can help me with.

1) Currently when adding a new user, I have to manually goto advanced options and add a value called posixgroup to the object class, this is so that groupID have a name and you dont see the error GroupID name not found when logging onto a box. Is there anyway to update the default user template, so that, when you enable posixaccount, posixgroup objectclass is automatically added? thus removing the manual process?


2) Is there anyway to get the directory server generate UNIQUE UID/GID based on last uid created. Ideally I would like the range to start from 5000 and finish at 8000. The automatic procedure would just use the next available uid/gid in the list, again removing the need for the user to check and make sure the id is unique.


any help with either of these issues would be much appreciated.

Regards

Kashif

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 08-11-2008, 11:00 AM
solarflow99
 
Default ObjectClass PosixGroup + UID/GID auto-generation

On 8/11/08, Kashif Ali <snake007uk@gmail.com> wrote:

Hello All,

After spending a long weekend, configuring Fedora-DS to have central autentication + Central home dirs, I now have two issues which I would like to know if anyone can help me with.


1) Currently when adding a new user, I have to manually goto advanced options and add a value called posixgroup to the object class, this is so that groupID have a name and you dont see the error GroupID name not found when logging onto a box. Is there anyway to update the default user template, so that, when you enable posixaccount, posixgroup objectclass is automatically added? thus removing the manual process?

*
This is in the FDS console you are talking about right?* This would be nice to have, but I guess unless you can change the java code, its still less flexible in this way.* Often people will use a different front end such as ldapadmin, while the FDS console is preferred for controlling replication, etc.



2) Is there anyway to get the directory server generate UNIQUE UID/GID based on last uid created. Ideally I would like the range to start from 5000 and finish at 8000. The automatic procedure would just use the next available uid/gid in the list, again removing the need for the user to check and make sure the id is unique.

*
*
It looks like most front ends favour choosing a random one, then require you to set it manually to what you want.* This is to avoid possible conflicts without having to build in a way to check for this, I*agree it should be an available option though.

http://sourceforge.net/forum/forum.php?thread_id=1965645&forum_id=305548&abmode =1
*
*


any help with either of these issues would be much appreciated.

Regards

Kashif
*
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-directory-users




--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 08-11-2008, 11:35 AM
"Kashif Ali"
 
Default ObjectClass PosixGroup + UID/GID auto-generation

Yes I was talking about FDS

Well atleast I can hope that more people want these features so they get added in .

I have created a wiki article on the installation if anyone is interested.


http://wiki.unixcraft.com/display/MainPage/Fedora+Directory+Server


2008/8/11 solarflow99 <solarflow99@gmail.com>




On 8/11/08, Kashif Ali <snake007uk@gmail.com> wrote:

Hello All,

After spending a long weekend, configuring Fedora-DS to have central autentication + Central home dirs, I now have two issues which I would like to know if anyone can help me with.



1) Currently when adding a new user, I have to manually goto advanced options and add a value called posixgroup to the object class, this is so that groupID have a name and you dont see the error GroupID name not found when logging onto a box. Is there anyway to update the default user template, so that, when you enable posixaccount, posixgroup objectclass is automatically added? thus removing the manual process?


*
This is in the FDS console you are talking about right?* This would be nice to have, but I guess unless you can change the java code, its still less flexible in this way.* Often people will use a different front end such as ldapadmin, while the FDS console is preferred for controlling replication, etc.




2) Is there anyway to get the directory server generate UNIQUE UID/GID based on last uid created. Ideally I would like the range to start from 5000 and finish at 8000. The automatic procedure would just use the next available uid/gid in the list, again removing the need for the user to check and make sure the id is unique.


*
*
It looks like most front ends favour choosing a random one, then require you to set it manually to what you want.* This is to avoid possible conflicts without having to build in a way to check for this, I*agree it should be an available option though.


http://sourceforge.net/forum/forum.php?thread_id=1965645&forum_id=305548&abmode =1

*
*


any help with either of these issues would be much appreciated.

Regards

Kashif
*
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com


https://www.redhat.com/mailman/listinfo/fedora-directory-users





--

Fedora-directory-users mailing list

Fedora-directory-users@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-directory-users




--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 08-11-2008, 07:38 PM
"Ryan Braun [ADS]"
 
Default ObjectClass PosixGroup + UID/GID auto-generation

On Monday 11 August 2008 11:35, Kashif Ali wrote:

I use perl for most of my user management, and I grabbed this idea from one
of the samba-ldap helper scripts, could be from idealx not too sure really.

