[Fedora-directory-users] Administration domain

Fernando Muñoz fmunoz at hispafuentes.com
Fri May 18 17:27:50 UTC 2007 

Thanks Richard for the answer,

I registered the configuration directory with a remote server
(delegating administration), but furthermore, i would like to access to
directory administration locally (in a local server without Netscaperoot
after installation), and permit admin when the communications down with
a remote server. It's possible? I have to create a new Netscaperoot in a
local server?.

Other question, it's possible register the configuration directory in
two remote servers?.

Thanks, 

El jue, 17-05-2007 a las 12:00 -0400,
fedora-directory-users-request at redhat.com escribió:
> Send Fedora-directory-users mailing list submissions to
> 	fedora-directory-users at redhat.com
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://www.redhat.com/mailman/listinfo/fedora-directory-users
> or, via email, send a message with subject or body 'help' to
> 	fedora-directory-users-request at redhat.com
> 
> You can reach the person managing the list at
> 	fedora-directory-users-owner at redhat.com
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Fedora-directory-users digest..."
> 
> 
> Today's Topics:
> 
>    1. Re: NSUniqueID (Richard Megginson)
>    2. Administration domain (Fernando Mu?oz)
>    3. Re: Administration domain (Richard Megginson)
>    4. Windows Sync with NT4? (Glenn)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Wed, 16 May 2007 09:58:16 -0600
> From: Richard Megginson <rmeggins at redhat.com>
> Subject: Re: [Fedora-directory-users] NSUniqueID
> To: "General discussion list for the Fedora Directory server project."
> 	<fedora-directory-users at redhat.com>
> Message-ID: <464B2A18.2030100 at redhat.com>
> Content-Type: text/plain; charset="iso-8859-1"
> 
> Bjorn Oglefjorn wrote:
> >
> >
> > On 5/16/07, *Richard Megginson* <rmeggins at redhat.com 
> > <mailto:rmeggins at redhat.com>> wrote:
> >
> >     Bjorn Oglefjorn wrote:
> >     > <snip>
> >     >
> >     >
> >     >     This seems odd - were these attributes originally added with
> >     other
> >     >     values, then changed?  Was the original dn uid=auser, or was
> >     this
> >     >     changed?
> >     >
> >     >
> >     > If that is true, that is indeed odd.  Looking back through my audit
> >     > logs shows only the change to the mail attribute values.  Is there
> >     > another way I can check and see the change of the posix attributes?
> >     You said "audit logs" - do you mean the DS audit log?
> >     http://www.redhat.com/docs/manuals/dir-server/ag/7.1/dsstats.html#1092377
> >     <http://www.redhat.com/docs/manuals/dir-server/ag/7.1/dsstats.html#1092377>
> >     If not, you could enable the audit log to see exactly what
> >     modifications
> >     are occurring.
> >
> >
> > Yes, I do have audit logging enabled on both of my fedora-ds machines 
> > but only as of the end of last month.  I only see the modification of 
> > the mail attributes in the audit log.
> Ok.  The information might still be in the changelog.  You can dump the 
> contents of the changelog using the perl script 
> bin/slapd/admin/scripts/template-cl-dump.pl - cd /opt/fedora-ds ; perl 
> bin/slapd/admin/scripts/template-cl-dump.pl -H for usage.
> >
> >     --
> >     Fedora-directory-users mailing list
> >     Fedora-directory-users at redhat.com
> >     <mailto:Fedora-directory-users at redhat.com>
> >     https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >   
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: smime.p7s
> Type: application/x-pkcs7-signature
> Size: 3245 bytes
> Desc: S/MIME Cryptographic Signature
> Url : https://www.redhat.com/archives/fedora-directory-users/attachments/20070516/79d5dcaa/smime.bin
> 
> ------------------------------
> 
> Message: 2
> Date: Wed, 16 May 2007 21:58:11 +0200
> From: Fernando Mu?oz <fmunoz at hispafuentes.com>
> Subject: [Fedora-directory-users] Administration domain
> To: fedora-directory-users at redhat.com
> Message-ID: <1179345491.5953.17.camel at hispafuentes>
> Content-Type: text/plain
> 
> Hi,
> 
> I want to deploy a FDS service in a different geography sites (sharing
> the same data), and i have a problem with administration (console
> administration of administration server).
> 
