FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 08-29-2008, 04:27 AM
"Richard Sharpe"
 
Default Access control and best practices etc ...

Hi,

I have set up Fedora Directory Services (albeit, on CentOS 5.2).

Then I set up some PosixAccounts and they all work.

Then I wanted to add the sambaSamAccount attribute using the
smbldap-usermod tool from the Idealx site, but I keep getting told
that I don't have 'write' privilege to add the attribute for the user
I selected.

Now, I set up the binddn as cn=Directory Manager and specified the
correct password.

What is going wrong?

Secondly, I suspect that using the Directory Manager is not a good
idea. Are there any links to documentation on best practice for this?

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 08-31-2008, 10:09 AM
 
Default Access control and best practices etc ...

Title: RE: [Fedora-directory-users] Access control and best practices etc ...









Richard,



Can you add the value to the attribute with the FDS consol ?





Ben.



-----Oorspronkelijk bericht-----

Van: fedora-directory-users-bounces@redhat.com namens Richard Sharpe

Verzonden: vr 29-8-2008 6:27

Aan: fedora-directory-users@redhat.com

Onderwerp: [Fedora-directory-users] Access control and best practices etc ...



Hi,



I have set up Fedora Directory Services (albeit, on CentOS 5.2).



Then I set up some PosixAccounts and they all work.



Then I wanted to add the sambaSamAccount attribute using the

smbldap-usermod tool from the Idealx site, but I keep getting told

that I don't have 'write' privilege to add the attribute for the user

I selected.



Now, I set up the binddn as cn=Directory Manager and specified the

correct password.



What is going wrong?



Secondly, I suspect that using the Directory Manager is not a good

idea. Are there any links to documentation on best practice for this?



--

Fedora-directory-users mailing list

Fedora-directory-users@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-directory-users








--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 
Old 08-31-2008, 04:33 PM
"Richard Sharpe"
 
Default Access control and best practices etc ...

On Sun, Aug 31, 2008 at 3:09 AM, <ben.van.veen@planet.nl> wrote:
>
> Richard,
>
> Can you add the value to the attribute with the FDS consol ?

Turns out my problem was a mis-configuration of smbldap.conf. I had
the wrong dn for Directory Manager.

I was able to use ldapmodify to add the attribute, and then increasing
the debugging output from the dirsrv daemon showed me what the problem
was.

However, I still suspect that it is good practice to create a separate
entity that all the Samba stuff can use to bind with.

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
 

Thread Tools




All times are GMT. The time now is 10:11 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org