[Date Prev][Date Next]
Re: Change over to anonymous binds
Actually I've fixed the resolver problem by adding a file that has the
resolv.conf I want and then using it to overwrite the one
the system keeps insisting I use at the end of the
/etc/sysconfig/network script. DNS spins like a top now but I still
an ldap logon on the server. Again no trouble for the clients and no
trouble for users local to the server, they can do ldap logins just fine.
Just in case, I am rewriting all of the certs and stuff now.
Hmmm... right now I am supposed to have both encrypted and non-encrypted
stuff going in the same port but I don't think that this is working.
If it were, then when I kill the encryption on the server login there
should be no trouble and there is, in fact, trouble.
You know, I think the base problem is the inability to change resolv.conf.This would mean you'd have to run a caching name server, like I do.
If I could specify the default DNS service as 127.0.0.1 I think it would
The project requires a real name server mainly because I made a
commitment in that regards at the beginning of the project.
Sorry, I thought I mentioned that. Besides, I've already shown that this
is not likely to be *THE* problem although it was in fact
*A* problem. ;-) I think it is much more likely to have something to do
with the combination of SSL/OpenLDAP that I am not quite getting.
Hmmm... it might be worth turning off the name daemon and using host
files as a test though... Could prove enlightening.
The forwarder specs in the named.conf file would take care of the rest.
Sorry, no can do. My org is EWU. I am a grad student and this is my
grad project. Normally I could expect some help from
CommonName field in the cert.
Go and speak to someone in your org who knows *everything* about DNS. He
MUST NOT be a Microsoft MCSE or a Novell CNA, since they're all wood
between the ears and can only point and click and answer multiple choice
questions without thinking.
my profs but they are mostly all software engineers, not admins. I
start talking about network stuff and I get the eye-glaze thing
from them. ;-)