Thursday, August 16, 2018

[389-users] Re: LDAP group to provide 389-console access?



On 08/16/2018 08:12 PM, Nick W. Harrison wrote:

Hello –

 

I am wanting to provide some GUI-based management console for my coworkers. To that end, I'm trying to make it so members of a certain LDAP-based group can login to 389-console as themselves, register LDAP instances, and start managing those LDAP instances with "directory administrator" permissions.

 

When I was installing 389 to begin with, the install process asked me to create an admin user. That admin user can login to the admin console GUI and manage the LDAP services fine, but now I want to designate members of an LDAP group to manage the instance through the 389 admin console as well.

 

When I add this group to the "Directory Administrators" group built-in to 389 DS and login to Admin Console, I only see a blank screen and no option to add 389 instances to manage. Not sure where to go now. I appreciate any advice.

Hi Nick,

Try adding your group to:

cn=Configuration Administrators,ou=Groups,ou=TopologyManagement,o=NetscapeRoot

Regards,
Mark

 

Nick



_______________________________________________  389-users mailing list -- 389-users@lists.fedoraproject.org  To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org  Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html  List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines  List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/message/PKCKK6PCZ5FJQQ34J4PQY7XZT5DYJLVX/  

No comments:

Post a Comment