<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
I'm a firm believer that it's never a good idea to shut off security
features to get things working. Significant improvements in the SELinux
administrative and troubleshooting tools make it much easier to get
that working properly without having to disable it.<br>
<br>
As for iptables, I think it's a much better idea to enable logging,
even on a temporary basis, to determine which packets are being blocked
and then adding rules to allow them. There's a really good article /
short video in Red Hat Magazine at
<a class="moz-txt-link-freetext" href="http://www.redhatmagazine.com/2007/08/01/video-tip-from-rhces-firewalls/">http://www.redhatmagazine.com/2007/08/01/video-tip-from-rhces-firewalls/</a>
that explains this really well.<br>
<br>
    /Harry Sutton, RHCA<br>
     Hewlett-Packard Company<br>
<br>
Richard Riley wrote:
<blockquote
 cite="mid:8A5A158B711C154A91790AF8F573CF8B2C3FD1@us-atlmail1.ariba.com"
 type="cite">
  <pre wrap="">Try stopping iptables on both machines during the test.

Richard Riley

  </pre>
  <blockquote type="cite">
    <blockquote type="cite">
      <pre wrap="">-----Original Message-----
From: <a class="moz-txt-link-abbreviated" href="mailto:redhat-sysadmin-list-bounces@redhat.com">redhat-sysadmin-list-bounces@redhat.com</a> [<a class="moz-txt-link-freetext" href="mailto:redhat">mailto:redhat</a>-
<a class="moz-txt-link-abbreviated" href="mailto:sysadmin-list-bounces@redhat.com">sysadmin-list-bounces@redhat.com</a>] On Behalf Of Douglas J Hunley
Sent: Monday, March 03, 2008 9:34 AM
To: <a class="moz-txt-link-abbreviated" href="mailto:redhat-sysadmin-list@redhat.com">redhat-sysadmin-list@redhat.com</a>
Subject: Re: can't get OS to use LDAP for accounts

On Monday 03 March 2008 09:10:08 Steven Kalisky wrote:
      </pre>
      <blockquote type="cite">
        <pre wrap="">Try turning off SELinux and then test.
        </pre>
      </blockquote>
      <pre wrap="">SELinux had previously been disabled. That didn't change anything
:(

--

--
redhat-sysadmin-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:redhat-sysadmin-list@redhat.com">redhat-sysadmin-list@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list">https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list</a>
      </pre>
    </blockquote>
  </blockquote>
  <pre wrap=""><!---->
--
redhat-sysadmin-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:redhat-sysadmin-list@redhat.com">redhat-sysadmin-list@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list">https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list</a>

  </pre>
</blockquote>
<br>
</body>
</html>