Re: Writing the documentation for GOsa², the new admin tool of Debian-Edu
Jürgen!!! This is awesome (auf deutsch: das g...-Wort) Whenever I can help I will do that (GOsa/LDAP) Superb, Mike On Do 07 Apr 2011 18:59:35 CEST Jürgen Leibner wrote: Hi to all, now I think it is time, to announce my little personal project here on the list. Since last year in November, I'm in education for becoming a certified 'Technical Writer'. This education ends with a little project and an exam. One part of the project is to write a documentation or a handbook or something similar. As we know since we choosed GOsa² [1] as our new admin tool, that there is no documentation of GOsa² covering the special aspects of Debian-Edu. So I decided last year in November to get the permission for writing that documentation. Today I got that permission and I can tell you what the project covers in detail. Short description of the project: The task is to create the missing documentation for the new admin tool for the new release of Debian-Edu in the most important parts which are the user- and services management modules. At that it will be taken care of the differnet user roles. The documentation will be created in the DITA [2] document standard [3]. The processing of the topic based files for creating the HTML and PDF output will be done with the actual DITA-Open-Tool [4] kit. I choosed to use this relative new DITA standard and not the old and proof docbook standard to get the benefits of topic oriented writing. GOsa², XML and DITA are new to me and I hope to find here someone in the right moment to help me getting information about GOsa² and its special implementation in Debian-Edu. The project starts next week with some planning and design tasks. On the 26th of April the writing starts. The end of the project is the 6th of July. Unfortunatly not all of that time is scheduled for writing but I hope to get the documentation done as well as I'm able to. The documentation will be published under the GPL so that there will be no problem to get it in Debian-Edu in our SVN afterwards so that I and maybe others are able to complete and translate it. The documentation will be initial written in German because my English is not well enough for technical writing. Greetings, Jürgen Leibner aka jever [1] https://oss.gonicus.de/labs/gosa/wiki/WikiStart. [2] http://en.wikipedia.org/wiki/Darwin_Information_Typing_Architecture [3] http://docs.oasis-open.org/dita/v1.2/os/spec/DITA1.2-spec.html [4] http://dita-ot.sourceforge.net/ -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201104071859.35808.201...@gmx.de -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpib5cZ3XNvK.pgp Description: Digitale PGP-Unterschrift
Re: Writing the documentation for GOsa², the new admin tool of Debian-Edu
On Friday 08 April 2011 09:42 Mike Gabriel wrote: Jürgen!!! This is awesome (auf deutsch: das g...-Wort) Whenever I can help I will do that (GOsa/LDAP) Thank you for your offering, Mike. I'm encouraged, Jürgen -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201104081830.04876.201...@gmx.de
Bug#617384: marked as done (FIRST_UID in adduser.conf conflicts with minimal uidNumbers used in Skolelinux LDAP DIT)
