Dmitri Pal wrote:
Tomasz 'Zen' Napierala wrote:
Dnia 2009-11-03, wto o godzinie 15:16 +0100, Rob Crittenden pisze:
Jesster Leight wrote:
How i can find my default Administration URL for 389 DS ? I can't use 389-console from this problem ;(
That is correct. IPA does not install or configure the admin server or console for 389 DS. This is on purpose because user/group management in the console is not necessarily compatible with IPA and can cause large headaches. It should be possible, if one is very careful, to manage IPA users via the console but we do not support it.


Is there some capability you need that only the console provides?
I'll take a chance to ask similar question here (sorry for hijacking
thread ;)

I need some system users (e.g for configuring LDAPbind for apache
authentication), and I'd like them to be under say CN=sysaccounts,CN=etc
Is there any way to do this simply?
The thing is I don't want to be subject of IPA password policy.

Regards,
We are planning to have different password policies per group in IPAv2.
As far as I remember it made our Alpha release last week.
Would you be interested to give it a try?
In IPA all accounts are on the same level but they can be grouped in
different ways and in v2 pwd policies can be applied on per group basis.


And for v1 you'll need to use ldapmodify. It only appears scary at first, it isn't so bad once you understand the syntax.

I think the most bare-bones non-Posix account would look something like:

dn: uid=apacheldap,cn=sysaccounts,cn=etc,dc=example,d=com
changetype: add
objectclass: account
objectclass: simplesecurityobject
uid: apacheldap
userPassword: superSecret123

rob

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to