Deas, Jim wrote:
I recently completed Redhats course on Directory Services and decided to
setup a test deployment using Fedora. In the course of doing this I came
across a couple of issues that I need to answer before I could use
Directory as a valid authentication system.
What did you think about the course?
1) The web interface appears to create/handle group entrys different
from those migrated from the local files using the Redhat class altered
paddle scripts. From the class I remember changing the 'group' schema to
'groups'. End result, is there a way to create/manage 'groups' schema
entries using the Directory web page that match those created when my
existing /etc/group was migrated using the altered paddle scripts. If
not, why does Redhat suggest this change in their class?
The web interface is not meant to be a full-blown user management
solution. You'd do much better with something like phpldapadmin, or
writing your own command line tools.
2) Is there a way that the Directory web page can be used to create new
user accounts that include an autogen uid and gid? Currently it appears
to create a new user with all the posix data turned off. This is fine
from a management position as long as a uid generator exist to keep me
safe from producing duplicate uid/gid numbers.
I wrote a user addition script which supports uid uniqueness checking
for manually specified uids, as well as auto incrementing of uid if
desired (does a search, sorts the uid list, and adds 1).
http://www.netauth.com/~jacksonm/ldap/newuser.pl
Just edit the configuration section to match your setup, and you're all set.
NOTE that this is not a very advanced tool, but the price is right :-) I
have written some very advanced ones, but they are not open source...
BR,
Mike
--
http://www.netauth.com - LDAP Directory Consulting
