never mind I found the answer apparently you have to go into the "Directory" tab in the directory server and create a domain object because its not automatically created when you create the database under the sub dn On Fri, Jul 27, 2012 at 7:03 PM, Paul Robert Marino <prmarino1@xxxxxxxxx> wrote: > Hello every one > > I have a strange problem Im trying to use 389 server in a large > organization and i have to break the directory into several sub > suffixes or root suffixes. > there is the scenario > I work for Large company A > Large company A owns > 1) subsidiary b > 2) subsidiary c > 3) subsidiary d > > Large company A uses domain example.com > subsidiary b uses domain b.example.com > subsidiary c uses domain c.example.com > subsidiary d uses domain d.example.com > > > I would like to separate each of the subsidiaries into their own sub > suffix partially because of security reasons also to minimize unneeded > replication for local read only slaves at the subsidiary sites, and I > would also like the administrator at each subsidiary to have the > option of manage their own users or having the administrators at the > parent company do it for them. > > now creating the sub suffix with its own database is fairly well > documented and works well with ou's but doesn't seem to work with > dc's > if i create the new suffix as a dc and go into the users and groups in > the console and try to add a user to the new dc it wont let me. if i > use the Users drop down menu and try to change directory and set the > base to the new dc (e.g. dc=b,dc=example,dc=com) it tells me the dc > isn't valid > > I also tried creating a root suffix and ran into the same problem so > what am i missing? > Is there some initial database population step I didn't see in the > documentation or do i need to setup some ACIs or what? -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
