| |
| |
| |
|
Page: 1 2 3 4
Comments:
<0> so you've lost patience with me then hyc
<1> no, just trying to reach out.
<0> I've started and planned to do all that, just on hold due to busyness at day job ;-)
<1> even when you come on board there'll be a lot to do.
<0> I have merged all tuning stuff from faq into tuning sdf etc
<0> I'm just messing. Good idea
<1> and my "Participate" jab on the blog obviously wasn't aimed at you. I already know you do. ;)
<0> auch, I know. Just making sure ;-)
<0> spoke to chuck tonight.
<1> I actually meant to send that email out last night. apparently forgot to hit Send.
<0> k
<0> just sent a reply
<1> cool
<0> suggesting things we do in Fedora Docs
<0> have an interest in a topic, step up and take ownership etc. ;-)
<0> must go to bed. night
<2> hyc: warm fuzzy feeling is nice :D
<1> heh heh
<3> hello, I'm trying to get a feel for ldap (using fedora-ds), I'm trying to have a fedora install running on vmware use the ldap server I have running on my machine but am having trouble getting those users to show up, right now I'm just using dc=localhost,dc=localdomain and am wondering if that could be the problem
<3> I'm wondering about trying example.com as well, but in that case will I have to set up a local dns server so my ldap server resolves to example.com (and the vmware machine to foo.example.com?)
<1> no
<1> you can use any DN you want, independent of DNS
<1> unless you're using ActiveDirectory...
<3> hyc, could it be an issue that my dn is localhost.localdomain and in the vmware client I have base dc=localhost,dc=localdomain ?
<1> localhost.localdomain is not a DN
<1> what client, specifically, have you configured in the VMware system?
<3> hyc, basically this with the IP changed from 127.0.0.1 to the IP of my server, http://www.linux.com/article.pl?sid=06/11/28/2019258
<3> I also changed /etc/ldap.conf bind_policy to soft
<3> s/connection/connecting
<1> you might want to try the fedora-directory-users mailing list
<1> that article you linked is light on details. perhaps it has overstated the simplicity of setting it up.
<1> the feature list is also low on technical integrity, and high on marketing spin. Multimaster only provides fault tolerance, it does not provide high write performance.
<3> I tried reading through the manual also but most of it is still over my head :(
<3> is there a good, slightly more detailed, tutorial somewhere?
<1> no matter whose directory server you use, you need to do a lot of background reading on LDAP before you'll really understand what's going on.
<1> richm may have some suggestions on better docs
<3> yeah, I just find it's really helpful to have something running that I can play around with to test the theory
<1> I think they have a doc wiki up somewhere, don't remember the URL
<1> richm: where's the FDS wiki?
<3> I could only find install stuff in the wiki
<1> oh. never mind then...
<3> that and stuff for already running installations
<3> hyc, thanks for the help anyway
<1> n/p.
<1> Try my company's OpenLDAP builds next time, if you want an easy-to-use LDAP package. www.symas.com
<4> loaded with backdoors?
<1> yeah right
<4> hehe
<1> we embed a worm that identifies ActiveDirectory servers on your network and replaces them with ours.
<4> should use something more positive than the word 'worm' for that function
<4> i'd call that a feature
<1> heh heh
<1> the dynamic network upgrade manager :P
<4> ahahahahah
<1> reminds me of the old CoreWars game
<1> sad thing is, there probably are plenty of holes in AD through which it could be subverted.
<1> At least in the W2K version; I haven't tested W2K3. but it's easy to feed W2K AD a funny packet and make it lose its mind.
<4> probobly one of the many reasons 2k has been depreciated by m$
<5> i deprecated MS when i got some sense into my head
<1> I deprecate them all the time ;)
<5> heheh :)
<6> morning guys
<6> are an object cl***es attribute names indervidual, or do they conflict with other objectCl***es please?
<2> an attribyte can be mandatory or optional in several objectcl***es
<6> hi Gagatan
<6> Gagatan, so when I create my own attributes, for example, I could not call one "mail"
<6> as it would clash
<7> [miles]: Attributes are defined independently of object cl***es, so their names can't conflict with any other attributes in other schemas you use.
<2> [miles]: as someone said yesterday.. prefix your custom attributes with a project-name og company-name
<7> He'd just logged out before that:-) But to repeat:
<7> The point of prefixes is to avoid name conflicts. You call some attr 'Address', and then a server which uses your schema can't use another schema which calls something else 'Address'. A commonly used prefix is the organization's or project's acronym.
<6> morning hbf
<7> hi
<2> hbf: looked at the Sun A.M/F.M (no, not radio) for the next generation of Feide?
