[Fedora-directory-devel] General use questions and diffs from Netscape

[Mike Jackson]

Deas, Jim wrote:
> I recently completed Redhats course on Directory Services and decided to
> setup a test deployment using Fedora. In the course of doing this I came
> across a couple of issues that I need to answer before I could use
> Directory as a valid authentication system.

What did you think about the course?


> 1) The web interface appears to create/handle group entrys different
> from those migrated from the local files using the Redhat class altered
> paddle scripts. From the class I remember changing the 'group' schema to
> 'groups'. End result, is there a way to create/manage 'groups' schema
> entries using the Directory web page that match those created when my
> existing /etc/group was migrated using the altered paddle scripts. If
> not, why does Redhat suggest this change in their class?

The web interface is not meant to be a full-blown user management 
solution. You'd do much better with something like phpldapadmin, or 
writing your own command line tools.


> 2) Is there a way that the Directory web page can be used to create new
> user accounts that include an autogen uid and gid? Currently it appears
> to create a new user with all the posix data turned off. This is fine
> from a management position as long as a uid generator exist to keep me
> safe from producing duplicate uid/gid numbers.

I wrote a user addition script which supports uid uniqueness checking 
for manually specified uids, as well as auto incrementing of uid if 
desired (does a search, sorts the uid list, and adds 1).


http://www.netauth.com/~jacksonm/ldap/newuser.pl


Just edit the configuration section to match your setup, and you're all set.

NOTE that this is not a very advanced tool, but the price is right :-) I 
have written some very advanced ones, but they are not open source...


BR,
Mike
-- 
http://www.netauth.com - LDAP Directory Consulting