One of the panels during post-installation configuration for TPS asks
you to set up your authentication ldap system. I usually just point it
to an existing ldap system I have. The end result of the panel, when I
take the defaults, is usually like the following in my CS.cfg file (I'm
only listing the ones matters most to me):
...
auth.instance.0.authId=ldap1
auth.instance.0.baseDN=dc=sjc,dc=redhat,dc=com
auth.instance.0.hostport=localhost:389
...
op.enroll.userKey.auth.id=ldap1
I then need to add an user to the specified ldap system. I use the
following ldap modify file, ldapModAddUser.txt:
dn: uid=cfu,ou=People,dc=sjc,dc=redhat,dc=com
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
uid: cfu
cn: Christina Fu
sn: Fu
givenName: Christina
userPassword: xxxusrpwdxxx
then I run ldapmodify:
ldapmodify -h localhost -p 389 -D "cn=Directory Manager" -w xxxDMpwdxxx
-x -f ldapModAddUser.txt
then I'm ready to use uid "cfu" and password "xxxusrpwdxxx" to enroll.
Christina
Zach Casper wrote:
We have followed all steps to install/run Fedora Dogtag/FDS using
default settings.
We have also added users/certificates from within the CA/RA subsystems.
We are now to the point we need to format and enroll some smart cards,
however, the LDAP Authentication dialog appears and no combination of
LDAP User ID/Password work.
We’ve tried cn=Directory Manager, Admin, pkiuser…all without luck.
I know we must have users already in FDS but this documentation seems
not to exist.
How do we either add users in FDS so that we can continue to format
and enroll smart cards? Are we missing something?
--
Zach Casper
Envieta LLC
------------------------------------------------------------------------
_______________________________________________
Pki-users mailing list
Pki-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pki-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