Your message dated Fri, 08 Apr 2011 20:12:13 +0200 with message-id 20110408201213.19213fdmrokl1...@mail.das-netzwerkteam.de and subject line Re: FIRST_UID in adduser.conf conflicts with minimal uidNumbers used in Skolelinux LDAP DIT has caused the Debian Bug report #617384, regarding FIRST_UID in adduser.conf conflicts with minimal uidNumbers used in Skolelinux LDAP DIT to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 617384: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617384 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: debian-edu-config Version: 1.446~svn73097 Severity: minor Tags: squeeze The file /etc/adduser.conf should be tweaked in a way that it allows local user's to be created on a Skolelinux system beginning with uidNumber=500 (current setting is FIRST_UID=1000 which conflicts with LDAP). The creation of local users on SL systems is not recommended, but adduser will currently create accounts that conflict with LDAP DIT which should in any case be avoided. -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages debian-edu-config depends on: ii base-files 6.0 Debian base system miscellaneous f ii bind9-host [host]1:9.7.2.dfsg.P3-1.1 Version of 'host' bundled with BIN ii cfengine22.2.10-2Tool for configuring and maintaini ii debconf [debconf-2.0 1.5.36.1Debian configuration management sy ii debconf-utils1.5.36.1debconf utilities ii debian-edu-artwork 0.0.32-2Debian Edu themes and artwork ii desktop-profiles 1.4.15+nmu1 framework for setting up desktop p ii discover 2.1.2-5 hardware identification system ii education-tasks 0.852~svn72937 Debian Edu tasks for tasksel ii fping2.4b2-to-ipv6-16.1 sends ICMP ECHO_REQUEST packets to ii host 1:9.7.2.dfsg.P3-1.1 Transitional package ii ldap-utils 2.4.23-7OpenLDAP utilities ii libconfig-inifiles-p 2.52-1 Read .ini-style configuration file ii libfilesys-df-perl 0.92-3+b1 Module to obtain filesystem disk s ii libhtml-fromtext-per 2.05-5.1Mark up text as HTML ii libio-socket-ssl-per 1.33-1+squeeze1 Perl module implementing object or ii libjavascript-perl 1.16-3 module for executing embedded Java ii libnet-ldap-perl 1:0.4001-2 client interface to LDAP servers ii libnet-netmask-perl 1.9015-4parse, manipulate and lookup IP ne ii libterm-readkey-perl 2.30-4 A perl module for simple terminal ii libtext-unaccent-per 1.08-1+b1 provides functions to remove accen ii lsb-base 3.2-23.2squeeze1Linux Standard Base 3.2 init scrip ii mime-support 3.48-1 MIME files 'mime.types' 'mailcap ii net-tools1.60-23 The NET-3 networking toolkit ii ng-utils 0.7-1 Tool to access netgroups from the ii openssl 0.9.8o-4squeeze1Secure Socket Layer (SSL) binary a ii patch2.6-2 Apply a diff file to an original ii python-notify0.1.1-2+b2 Python bindings for libnotify ii ssl-cert 1.0.28 simple debconf wrapper for OpenSSL ii tftp 0.17-18 Trivial file transfer protocol cli Versions of packages debian-edu-config recommends: ii ddccontrol 0.4.2-6 a program to control monitor param ii libnotify-bin 0.5.0-2 sends desktop notifications to a n ii lsof 4.81.dfsg.1-1 List open files ii memtest86+ 4.10-1.1 thorough real-mode memory tester ii resolvconf 1.46 name server information handler ii syslinux 2:4.02+dfsg-7 collection of boot loaders Versions of packages debian-edu-config suggests: ii atftpd 0.7.dfsg-9.1 advanced TFTP server -- Configuration Files: /etc/bind/db.0.168.192.in-addr.arpa. changed [not included] /etc/bind/db.1.168.192.in-addr.arpa. changed [not included] /etc/bind/db.2.0.10.in-addr.arpa. changed [not included] /etc/bind/db.intern changed [not included] /etc/bind/db.subnet00.intern. changed [not included] /etc/bind/db.subnet01.intern.
