On Tue, 2018-03-13 at 10:55 +1000, William Brown wrote: > On Thu, 2018-03-08 at 05:26 +0000, Eric Wheeler wrote: > > Thanks for the confirmation regarding secure connections and the > > clarification regarding dsgw. I will focus on other alternatives. I > > would be interested in exploring cli tools and the API. Any > > resources > > to which you could point me would be appreciated. Thanks for the > > help. > > > Sorry for the very late reply, > > The new cli tools with 1.4.x are explained here: > > http://www.port389.org/docs/389ds/design/dsadm-dsconf.html > > These are a thin wrapper on our python library which has > documentation > (and I wish I could rememeber where it is >.>) > > There is a lot of example code, and I would be happy to help you get > some working demos going, and explain how it all works if you want to > pursue this further. The docs are here! https://fedorapeople.org/~spichugi/html/ There are some improvements to still come to this api, but any questions are very welcome :) > > Thanks! > > > > > -----Original message----- > > > From: William Brown > > > Sent: Wednesday, March 7 2018, 1:47 pm > > > To: General discussion list for the 389 Directory server project. > > > Subject: [389-users] Re: Admin Gateway over https > > > > > > On Wed, 2018-03-07 at 01:18 +0000, Eric Wheeler wrote: > > > > How does one properly configure the Directory Server Gateway to > > > > > > run > > > > over https? Is such a setup necessary for secure connections if > > > > > > ldaps > > > > over 636 is active? > > > > > > Yes, because you have: > > > > > > client -> https -> ldaps > > > > > > So you have to protect each stage of the communication. > > > > > > > I edited dsgw-httpd.conf until I was able to connect to the > > > > > > gateway > > > > via https, but the setup was pretty buggy. Afterwards, I came > > > > > > across > > > > a page in the documentation stating this file shouldn’t be > > > > > > touched. > > > > > > > > My goal is to use the DS Gateway to edit the directory using > > > > > > secure > > > > connections without resorting to other tools such as > > > > phpLDAPadmin > > > > which I’ve read is really designed for OpenLDAP. > > > > > > While I understand your desire, the dsgw software hasn't been > > > touched > > > by us in a long time - and I highly suspect it won't be supported > > > for > > > much longer. Sadly though, as far as a "web tool" we've had some > > > delays > > > building this up but it is on the way! > > > > > > Instead for 1.4.x we plan to release better cli tools with much > > > more > > > functionality that should be able to do everything you want. > > > > > > If you want to know more about these tools and our API for server > > > interaction, I'm happy to provide you resources about this to > > > help > > > you > > > and get it fit for your requirements, > > > > > > Hope that helps, > > > > > > > > > > _______________________________________________ > > > > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > > > > To unsubscribe send an email to 389-users-leave@lists.fedorapro > > > > je > > > > > > ct.o > > > > rg > > > > > > _______________________________________________ > > > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > > > To unsubscribe send an email to 389-users-leave@lists.fedoraproje > > > ct > > > .org > > -- > Thanks, > > William Brown > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to 389-users-leave@lists.fedoraproject.o > rg -- Thanks, William Brown _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx