Graham Leggett wrote:
Richard Megginson wrote:Having got my brand new DS v1.0.2 up and running, and the admin server started up, I discover that the admin server has arbitrarily placed a host check of *.domain.com onto the server, effectively locking me out of the admin server (my client machine is not in *.domain.com).See http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt and https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183925I don't follow - I need to download the source, apply the patch in the above bug, then rebuild the entire thing before I have any hope of administering this server?
no, you just need to supply a pattern which _does not match_ the incoming IP address. Then it will allow it. It's backwards.
Is there some kind of manual override that I can use to switch this behaviour off? Or alternatively if this is not possible, to require localhost so that I can run the admin server behind a reverse proxy whose access control does work properly?Having changed the *.domain.com to * I am now getting this error:[Sat Mar 04 10:42:50 2006] [notice] [client xx.xx.xx.xx] admserv_host_ip_check: Unauthorized host ip=xx.xx.xx.xx, connection rejectedGoogle finds other people with this problem, apparently "*" doesn't mean "let everybody in", but instead it means "let everyone in whose reverse DNS works". In this case reverse DNS does work, but I may be getting bitten by bug 183925.So in short, does the admin server in v1.0.2 work at all, or am I just wasting my time? :(Regards, Graham -- ------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
