Bug 198527 - wiki lists incorrect method for changing allowed hosts/IP addresses
Summary: wiki lists incorrect method for changing allowed hosts/IP addresses
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: 389
Classification: Retired
Component: wiki
Version: 1.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Rich Megginson
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-07-11 16:44 UTC by David Bogen
Modified: 2015-12-07 16:38 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2015-12-07 16:38:07 UTC
Embargoed:


Attachments (Terms of Use)

Description David Bogen 2006-07-11 16:44:18 UTC
Description of problem:

While it is a known bug that the admin server software itself requires host/IP
address matching to fail before a client can be granted access:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183925

the wiki still lists information that doesn't work on this page:

http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt

I can understand why the wiki lists information that *should* work, but we need
information that *does* work.

Perhaps the wiki should contain a link to the bug listed above, or a note
something like:

>>>>>
Due to a bug in the software that will be fixed in release foo, if you're using
release 1.0_blah, then you'll need to use syntax something like the following to
allow any host, anywhere, to access the admin server:

dn: your relevant dn here
changetype: modify
replace: nsAdminAccessHosts nsAdminAccessAddresses
nsAdminAccessHosts: 
nsAdminAccessAddresses: 224.0.0.0

The matching logic is reversed, so if you want any host to connect, you need to
empty the nsAdminAccessHosts field and use something in nsAdminAccessAddresses
that will most likely never match one of your clients' IP addresses.
<<<<<

Comment 1 Rich Megginson 2006-07-11 17:29:07 UTC
Thanks.  Please check the wiki page to see if I worded it correctly.

http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt#How_to_set_the_hosts.2FIP_addresses_allowed_to_access_the_Admin_Server


Comment 2 David Bogen 2006-07-11 17:34:23 UTC
Your wording is better than mine.  Thanks for making the change.



Note You need to log in before you can comment on or make changes to this bug.