[Fedora-directory-users] Database recreation, automount and performance

Vsevolod (Simon) Ilyushchenko simonf at cshl.edu
Wed Jul 13 19:31:47 UTC 2005


Thanks for the quick answer! Perhaps this information should go into the 
FAQ - what do you think?

Rich Megginson wrote on 07/13/2005 12:47 PM:
> The IETF LDAP community has decided to deprecated them in favor of the 
> new netgroups stuff.

OK, I'll reconfigure my entries. Does Fedora automounter understand the 
netgroups structure?

> We don't yet have a way to set an ACI to allow users other than the 
> Directory Manager (i.e. cn=Directory Manager, not the admin console 
> user) to create the entry for a root suffix.  In the console, you can 
> Log In As New User, and specify cn=directory manager (or whatever you 
> used for your directory manager user when you performed the initial 
> installation).

This is very non-trivial. :) Creating the root suffix now works, but I 
tried creating top-level entries one by one, as well as creating a new 
server in the administration console, and it all failed. I had to delete 
the RPM and reinstall it.

By the way, I found out that if I install the RPM a second time, the 
admin console tries to connect to port 15918, but the admin server is 
running on port 25394. I don't remember what port was used the first 
time. :(

This time I successfully created an SSL-enabled directory and was able 
to authenticate to it. I followed the steps here:
to create a self-signed certificate.

For archives - the docs don't tell you that after running pk12util in 
step 9 you first have to enter the password 'secretpwd' that you've 
saved in the file pwdfile.txt, and then you have to create a different 
startup password. Later, when you start the server on the command line, 
this second password is required.


Simon (Vsevolod ILyushchenko)   simonf at cshl.edu

Terrorism is a tactic and so to declare war on terrorism
is equivalent to Roosevelt's declaring war on blitzkrieg.

Zbigniew Brzezinski, U.S. national security advisor, 1977-81

More information about the Fedora-directory-users mailing list