[389-users] Re: Admin Gateway over https

On Thu, 2018-03-08 at 05:26 +0000, Eric Wheeler wrote:
> Thanks for the confirmation regarding secure connections and the
> clarification regarding dsgw. I will focus on other alternatives. I
> would be interested in exploring cli tools and the API. Any resources
> to which you could point me would be appreciated. Thanks for the
> help.


Sorry for the very late reply,

The new cli tools with 1.4.x are explained here:

http://www.port389.org/docs/389ds/design/dsadm-dsconf.html

These are a thin wrapper on our python library which has documentation
(and I wish I could rememeber where it is >.>)

There is a lot of example code, and I would be happy to help you get
some working demos going, and explain how it all works if you want to
pursue this further.

Thanks!


> > -----Original message-----
> > From: William Brown
> > Sent: Wednesday, March 7 2018, 1:47 pm
> > To: General discussion list for the 389 Directory server project.
> > Subject: [389-users] Re: Admin Gateway over https
> >
> > On Wed, 2018-03-07 at 01:18 +0000, Eric Wheeler wrote:
> > > How does one properly configure the Directory Server Gateway to
> > run
> > > over https? Is such a setup necessary for secure connections if
> > ldaps
> > > over 636 is active?
> >
> > Yes, because you have:
> >
> > client -> https -> ldaps
> >
> > So you have to protect each stage of the communication.
> >
> > > I edited dsgw-httpd.conf until I was able to connect to the
> > gateway
> > > via https, but the setup was pretty buggy. Afterwards, I came
> > across
> > > a page in the documentation stating this file shouldn't be
> > touched.
> > >
> > > My goal is to use the DS Gateway to edit the directory using
> > secure
> > > connections without resorting to other tools such as phpLDAPadmin
> > > which I've read is really designed for OpenLDAP.
> >
> > While I understand your desire, the dsgw software hasn't been
> > touched
> > by us in a long time - and I highly suspect it won't be supported
> > for
> > much longer. Sadly though, as far as a "web tool" we've had some
> > delays
> > building this up but it is on the way!
> >
> > Instead for 1.4.x we plan to release better cli tools with much
> > more
> > functionality that should be able to do everything you want.
> >
> > If you want to know more about these tools and our API for server
> > interaction, I'm happy to provide you resources about this to help
> > you
> > and get it fit for your requirements,
> >
> > Hope that helps,
> >
> >
> > > _______________________________________________
> > > 389-users mailing list -- 389-users@lists.fedoraproject.org
> > > To unsubscribe send an email to 389-users-leave@lists.fedoraproje
> > ct.o
> > > rg
> > _______________________________________________
> > 389-users mailing list -- 389-users@lists.fedoraproject.org
> > To unsubscribe send an email to 389-users-leave@lists.fedoraproject
> > .org
--
Thanks,

William Brown
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org