[Fedora-directory-devel] Need to configure, but not start fedora-ds

Andrew Bartlett abartlet at samba.org
Wed Feb 28 21:40:39 UTC 2007


On Tue, 2007-02-27 at 14:11 -0700, Richard Megginson wrote:
> Andrew Bartlett wrote:
> > <snip>
> > A few things would be useful:
> >
> > Firstly, for the path to the ldapi socket to be part of the inf file, so
> > I can make it identical between the two supported servers (just makes my
> > life easier).  
> >
> > If I can't get that, then I need to be able to modify the dse.inf before
> > it starts.
> >
> > Slightly adjunct to this, i need a way to prevent the DS from binding to
> > anything except the unix domain socket (for security).  ie, no IPv4
> > ports.
> >
> > For the ds to be configured, but not started, so I can can copy out the
> > default schema, and replace it with just the core schema, and samba4's
> > schema.
> >   
> ds_newinst requires the server to be started to add the default acis in 
> cn=config, cn=schema, cn=monitor and elsewhere.  So if the server is not 
> started by ds_newinst, these acis will not be present, and the server 
> will have no access except for read only access to the root DSE.  Is 
> this ok?

I'll live.  Any progress on the other parts of this (ServerPort 0, ldapi
path specification)?

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20070301/ea6b6879/attachment.sig>


More information about the Fedora-directory-devel mailing list