SSH help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am really struggling to get Fedora Directory Server working using 
ADSync. I am confused on a lot of fronts, it would be fair to say I am a 
newbie when it comes to SSH, CAs, and synchronizing anything against 
Active Directory. So I am at a disadvantage to start with.

I have been using 
http://directory.fedoraproject.org/wiki/Howto:WindowsSync for my 
instruction base as well as 
http://directory.fedoraproject.org/wiki/Howto:SSL for setting up FDS to 
use SSL.

Here are my steps so far:
 1) Install and setup FDS and create my directory server. So far so good.
 2) Execute setupssl.sh from the Howto:SSL link above.
     * As far as I can tell this script automates everything in "Basic 
Steps", so correct me if I am wrong, but I shouldn't have to actually do 
any of them after running the script?
 3) Restart both my admin and directory servers.

After I have restarted my servers, it would seem to me that FDS would be 
exclusively accessible over port 636. So I use an LDAP Browser to 
verify, and it turns out that 389 is still available and the other 
isn't. Why is this?

At this point I decide to move onto another step 
(http://directory.fedoraproject.org/wiki/Howto:WindowsSync#Enabling_SSL_for_PassSync) 
in the instructions and setup ADSync on the Active Directory box. 
Install goes fine, though I am obviously unable to get it to connect to 
the FDS yet.

I am able to create the cert8.db, but then hit a road block again when I 
try to execute "pk12util -d . -P slapd-<instance> -o servercert.p12 -n 
Server-Cert", and yes I swap <instance> for my host name. I get this 
exception: "pk12util: find user certs from nickname failed: security 
library: bad database.". Any idea?

I know this is a lot, but I would appreciate any help I can get.

Thank you,
Dennis





--
 The sender of this email subscribes to Perimeter eSecurity's email
 anti-virus service. This email has been scanned for malicious code and is
 believed to be virus free. For more information on email security please
 visit: http://www.perimeterusa.com/email-defense-content.html
 This communication is confidential, intended only for the named recipient(s)
 above and may contain trade secrets or other information that is exempt from
 disclosure under applicable law. Any use, dissemination, distribution or
 copying of this communication by anyone other than the named recipient(s) is
 strictly prohibited. If you have received this communication in error, please
 delete the email and immediately notify our Command Center at 203-541-3444.

 Thanks 




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux