Hello I have FDS 1.0.1 installed to RHEL4ES and I managed to deny admin console connections from anywhere :) I have domain ton.fi and by default admin server seems to allow connections only from *.ton.fi. I need to connect admin server from anywhere and I thought that I could add * to the allowed host list... I did it with admin console. After I applied changes, I no longer could log in to the admin console, even from localhost, error log says: <error log> [Fri Feb 24 08:41:21 2006] [notice] Access Host filter is: (*.ton.fi|*) [Fri Feb 24 08:41:21 2006] [notice] Access Address filter is: * [Fri Feb 24 08:41:22 2006] [notice] Access Host filter is: (*.ton.fi|*) [Fri Feb 24 08:41:22 2006] [notice] Access Address filter is: * [Fri Feb 24 08:41:22 2006] [notice] Apache/2.0 configured -- resuming normal operations [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: ap_get_remote_host could not resolve 127.0.0.1 [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: host [ldap2.ton.fi] did not match pattern [(*.ton.fi|*)] -will scan aliases [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: host alias [ldap2] did not match pattern [(*.ton.fi|*)] [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: host alias [localhost.localdomain] did not match pattern [(*.ton.fi|*)] [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: host alias [localhost] did not match pattern [(*.ton.fi|*)] [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: host alias [ldapsrv] did not match pattern [(*.ton.fi|*)] [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: host alias [*] did not match pattern [(*.ton.fi|*)] [Fri Feb 24 08:46:51 2006] [notice] [client 127.0.0.1] admserv_host_ip_check: Unauthorized host ip=127.0.0.1, connection </error log> I tried to modify local.conf but it is always overwritten when I restart admin server. How to remove that * from the settings and what is the proper way to allow connections to admin server from anywhere. Admin connections are restricted with IPsec, FDS can allow it from anywhere, no problems with security. I was able to migrate from IBM LDAP to FDS and I'm really happy. I did not like IBM's multimaster replication, too many problems and did not know where to get support. FDS and mmr just works. Thanks for the great product :) Best Regards Kimmo Koivisto -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
