[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Fedora-directory-users] Adding admin users



Jo De Troy wrote:
Hi Rich,

what exactly do you mean? Searching for the uid=admin?
So adding a user to the Directory Administrators is not good enough. What extra rights does an extra admin user need? And how should I enable these rights for this user? Can I do this from the console? Or do I better do it via an ldif import?
First, look at an LDIF dump of o=netscaperoot and your userdatabase (I suggest using db2ldif:)

./db2ldif -U -s o=netscaperoot -a /tmp/nsroot.ldif

Also do the same for your user suffix e.g. -s "dc=example,dc=com"
Use -U to disable line wrapping, which makes using grep easier.

Then, just grep for uid=admin to see which entries have an aci which explicitly calls out uid=admin, and which groups have uid=admin added to them.

Then, do the same for your dse.ldif, in the entries and children of "", cn=schema, cn=config, and cn=monitor. dse.ldif is already in ldif format, so you can just grep it.

Thanks in advance,
Jo

        Hello,

        I was wondering what the correct way is to add a extra admin
    user (not
        directory manager or admin) who could login via the console to do
        maintenance tasks. Add users/groups, reset passwords, unlock
    users,
        restore backups, do imports, etc
        I tried adding a user as uniquemember to the group Directory
        Administrators and I can login to the console but I can only
    see the
        domain in the default view I cannot select the server or the admin
        server or directory server console.
        I guess using an aci for every specific user that needs
    privileged
        access is not the best way.


No. I suggest searching for the uid=admin user that gets created during setup.

        Thanks in advance,
        Jo


    --
    Fedora-directory-users mailing list
    Fedora-directory-users redhat com
     https://www.redhat.com/mailman/listinfo/fedora-directory-users
------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users redhat com
https://www.redhat.com/mailman/listinfo/fedora-directory-users

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]