Stucked with Client Setup?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On [Thu, 14.01.2010 10:17], Ajeet S Raina wrote:
>   have been stucked with the following points:
>
>   1. Authenticating Linux Client with ldaps://

Please read the already mentioned HowTo to setup SSL. Everything is
described there in great detail. Again the link:

http://directory.fedoraproject.org/wiki/Howto:SSL

A short summary:
You have to either setup a new CA or use an already existing CA.
Create a certificate request for your server. Send this request
(csr-file) to the CA and let the CA sign the request. Import the 
signed certificate (crt-file) into your DS. Make also the CA certificate 
available to the client, either via certutil or the console. Both 
certificates (from the server and the CA) should be visible with 
certutil -d /etc/dirsrv/slapd-instancename -L) and/or via the console. 
If this is not the case, don't move on, search the problem until you see 
both certificates. Make sure the trust flags were set correctly.

Next step is to configure the client. Run system-config-authentication to 
provide the necessary information to NSS and PAM. Specifiy a location
where the CA certificate can be found. After that, try to search the DS 
with "ldapsearch -ZZ". If this is not working, don't move on, search the 
problem until ldapsearch returns ldap objects from your DS. The logs files 
with the error codes are always a good start point to troubleshoot problems.

If this is working, try to authenticate as a ldap user. If this works,
great, if not, check the logs, re-check the HOWTO. Try again. If it is
still not working, ask again.

>   2. Auto create home directory ( I will look into what you sent)

man pam_mkhomedir

>   3. Auto-Increment UserID

http://directory.fedoraproject.org/wiki/DNA_Plugin

hth.

Happy Day.
Thorsten

-- 
"Eternity is a very long time, especially towards the end."
  ? Stephen Hawking

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3894 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20100114/1f4da9cd/attachment.bin
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux