[Fedora-directory-users] Switching off host filter in admin server - how?
Graham Leggett
minfrin at sharp.fm
Sat Mar 4 16:44:47 UTC 2006
Richard Megginson wrote:
>> Having got my brand new DS v1.0.2 up and running, and the admin server
>> started up, I discover that the admin server has arbitrarily placed a
>> host check of *.domain.com onto the server, effectively locking me out
>> of the admin server (my client machine is not in *.domain.com).
> See http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt
> and
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183925
I don't follow - I need to download the source, apply the patch in the
above bug, then rebuild the entire thing before I have any hope of
administering this server?
Is there some kind of manual override that I can use to switch this
behaviour off? Or alternatively if this is not possible, to require
localhost so that I can run the admin server behind a reverse proxy
whose access control does work properly?
Having changed the *.domain.com to * I am now getting this error:
[Sat Mar 04 10:42:50 2006] [notice] [client xx.xx.xx.xx]
admserv_host_ip_check: Unauthorized host ip=xx.xx.xx.xx, connection rejected
Google finds other people with this problem, apparently "*" doesn't mean
"let everybody in", but instead it means "let everyone in whose reverse
DNS works". In this case reverse DNS does work, but I may be getting
bitten by bug 183925.
So in short, does the admin server in v1.0.2 work at all, or am I just
wasting my time? :(
Regards,
Graham
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3220 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060304/30bfa1a1/attachment.bin>
More information about the Fedora-directory-users
mailing list