remnants of etcinsvk
Hi Petter et al. I am just looking at debian-edu-* in SVN. There are still some remnants that hint to etcinsvk. Do I see it correcly that etcinsvk is outdated in squeeze (replaced by etckeeper). Here are the remnants: mike@minobo:~/MyDocuments/4projects/debian-edu/debian-edu-config$ grep -ri etcinsvk * | grep -v svn share/debian-edu-config/d-i/finish-install:# In case etcinsvk was not initialized in pre-pkgsel (ie share/ltsp/plugins/ltsp-build-client/Debian-custom/032-edu-pkgs: etcinsvk \ I am not sure if it is ok to remove the lines in the corresponding files. I suppose so, but do not want to do it without feedback... Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpJZ6xCjC58z.pgp Description: Digitale PGP-Unterschrift
Bug#617383: marked as done (etckeeper Git on Debian Edu machines complains about missing user.name and user.email settings)
Your message dated Fri, 08 Apr 2011 22:49:20 +0200 with message-id 20110408224920.16072vohgdxg6...@mail.das-netzwerkteam.de and subject line Re: etckeeper Git on Debian Edu machines complains about missing user.name and user.email settings has caused the Debian Bug report #617383, regarding etckeeper Git on Debian Edu machines complains about missing user.name and user.email settings to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 617383: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617383 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: debian-edu-config Version: 1.446~svn73097 Severity: minor Tags: squeeze Currently, etckeeper's Git complains on any package installation that effects the /etc/ directory about a missing ,,git --global'' setting for ,,user.name'' and ,,user.email''. This will be confusing for non-geaks and should be filled with sensible defaults (to get it silent). -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages debian-edu-config depends on: ii base-files 6.0 Debian base system miscellaneous f ii bind9-host [host]1:9.7.2.dfsg.P3-1.1 Version of 'host' bundled with BIN ii cfengine22.2.10-2Tool for configuring and maintaini ii debconf [debconf-2.0 1.5.36.1Debian configuration management sy ii debconf-utils1.5.36.1debconf utilities ii debian-edu-artwork 0.0.32-2Debian Edu themes and artwork ii desktop-profiles 1.4.15+nmu1 framework for setting up desktop p ii discover 2.1.2-5 hardware identification system ii education-tasks 0.852~svn72937 Debian Edu tasks for tasksel ii fping2.4b2-to-ipv6-16.1 sends ICMP ECHO_REQUEST packets to ii host 1:9.7.2.dfsg.P3-1.1 Transitional package ii ldap-utils 2.4.23-7OpenLDAP utilities ii libconfig-inifiles-p 2.52-1 Read .ini-style configuration file ii libfilesys-df-perl 0.92-3+b1 Module to obtain filesystem disk s ii libhtml-fromtext-per 2.05-5.1Mark up text as HTML ii libio-socket-ssl-per 1.33-1+squeeze1 Perl module implementing object or ii libjavascript-perl 1.16-3 module for executing embedded Java ii libnet-ldap-perl 1:0.4001-2 client interface to LDAP servers ii libnet-netmask-perl 1.9015-4parse, manipulate and lookup IP ne ii libterm-readkey-perl 2.30-4 A perl module for simple terminal ii libtext-unaccent-per 1.08-1+b1 provides functions to remove accen ii lsb-base 3.2-23.2squeeze1Linux Standard Base 3.2 init scrip ii mime-support 3.48-1 MIME files 'mime.types' 'mailcap ii net-tools1.60-23 The NET-3 networking toolkit ii ng-utils 0.7-1 Tool to access netgroups from the ii openssl 0.9.8o-4squeeze1Secure Socket Layer (SSL) binary a ii patch2.6-2 Apply a diff file to an original ii python-notify0.1.1-2+b2 Python bindings for libnotify ii ssl-cert 1.0.28 simple debconf wrapper for OpenSSL ii tftp 0.17-18 Trivial file transfer protocol cli Versions of packages debian-edu-config recommends: ii ddccontrol 0.4.2-6 a program to control monitor param ii libnotify-bin 0.5.0-2 sends desktop notifications to a n ii lsof 4.81.dfsg.1-1 List open files ii memtest86+ 4.10-1.1 thorough real-mode memory tester ii resolvconf 1.46 name server information handler ii syslinux 2:4.02+dfsg-7 collection of boot loaders Versions of packages debian-edu-config suggests: ii atftpd 0.7.dfsg-9.1 advanced TFTP server -- Configuration Files: /etc/bind/db.0.168.192.in-addr.arpa. changed [not included] /etc/bind/db.1.168.192.in-addr.arpa. changed [not included] /etc/bind/db.2.0.10.in-addr.arpa. changed [not included] /etc/bind/db.intern changed [not included] /etc/bind/db.subnet00.intern. changed [not included] /etc/bind/db.subnet01.intern. changed [not included] /etc/gosa/gosa.conf [Errno 13] Keine Berechtigung:
