[Fedora-directory-users] Adding admin users
Richard Megginson
rmeggins at redhat.com
Wed Dec 6 13:26:00 UTC 2006
Jo De Troy wrote:
> Hi Rich,
>
> what exactly do you mean? Searching for the uid=admin?
> So adding a user to the Directory Administrators is not good enough.
> What extra rights does an extra admin user need? And how should I
> enable these rights for this user? Can I do this from the console? Or
> do I better do it via an ldif import?
First, look at an LDIF dump of o=netscaperoot and your userdatabase (I
suggest using db2ldif:)
./db2ldif -U -s o=netscaperoot -a /tmp/nsroot.ldif
Also do the same for your user suffix e.g. -s "dc=example,dc=com"
Use -U to disable line wrapping, which makes using grep easier.
Then, just grep for uid=admin to see which entries have an aci which
explicitly calls out uid=admin, and which groups have uid=admin added to
them.
Then, do the same for your dse.ldif, in the entries and children of "",
cn=schema, cn=config, and cn=monitor. dse.ldif is already in ldif
format, so you can just grep it.
>
> Thanks in advance,
> Jo
>
> Hello,
>
> I was wondering what the correct way is to add a extra admin
> user (not
> directory manager or admin) who could login via the console to do
> maintenance tasks. Add users/groups, reset passwords, unlock
> users,
> restore backups, do imports, etc
> I tried adding a user as uniquemember to the group Directory
> Administrators and I can login to the console but I can only
> see the
> domain in the default view I cannot select the server or the admin
> server or directory server console.
> I guess using an aci for every specific user that needs
> privileged
> access is not the best way.
>
>
> No. I suggest searching for the uid=admin user that gets created
> during setup.
>
> Thanks in advance,
> Jo
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users redhat com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20061206/abb21ccd/attachment.bin>
More information about the Fedora-directory-users
mailing list