But basically, you just create an object that holds 2 values. The current
available UID and GID. Then your perl script queries ldap for that object,
uses the available UID, then increments it and writes it back to ldap.

Something like

# grab it from ldap
$mesg = $ldap->search(filter=>"(objectClass=UnixIdPool)",
base=>"ou=Special Users,$config{BASE_DN}",
attrs=> ['uidNumber'],
);
$config{NextID} = $mesg->entry(0)->get_value('uidNumber');

# update nextfreeid attribute
$mesg = $ldap->modify("cn=idPool,ou=Special Users,$config{BASE_DN}", replace
=> { "uidNumber" => $config{NextID}+1 } );

Here is the schema I use for the object.

objectClasses: ( UnixIdPool-oid NAME 'UnixIdPool' SUP top STRUCTURAL MUST ( cn
$ gidNumber $ uidNumber ) X-ORIGIN 'user defined' )

Ryan


> Yes I was talking about FDS
>
> Well atleast I can hope that more people want these features so they get
> added in .
>
> I have created a wiki article on the installation if anyone is interested.
>
> http://wiki.unixcraft.com/display/MainPage/Fedora+Directory+Server
>
>
> 2008/8/11 solarflow99 <solarflow99@gmail.com>
>
> > On 8/11/08, Kashif Ali <snake007uk@gmail.com> wrote:
> >> Hello All,
> >>
> >> After spending a long weekend, configuring Fedora-DS to have central
> >> autentication + Central home dirs, I now have two issues which I would
> >> like to know if anyone can help me with.
> >>
> >> 1) Currently when adding a new user, I have to manually goto advanced
> >> options and add a value called posixgroup to the object class, this is
> >> so that groupID have a name and you dont see the error GroupID name not
> >> found when logging onto a box. Is there anyway to update the default
> >> user template, so that, when you enable posixaccount, posixgroup
> >> objectclass is automatically added? thus removing the manual process?
> >
> > This is in the FDS console you are talking about right? This would be
> > nice to have, but I guess unless you can change the java code, its still
> > less flexible in this way. Often people will use a different front end
> > such as ldapadmin, while the FDS console is preferred for controlling
> > replication, etc.
> >
> > 2) Is there anyway to get the directory server generate UNIQUE UID/GID
> >
> >> based on last uid created. Ideally I would like the range to start from
> >> 5000 and finish at 8000. The automatic procedure would just use the next
> >> available uid/gid in the list, again removing the need for the user to
> >> check and make sure the id is unique.
> >
> > It looks like most front ends favour choosing a random one, then require
> > you to set it manually to what you want. This is to avoid possible
> > conflicts without having to build in a way to check for this, I agree it
> > should be an available option though.
> >
> > http://sourceforge.net/forum/forum.php?thread_id=1965645&forum_id=305548&
> >abmode=1
> >
> >
> >
> > any help with either of these issues would be much appreciated.
> >

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 08-13-2008, 07:42 AM
"Kashif Ali"
 
Default ObjectClass PosixGroup + UID/GID auto-generation

how would you search for the next value? I.e search all UID/GID and show you the results, I could then sort them and work out which number should be next?

2008/8/12 Michael Ströder <michael@stroeder.com>

Ryan Braun [ADS] wrote:


On Monday 11 August 2008 11:35, Kashif Ali wrote:



But basically, *you just create an object that holds 2 values. *The current available UID and GID. *Then your perl script queries ldap for that object, *uses the available UID, *then increments it and writes it back to ldap.



> [..]


$mesg = $ldap->modify("cn=idPool,ou=Special Users,$config{BASE_DN}", replace => { "uidNumber" => $config{NextID}+1 } );




FWIW the original idea was different: For this to work reliably with multiple instances generating IDs from the same ID pool entry you have to explicitly delete the old value and add the new one. If the ID was already incremented by another process the old value was already replaced and the modify request fails.




Ciao, Michael.



--

Fedora-directory-users mailing list

Fedora-directory-users@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-directory-users



--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 

Thread Tools




All times are GMT. The time now is 02:53 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org