[389-users] Re: simple question: do I need an admin server at all ?
Phil, The admin server is only used for 389-console/GUI. If you aren't using the java UI, then you can remove the 389-admin* packages, and remove the o=netscaperoot suffix (if present). We are currently working on ramping up our new python CLI tools (dscreate, dsctl, dsconf, and dsidm) and the new Cockpit web UI. This work is in progress, but it will awhile until it's available. Of course you can do everything using ldapmodify if need be. Regards, Mark On 08/11/2018 11:18 AM, Phil Lembo wrote: In running the old iPlanet (and then, Sun) DS (389's ancestor) for around a decade I gradually moved towards doing almost everything on the command line both for efficiency and stability (early versions of the gui console sometimes crashed the server). Sun's last release, DSEE 7, came with the kind of command line utilities now being developed for 389, allowing you to do everything at the CLI you used to need the gui for (like setting up replication). About the only thing I missed was the console's graphical aci editor, which is still the best way for new admins to learn the aci system. In fact I used the console aci editor just this week to prototype access controls for an OpenDJ directory service (OpenDJ is an all-java server that grew out of Sun DS). ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/F64NK2ZGVJ2RSWRBMB55KTJTVBBR3MCU/ ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/DVNWN7VUCSYSALSRBGY4P4JMATS6IMY7/
[389-users] Re: simple question: do I need an admin server at all ?
On Wed, 2018-07-18 at 14:49 -0400, Robert Watterson wrote: > Hi forgive the newbie question, but I've searched the 389-users > archive and didn't see an answer. > > If I manage ldap entries and dirsrv server options via command line > only, do I even need an admin server component? > I've been using Apache Directory Studio for my non-command line needs > on a single 389 instance, seems to work out OK so far. The admin > server (o=netscape) is installed and running, but I haven't been > using the GUI. I'm about to spin up two new servers and do multi- > master replication and certificates/TLS. > On a production server where all content changes are done via scripts > (no GUI needed) do I even need to spin up an admin server? > We won't be using Admin Express, DS Gateway, Org Chart, etc. We'll > never be managing more than 3-4 production ldap servers. > Am I missing something critical by installing just the actual 389 > servers and NOT the admin instance? Hi there, In supplement to Mark's comments, not only are we pusing a new admin in the form of cockpit, we also want to improve the CLI to be a first glass admin interface. We have a suite of new tools coming (dsctl, dsconf and dsidm) that will absorb all the existing perl, and make many routine tasks for the CLI significantly easier to achieve. I hope that we can make the CLI the only point of contact for you in the future, and would love to hear your feedback on it if you try it out. Thanks! > ___ > 389-users mailing list -- 389-users@lists.fedoraproject.org > To unsubscribe send an email to > 389-users-le...@lists.fedoraproject.org > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/35HMKMPD6NZSFNRVGZDCZSMOJNDI42N7/ -- Sincerely, William ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/3W53IRVDUL5BCTTH4NTHAOTQJN5C5GZH/
[389-users] Re: simple question: do I need an admin server at all ?
On 07/18/2018 02:49 PM, Robert Watterson wrote: Hi forgive the newbie question, but I've searched the 389-users archive and didn't see an answer. If I manage ldap entries and dirsrv server options via command line only, do I even need an admin server component? Nope I've been using Apache Directory Studio for my non-command line needs on a single 389 instance, seems to work out OK so far. The admin server (o=netscape) is installed and running, but I haven't been using the GUI. I'm about to spin up two new servers and do multi-master replication and certificates/TLS. On a production server where all content changes are done via scripts (no GUI needed) do I even need to spin up an admin server? Nope We won't be using Admin Express, DS Gateway, Org Chart, etc. We'll never be managing more than 3-4 production ldap servers. Am I missing something critical by installing just the actual 389 servers and NOT the admin instance? Nope :-) We are actually getting rid of the admin server and moving to a web UI (Cockpit plugin) that will only "configure" server instances. There will not be a user ldap browser like Apache DS, so it's good that you are already using Apache DS. Since you are not using admin server then you can remove the o=netscaperoot backend. Also you only need to run setup-ds.pl, not setup-ds-admin.pl, moving forward. Regards, Mark ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/35HMKMPD6NZSFNRVGZDCZSMOJNDI42N7/ ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/E742PEAVMUD4JR7ZONISCBCZ7IMZOFFB/
[389-users] Re: simple question: do I need an admin server at all ?
On 7/18/2018 12:49 PM, Robert Watterson wrote: If I manage ldap entries and dirsrv server options via command line only, do I even need an admin server component? No. I've been using Apache Directory Studio for my non-command line needs on a single 389 instance, seems to work out OK so far. The admin server (o=netscape) is installed and running, but I haven't been using the GUI. I'm about to spin up two new servers and do multi-master replication and certificates/TLS. On a production server where all content changes are done via scripts (no GUI needed) do I even need to spin up an admin server? We won't be using Admin Express, DS Gateway, Org Chart, etc. We'll never be managing more than 3-4 production ldap servers. Am I missing something critical by installing just the actual 389 servers and NOT the admin instance? Admin Server is really an http server that invokes CGI programs to do things that are not doable via LDAP (e.g. start and stop the LDAP server). You can do all those things from the command line by logging into the machine the server is running on. ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/S47Q3L27IKW2G6ZLVWRNLGSXOVDWKHCR/