Re: [389-users] Want to change the hostname of my 389-box. Is there an easy way to fix the cert?

If you have toruble with the script, try this: 1. Produce the new DS server certificate: certutil -S -n "DS_Server_cert_label" -s "cn=myhost.myorg.example.com” -c “AC_cert_label” -t “u,u,u” -m 1001 -v 120 -d . -k rsa -f /etc/dirsrv/slapd-myhost/pwdfile.txt 2. Export it to p12 format: pk12uti

Re: [389-users] groupOfURLS, groupOfUniqueNames, and memberURL issues

Let me get your idea right. You want to use static and dynamic group as the same time as 1 group? Greg. 17 wrz 2012 21:03, "Nick Cappelletti" napisał(a): > Hello Everyone, > > I've been banging my head against this one for a few hours and was hoping > for some input. I have a group: > > dn: cn=

Re: [389-users] 389 DS Achitecture for Multiple Sites

In red hat docs you may find some scenarios. Your approach seems ok. The only question in my opinion is how big redundancy you need. Lets say that master1 fails. Is this situation problematic for your datacenter? If yes, then you should consider adding two more ldap servers. They can act as master

Re: [389-users] Want to change the hostname of my 389-box. Is there an easy way to fix the cert?

I guess you used script on fedora site to create certs? I am not sure about CA cert. This may require changing too becuse it may have your old fqdn in cn field. Base on this it seems that easiest way may be using th script again. Greg. 18 wrz 2012 11:09, "Ray" napisał(a): > Hi, > > I am running

Re: [389-users] ACI and authenticating clients/servers

You can create ACI on ou=Groups,dc=domain,dc=com. This ACI can deny search, compare, read of ou=Sales. All ldap clients included in target of this ACI will not see your sales OU. This can be targeted to some users and annonymous bind. Pls look in red hat docs: red hat directory server admin guide.

[389-users] Want to change the hostname of my 389-box. Is there an easy way to fix the cert?

Hi, I am running a 389 box with TLS enabled. Now I would like to change the hostname, which would render the current certificate invalid. Is there an easy way to create a new certificate with the new hostname? Cheers, Ray -- 389 users mailing list 389-users@lists.fedoraproject.org https://a

Re: [389-users] User management on 389 console

You could use shell script to add user. Create template ldif and fill it with bash script. Next run ldapadd in script. The only way I can think of to change behavior of admin console will require change in sources. Hope this helps. Greg. 18 wrz 2012 10:58, "Alberto Suárez" napisał(a): > Hi, > >

[389-users] ACI and authenticating clients/servers

Hi, First big thanks for all people developing and maintaining 389ds! I've been learning LDAP for a while and one question which I haven't been able to figure out. There are bunch of Debian servers authenticating against 389ds. I started with anonymous bind to get the basic setup working. No