subject:"mismatch in cn=admin,... DNs in debian\-edu\-config"

mismatch in cn=admin,... DNs in debian-edu-config

2011-04-08 Thread Mike Gabriel


Hi all,

I have been getting a little confused by mismatching cn=admin DNs  
(there is an error on Debian Edu squeeze install currently that hints  
to some cn=admin + TLS problem).


mike@minobo:~/MyDocuments/4projects/debian-edu/debian-edu-config$ grep  
-ri cn=admin, * | grep -v svn
etc/ldap/slapd-lenny_debian-edu.conf:rootdn  
cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no
etc/ldap/slapd-lenny_debian-edu.conf:access to  
dn.base=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no
etc/ldap/slapd-lenny_debian-edu.conf:   by  
dn.exact=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no ssf=128 =wx
etc/ldap/slapd-lenny_debian-edu.conf:   by  
dn.exact=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no ssf=128 =w
etc/ldap/slapd-lenny_debian-edu.conf:access to  
dn.exact=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no
etc/ldap/slapd-debian-edu.conf:rootdn
cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no
etc/ldap/slapd-debian-edu.conf:access to  
dn.base=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no
etc/ldap/slapd-debian-edu.conf: by  
dn.exact=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no ssf=128 =wx
etc/ldap/slapd-debian-edu.conf: by  
dn.exact=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no ssf=128 =w
etc/ldap/slapd-debian-edu.conf:access to  
dn.exact=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no
etc/ldap/slapd-squeeze_debian-edu.conf:rootdn
cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no
ldap-bootstrap/root.ldif:## echo -n  
cn=admin,ou=aclroles,dc=skole,dc=skolelinux,dc=no | base64 -w0
ldap-bootstrap/root.ldif:dn:  
cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no
ldap-bootstrap/root.ldif:member:  
cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no
ldap-bootstrap/root.ldif:member:  
cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no
ldap-tools/ldappasswd2:$dn  =  
'cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no';

ldap-tools/csvparser:my $ldapadmindn  = cn=admin,o=stfk,c=no;
ldap-tools/ldap-upgrade-db-fix:  -D  
cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no
ldap-tools/barbarossa/makeldif:cat  EOF | ldapadd -x -h localhost -W  
-D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no
ldap-tools/barbarossa/makesmbAcc:cat  EOF | ldapmodify -x -h  
localhost -W -D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no

ldap-tools/sitesummary2ldapdhcp:my $binddn = cn=admin,ou=ldap-access,$base;
share/debian-edu-config/tools/ldap-users.pl:member =  
cn=admin,ou=ldap-access, . $g{basedn},


To my experience the default cn=admin DN (that is the LDAP master  
account) should be


  cn=admin,BASEDN

As we are restructuring the whole LDAP tree, we should approach common  
standards here as well...


However, if we leave things as they are, we should agree on one  
unequivocal cn=admin DN/location in the LDAP DIT.


Greets,
Mike


--

DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419

GnuPG Key ID 0xB588399B
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb


pgpbU5QJicGvY.pgp
Description: Digitale PGP-Unterschrift

Re: mismatch in cn=admin,... DNs in debian-edu-config

2011-04-08 Thread Petter Reinholdtsen

[Mike Gabriel]
 As we are restructuring the whole LDAP tree, we should approach common  
 standards here as well...

Yes, and the one implemented is cn=admin,ou=ldap-access,BASEDN, and
anything not using this is a bug or legacy settings.

Happy hacking,
-- 
Petter Reinholdtsen


-- 
To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110408233427.gd6...@login2.uio.no

Re: mismatch in cn=admin,... DNs in debian-edu-config

2011-04-08 Thread Mike Gabriel


Hi Petter,

On Sa 09 Apr 2011 01:34:27 CEST Petter Reinholdtsen wrote:


[Mike Gabriel]

As we are restructuring the whole LDAP tree, we should approach common
standards here as well...


Yes, and the one implemented is cn=admin,ou=ldap-access,BASEDN, and
anything not using this is a bug or legacy settings.


Ok, I will take a look and see where the others exactly come from...

Mike

--

DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419

GnuPG Key ID 0xB588399B
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb


pgpg5ExOhJa36.pgp
Description: Digitale PGP-Unterschrift

mismatch in cn=admin,... DNs in debian-edu-config

Re: mismatch in cn=admin,... DNs in debian-edu-config

Re: mismatch in cn=admin,... DNs in debian-edu-config

3 matches

Site Navigation

Mail list logo

Footer information