mismatch in cn=admin,... DNs in debian-edu-config
Hi all, I have been getting a little confused by mismatching cn=admin DNs (there is an error on Debian Edu squeeze install currently that hints to some cn=admin + TLS problem). mike@minobo:~/MyDocuments/4projects/debian-edu/debian-edu-config$ grep -ri cn=admin, * | grep -v svn etc/ldap/slapd-lenny_debian-edu.conf:rootdn cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no etc/ldap/slapd-lenny_debian-edu.conf:access to dn.base=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no etc/ldap/slapd-lenny_debian-edu.conf: by dn.exact=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no ssf=128 =wx etc/ldap/slapd-lenny_debian-edu.conf: by dn.exact=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no ssf=128 =w etc/ldap/slapd-lenny_debian-edu.conf:access to dn.exact=cn=admin,ou=People,dc=skole,dc=skolelinux,dc=no etc/ldap/slapd-debian-edu.conf:rootdn cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no etc/ldap/slapd-debian-edu.conf:access to dn.base=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no etc/ldap/slapd-debian-edu.conf: by dn.exact=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no ssf=128 =wx etc/ldap/slapd-debian-edu.conf: by dn.exact=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no ssf=128 =w etc/ldap/slapd-debian-edu.conf:access to dn.exact=cn=admin,ou=people,dc=skole,dc=skolelinux,dc=no etc/ldap/slapd-squeeze_debian-edu.conf:rootdn cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no ldap-bootstrap/root.ldif:## echo -n cn=admin,ou=aclroles,dc=skole,dc=skolelinux,dc=no | base64 -w0 ldap-bootstrap/root.ldif:dn: cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no ldap-bootstrap/root.ldif:member: cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no ldap-bootstrap/root.ldif:member: cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no ldap-tools/ldappasswd2:$dn = 'cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no'; ldap-tools/csvparser:my $ldapadmindn = cn=admin,o=stfk,c=no; ldap-tools/ldap-upgrade-db-fix: -D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no ldap-tools/barbarossa/makeldif:cat EOF | ldapadd -x -h localhost -W -D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no ldap-tools/barbarossa/makesmbAcc:cat EOF | ldapmodify -x -h localhost -W -D cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no ldap-tools/sitesummary2ldapdhcp:my $binddn = cn=admin,ou=ldap-access,$base; share/debian-edu-config/tools/ldap-users.pl:member = cn=admin,ou=ldap-access, . $g{basedn}, To my experience the default cn=admin DN (that is the LDAP master account) should be cn=admin,BASEDN As we are restructuring the whole LDAP tree, we should approach common standards here as well... However, if we leave things as they are, we should agree on one unequivocal cn=admin DN/location in the LDAP DIT. Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpbU5QJicGvY.pgp Description: Digitale PGP-Unterschrift
Bug#621787: README.ldap in debian-edu-config outdated
Package: debian-edu-config Version: 1.446~svn73097 Severity: minor Tags: squeeze The file debian-edu-config/README.ldap is probably outdated. It furthermore is Norwegian and needs revision and translation. Or it needs to be dropped... Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgplWrCq8ejra.pgp Description: Digitale PGP-Unterschrift
d-i chooser for GNOME, KDE, LXDE
Hi all, there already was a discussion (on the list, in Zweibrücken, I cannot remember clearly) about adding another screen that allows to select the default window manager (GNOME, KDE, LXDE). Do we want that for squeeze? I would like to take a look at the necessary changes... Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgp66kJspmJfm.pgp Description: Digitale PGP-Unterschrift
Bug#570773: LDAP/TLS cert handling problems when ldap DNS name already exists
Hi Petter, hi Holger, just checked on a fresh tjener install. The LDAP server returned by debian-edu-ldapserver is ,,ldap.intern''. As the FQDN is returned by that script I guess this issue can be closed? There has been work on the debian-edu-ldapserver script because of the recent Kerberos work. Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpP0iF1Pi9Qd.pgp Description: Digitale PGP-Unterschrift
Re: remnants of etcinsvk
