magic numbers (DNA) : console issues & gid assignment problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/16/2010 06:39 PM, Nathan Kinder wrote:

> The document you are using off of the wiki is an feature design document
> that was used while developing DNA.  Not everything mentioned in there
> is in the plug-in.  The ability to use multiple dnaType attributes in
> the same range is one of these things that is not implemented at this time.

Fair enough.  I assumed that the document entitled ? DNA Plugin Proposal 
? was the design document, and that ? DNA Plugin ? was the proper 
documentation.  :/

> You can set up two separate ranges, one for the uidNumber attribute and
> another for the gidNumber attribute.  While this doesn't guarantee that
> uidNumber == gidNumber for a user, the values will indeed be the same if
> you configure the ranges the same and always let DNA generate the values
> for those attributes.  The main issue to deal with to ensure the values
> are the same would be to use a different range of gidNumbers for
> posixGroup entries.

It should be as easy as creating two separate entries and then 
integrating them both, yes ? ex. :

dn: cn=UID, cn=DNA
   ...
dnatype: uidNumber
dnamagicregen: 99999
dnanextvalue: 1000
dnafilter: (objectclass=posixAccount)
   ...

AND

dn: cn=GID, cn=DNA
    ...
dnatype: gidNumber
dnamagicregen: 99999
dnanextvalue: 1000
dnafilter: (objectclass=posixGroup)
    ...

Or, should i be creating the two separate entries, but using the 
combined filter range (i.e. 
(|(objectclass=posixAccount)(objectclass=posixGroup)) ), as you indicate 
below ?

> If you don't care if your gidNumber user private groups match the user's
> uidNumber, you can just create a single gidNumber range with a filter of
> "(|(objectclass=posixAccount)(objectclass=posixGroup))" to have your
> range span your user and group entries.

Is that not what i attempted to do (and what is outlined in the spec 
doc) ? :

 >> # cat dna_conf
 >> dn: cn=UID and GID numbers,cn=Distributed Numeric Assignment
 >> Plugin,cn=plugins,cn=config
 >> objectClass: top
 >> objectClass: extensibleObject
 >> cn: UID and GID numbers
 >> dnatype: uidNumber
 >> dnaType: gidNumber
 >> dnamagicregen: 99999
 >> dnafilter: (|(objectclass=posixAccount)(objectclass=posixGroup))
 >> dnascope: dc=example,dc=com
 >> dnanextvalue: 1000

Note the dnafilter line, which contains the range you specified above.

In any case, thanks for your commentary and input on this topic thus 
far.  In our environment, the DNA plugin is the ? killer app ? that we 
needed in order to get a Directory Server deployment going. :)


-- 
Daniel Maher <dma + 389users AT witbe DOT net>


[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux