[Fedora-directory-devel] Need to configure, but not start fedora-ds
Richard Megginson
rmeggins at redhat.com
Wed Feb 28 21:49:49 UTC 2007
Andrew Bartlett wrote:
> On Tue, 2007-02-27 at 14:11 -0700, Richard Megginson wrote:
>
>> Andrew Bartlett wrote:
>>
>>> <snip>
>>> A few things would be useful:
>>>
>>> Firstly, for the path to the ldapi socket to be part of the inf file, so
>>> I can make it identical between the two supported servers (just makes my
>>> life easier).
>>>
>>> If I can't get that, then I need to be able to modify the dse.inf before
>>> it starts.
>>>
>>> Slightly adjunct to this, i need a way to prevent the DS from binding to
>>> anything except the unix domain socket (for security). ie, no IPv4
>>> ports.
>>>
>>> For the ds to be configured, but not started, so I can can copy out the
>>> default schema, and replace it with just the core schema, and samba4's
>>> schema.
>>>
>>>
>> ds_newinst requires the server to be started to add the default acis in
>> cn=config, cn=schema, cn=monitor and elsewhere. So if the server is not
>> started by ds_newinst, these acis will not be present, and the server
>> will have no access except for read only access to the root DSE. Is
>> this ok?
>>
>
> I'll live. Any progress on the other parts of this (ServerPort 0, ldapi
> path specification)?
>
Yes. Testing now.
> Andrew Bartlett
>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-devel mailing list
> Fedora-directory-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20070228/0dc15442/attachment.bin>
More information about the Fedora-directory-devel
mailing list