<7> Nope. But I will have to do so.
<7> [miles]: About your schema: There is no reason to not use both new attrs of your own and standard attrs from elsewhere in your schema, like e.g. postalAddress from RFC 4519
<7> And if that p***word attribute was intended to be used for the LDAP Simple Bind operation, you must use userP***word instead since that's hardcoded at least in OpenLDAP.
<7> Also, for the prefix I'd use the same prefix everywhere (object cl***es, attributes, macros), be it entSw or esw.
<6> ahhh, ok hbf you've just clarified a lot to me, thank you
<6> ok, I go with that structure then
<6> hbf, I was thinking like, instead of using "mail", setup an attr "eswMail"
<7> eswMail is fine if you want it.
<6> hbf, ok
<6> hbf, you think expanding inetOrgPerson is the best one I should use for the client data.. which you've seen
<6> ?
<7> I haven't seen your client data, nor do I know (or remember:-) what you are going to use the schema for, so I couldn't say.
<7> But if it's to be used to represent some LDAP client rather than persons, then using a person object cl*** is the wrong approach. But you can use attributes from the schema if they seem convenient.
<6> https://spamwall.entorno.es/entorno.schema
<7> Yes, that's the schema, but what is it _for_?
<6> hbf, ok, the box will be a anti-spam/virus gateway
<6> with clients, who own domains, who have users
<8> hi ,, i have problem to connect ldap in fedora core 4
<8> [root@dhcppc2 samba]# ldapwhoami
<8> SASL/DIGEST-MD5 authentication started
<8> Please enter your p***word:
<8> ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
<8> additional info: SASL(-13): user not found: no secret in database
<8> i need hehlp
<7> [miles]: So what does this schema descibe? Info about a person o rmail delivery to him, or about a user, or about something else?
<8> samba,shchema
<7> tomcatly: ldapwhoami -x
<7> If you don't want to use SASL, that is.
<6> hbf, sorry, had a call, just reading
<6> hbf, no, the client is really just contact details, and a list of domains that client owns
<6> technical contact's details etc
<6> the only keep data is: clientusername p***word listof their domains
<8> thanx
<7> [miles]: So the attributes are describing a program (the client)? Then cl*** inetOrgPerson does not fit, since that describes a person.
<6> no
<6> it's describing a customer
<6> and the domains that they have on the system
<7> Oh, that kind of client. Now I'm beginning to see the light:-)
<6> hbf, so a "client/customer" has say in their info, 2 x domains...
<9> ok, but why duplicate most of inetOrgPerson or organization
<6> this is where I'm looking for clarification
<6> as to what is best
<6> _ranger_, gud moaning sur
<9> and, why not rather just set the owner of the domain object to be the dn of the organisation
<7> If the schema for use by in-house LDAP programs only, it doesn't matter much if you use standard attrs or no.
<9> morning [miles]
<7> But if you e.g. want to be able to use LDAP as an address book via an existing email client, you need to use common attributes this client recognizes
<7> - which will likely be 'mail', 'cn' (common name), maybe a few others like postalAddress. Then use your own attrs for less commonly used things to look up.
<6> nope
<6> it's locked down... localhost access only
<6> to SASL, postfix, spam******in, amavisd-new etc
<6> no external connections
<9> ok, so the domains is for configuration of (say) postfix ?
<6> nod
<9> I would just make an auxiliary objectcl*** for everything not covered by objectcl*** organization
<7> So does "etc" include common e-mail clients? (Outlook, Thunderbird, whatever)
<6> hbf, nope
<9> I ***ume only the MTA
<6> hbf, it's total lock down
<6> only local running services
<7> Like _ranger_ said then. But it sounds like it really doesn't matter if you use only your own attrs or a mixture of common attrs and your own.
<9> but, using your own attributes makes your application less portable
<6> ok
<6> one minute, gotta go smoke... got a cold, feel like ****e, need nicotine in my sistema
<6> ok
<6> better
<6> damn, we've got big clients here for a meeting, no one advises me, and I look like im on the run from jail :-|
<10> [miles]: dont worry, if you dress too nice they'll never believe you're good at the technical stuff
<6> jajaja
<6> your right yeah
<6> problem is , being from liverpool, skinhead and tattoo'd .. these spanish business men think im a football hooligan :D
<10> heheheh
Return to
#ldap
or
Go to some related
logs:
libpoppler suse
dapper nvidiafb
#bash
#fluxbox
printer service-error-service-unavailable
#kernel
xubunto root
#css
bitdefender 10 openvpn
ICECASTS download
|
|