[Mike Gabriel] Hi Petter et al. Hi. I am just looking at debian-edu-* in SVN. There are still some remnants that hint to etcinsvk. Do I see it correcly that etcinsvk is outdated in squeeze (replaced by etckeeper). Yes. And even removed from the packages. I took care of dropping etcinsvk a while back. :) Here are the remnants: mike@minobo:~/MyDocuments/4projects/debian-edu/debian-edu-config$ grep -ri etcinsvk * | grep -v svn share/debian-edu-config/d-i/finish-install:# In case etcinsvk was not initialized in pre-pkgsel (ie Just a comment above a call to the edu-etcvcs wrapper script. The workaround it talk about could possibly be removed, but do no harm as far as I can tell. share/ltsp/plugins/ltsp-build-client/Debian-custom/032-edu-pkgs: etcinsvk \ Making sure the cron jobs for etcinsvk is disabled if the package happen to be disabled. This line make sure the ltsp build rules are compatible with Lenny. I am not sure if it is ok to remove the lines in the corresponding files. I suppose so, but do not want to do it without feedback... I doubt there is any need for a change, but if all traces and compatibility with Lenny should be dropped, both entries can be removed. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110408224354.gc6...@login2.uio.no
Re: mismatch in cn=admin,... DNs in debian-edu-config
[Mike Gabriel] As we are restructuring the whole LDAP tree, we should approach common standards here as well... Yes, and the one implemented is cn=admin,ou=ldap-access,BASEDN, and anything not using this is a bug or legacy settings. Happy hacking, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110408233427.gd6...@login2.uio.no
gdm for desktop-gnome and desktop-lxde task
Hi all, 1. I have added gdm as dependency for education-desktop-gnome and education-desktop-lxde. The point is: I still cannot install a desktop=gnome from the current squeeze image (am I the only person experiencing this???). Cf. #617371. What I can do is: add the squeeze-test repos of Skolelinux to sources.list. Then I can install education-desktop-gnome and deps... Maybe someone with more knowledge of the internals can take a look??? 2. I have also added desktop-file-utils as a dependency for desktop-lxde. This relates to an experience that you cannot double click on file and launch the related application (xdg-utils) with it. If you ad desktop-file-utils then the double click on files start working. This is probably a workaround for some other bug, I am not sure which package around lxde should actually have desktop-file-utils as dependency... Shall I add a bug to the tracker that we have to remove this later? Feedback? Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgp9kdnreR4e8.pgp Description: Digitale PGP-Unterschrift
Dropping compat to lenny (was Re: remnants of etcinsvk)
Hi Petter, Thanks a lot for taking a look. On Sa 09 Apr 2011 00:43:54 CEST Petter Reinholdtsen wrote: I doubt there is any need for a change, but if all traces and compatibility with Lenny should be dropped, both entries can be removed. So do we want that? As we head towards squeeze and Debian Edu currently is supposed to install from scratch this could be part of a pre-release cleanup? Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgphGUhknpzSk.pgp Description: Digitale PGP-Unterschrift
Re: mismatch in cn=admin,... DNs in debian-edu-config
Hi Petter, On Sa 09 Apr 2011 01:34:27 CEST Petter Reinholdtsen wrote: [Mike Gabriel] As we are restructuring the whole LDAP tree, we should approach common standards here as well... Yes, and the one implemented is cn=admin,ou=ldap-access,BASEDN, and anything not using this is a bug or legacy settings. Ok, I will take a look and see where the others exactly come from... Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpg5ExOhJa36.pgp Description: Digitale PGP-Unterschrift
Bug#621800: LDAP cert must use FQDN (as in DNS)
Package: debian-edu-config Version: 1.446~svn73153 Severity: minor Tags: squeeze Currently there occurs an error on testiuite/ldap-client when testing the TLS certificate. The problem is caused by a mismatch in certificate CN and hostname of the ldap server as in DNS/FQDN. The hostname/FQDN in DNS (rev DNS resolve) must match the CN field. For a default tjener setup (Main-Server) I thus recommend to default the certs CN to tjener.intern and add the LDAP aliases as subjectAltName fields. Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpA43AI9ktBc.pgp Description: Digitale PGP-Unterschrift