Bug 198527 - wiki lists incorrect method for changing allowed hosts/IP addresses
wiki lists incorrect method for changing allowed hosts/IP addresses
Status: CLOSED CURRENTRELEASE
Product: 389
Classification: Community
Component: wiki (Show other bugs)
1.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Rich Megginson
Viktor Ashirov
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-07-11 12:44 EDT by David Bogen
Modified: 2015-12-07 11:38 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-12-07 11:38:07 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Bogen 2006-07-11 12:44:18 EDT
Description of problem:

While it is a known bug that the admin server software itself requires host/IP
address matching to fail before a client can be granted access:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183925

the wiki still lists information that doesn't work on this page:

http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt

I can understand why the wiki lists information that *should* work, but we need
information that *does* work.

Perhaps the wiki should contain a link to the bug listed above, or a note
something like:

>>>>>
Due to a bug in the software that will be fixed in release foo, if you're using
release 1.0_blah, then you'll need to use syntax something like the following to
allow any host, anywhere, to access the admin server:

dn: your relevant dn here
changetype: modify
replace: nsAdminAccessHosts nsAdminAccessAddresses
nsAdminAccessHosts: 
nsAdminAccessAddresses: 224.0.0.0

The matching logic is reversed, so if you want any host to connect, you need to
empty the nsAdminAccessHosts field and use something in nsAdminAccessAddresses
that will most likely never match one of your clients' IP addresses.
<<<<<
Comment 1 Rich Megginson 2006-07-11 13:29:07 EDT
Thanks.  Please check the wiki page to see if I worded it correctly.

http://directory.fedora.redhat.com/wiki/Howto:AdminServerLDAPMgmt#How_to_set_the_hosts.2FIP_addresses_allowed_to_access_the_Admin_Server
Comment 2 David Bogen 2006-07-11 13:34:23 EDT
Your wording is better than mine.  Thanks for making the change.

Note You need to log in before you can comment on or make changes to this bug.