> I've installed a FDS server in all sites with the same information (by
> replication) and i want try administrate with a local console (local
> access to fds in each server), and furthermore, administrate all fds
> server(access to all server through console) in one central site.
> 
> Administration domain are the solution? and why?
> 
> or subscribe all administration server to central server?
> 
> thanks,
>     
> 
> 
> 
> 
> ------------------------------
> 
> Message: 3
> Date: Wed, 16 May 2007 14:13:57 -0600
> From: Richard Megginson <rmeggins at redhat.com>
> Subject: Re: [Fedora-directory-users] Administration domain
> To: "General discussion list for the Fedora Directory server project."
> 	<fedora-directory-users at redhat.com>
> Message-ID: <464B6605.30907 at redhat.com>
> Content-Type: text/plain; charset="iso-8859-1"
> 
> Fernando Muoz wrote:
> > Hi,
> >
> > I want to deploy a FDS service in a different geography sites (sharing
> > the same data), and i have a problem with administration (console
> > administration of administration server).
> >
> > I've installed a FDS server in all sites with the same information (by
> > replication) and i want try administrate with a local console (local
> > access to fds in each server), and furthermore, administrate all fds
> > server(access to all server through console) in one central site.
> >
> > Administration domain are the solution? and why?
> >
> > or subscribe all administration server to central server?
> >   
> When you ran setup on each local server installation, one of the options 
> was to use an existing configuration directory server.  If you choose 
> this option, your new servers will be registered with that server.  This 
> allows you to use the console to manage all of your servers from a 
> single console.
> > thanks,
> >     
> >
> >
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >   
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: smime.p7s
> Type: application/x-pkcs7-signature
> Size: 3245 bytes
> Desc: S/MIME Cryptographic Signature
> Url : https://www.redhat.com/archives/fedora-directory-users/attachments/20070516/830e17f6/smime.bin
> 
> ------------------------------
> 
> Message: 4
> Date: Wed, 16 May 2007 17:09:11 -0500
> From: "Glenn" <glenn at mail.txwes.edu>
> Subject: [Fedora-directory-users] Windows Sync with NT4?
> To: "Fedora DS List" <fedora-directory-users at redhat.com>
> Message-ID: <20070516214358.M87254 at mail.txwes.edu>
> Content-Type: text/plain;	charset=iso-8859-1
> 
> So I have a successful Windows Sync agreement set up between Fedora DS and 
> Active Directory, but I'm having difficulty setting up a sync agreement with 
> an NT4 domain.  I'm at the point where I've entered the NT server info in the 
> agreement form.  When I click Next, I get an error message:
> 
> "Unable to contact Active Directory server.  Continue?"
> 
> I think this means I've entered something wrong in the form, and I'm hoping 
> someone can narrow down the possible things that can be entered in the form.
> 
> For instance, Windows Domain Name.  The example given in the documentation 
> is "example.com".  However, NT domains do not conform to DNS standards.  Will 
> it work if I enter the NT domain name, e.g., "example"?  If not, is there a 
> workaround?
> 
> The next item is Windows Subtree.  This field gets filled in automatically 
> with "cn=Users,dc=example" using the example above.  Again, can Windows Sync 
> use this NT domain name, or does it require a DNS name?
> 
> For Domain Controller Host, what is expected?  If I put in the host name 
> alone, I get the error message.  If I put in the fully qualified DNS host 
> name, the application locks up and must be terminated with Task Manager (I'm 
> using the console on a Windows XP machine).
> 
> Bind As seems to expect an LDAP distinguished name.  How can I translate the 
> NT replication user name into LDAP terminology, i.e., what in NT corresponds 
> with cn, ou, dn, etc.?
> 
> Thanks for any ideas.   -G.
> 
> 
> 
> ------------------------------
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> 
> 
> End of Fedora-directory-users Digest, Vol 24, Issue 20
> ******************************************************
-- 
********************
Fernando Muñoz Sordo
HISPAFUENTES
********************

More information about the Fedora-directory-users mailing list