Re: [389-users] using passwd with 389

On 01/21/2014 12:29 PM, Chaudhari, Rohit K. wrote: > Hello, > > I want to be able to use the Unix "passwd" command to reset a LDAP > user's password from the command line. However, I keep getting an > authentication token manipulation error whenever I try to reset the > password using that comman

Re: [389-users] Replication error

On 01/21/2014 05:16 AM, Diego Woitasen wrote: > On Mon, Jan 20, 2014 at 9:17 PM, Diego Woitasen wrote: >> Hi, >> I have a replication error with 389DS. If I try a full resync, >> replication works. But if I modify something after that, it fails. The >> only lines that I see in the logs are: >> >>

Re: [389-users] 389 and snmp

On 09/30/2013 04:56 PM, Michael R. Gettes wrote: I have the ldap-agent working. All I see is snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2312 SNMPv2-SMI::enterprises.2312.6.5.1.1.389 = STRING: "389 Replica" SNMPv2-SMI::enterprises.2312.6.5.1.2.389 = STRING: "389-Directory/1.2.11.15" SNMPv2-S

Re: [389-users] Problem after disabling anonymous binds

On 06/21/2012 07:03 AM, Jeroen van Meeuwen (Kolab Systems) wrote: Hi there, I'm curious as to whether anyone else has experienced this problem before; Disabling anonymous binds causes the 389-console to be unable to locate the entry corresponding to the user name used to login with (or so it

Re: [389-users] Strange Disk IO issue

On 05/16/2012 11:19 AM, Brad Schuetz wrote: On 05/16/2012 06:16 AM, Paul Robert Marino wrote: The exact timing of the issue is to strange is there a backup job running at midnight. Or some other timed job that could be eating the ram or disk IO. Possibly one that is reliant on ldap queries that

Re: [389-users] Error updating to 389 1.2.9.9

On 03/02/2012 06:32 AM, Michael R. Gettes wrote: On Mar 2, 2012, at 9:21, Rich Megginson wrote: On 03/01/2012 09:56 PM, Michael R. Gettes wrote: I am in process of standing up a new directory service and will have to migrate many apps to the new service. Do you believe 1.2.10.2 is stable eno

Re: [389-users] DNA configuration question

On 11/08/2011 04:52 AM, cnu wrote: > Hello, > > I use 389 directory server 1.2.8.1 in a master slave replication > configuration. > One master and five slaves. > Now I want to configure DNA plugin. Is it sufficient to activate the > plugin only on the master server ? By slave, I assume you mean rea

Re: [389-users] ad nested objects sync

On 09/16/2011 08:48 AM, solarflow99 wrote: On Fri, Sep 16, 2011 at 11:01 AM, Rich Megginson > wrote: On 09/16/2011 08:55 AM, Vasil Mikhalenya wrote: > hi all, > > can windows sync agreement replicate nested objects ? like > cn=user1,ou=location1

Re: [389-users] 389-ds apparently listens only on loopback

On 07/08/2011 07:26 AM, Arian Sanusi wrote: > does that mean it listens only on IPv6? What does 'sysctl net.ipv6.bindv6only' show on your system? Do you have nsslapd-listenhost set in your cn=config entry? You can check this in /etc/dirsrv/slapd-/dse.ldif. > [root@centos5-test ~]# netstat -tlnp >

Re: [389-users] Building 389 console

On 05/23/2011 10:56 AM, Michael Pelletier wrote: On May 23, 2011, at 11:55 AM, Rich Megginson wrote: On 05/23/2011 09:51 AM, Michael Pelletier wrote: Hello, I have followed the instructions on http://directory.fedoraproject.org/wiki/BuildingConsole#Building_Directory_Server_Console_.28fed

Re: [389-users] Importing Thunderbird AddressBook into LDAP

On 05/23/2011 08:47 AM, Philip Rhoades wrote: > Christopher, > > > On 2011-05-24 01:08, Christopher Wood wrote: >> On 23/05/11 02:06 AM, Carsten Grzemba wrote: >>> I guess the standard schema of 389Ds do not know objectclass >>> mozillaAbPersonAlpha and the attribute mozillanickname >>> >> My 389

Re: [389-users] Building 389-ds-console-1.2.5, 389-console-1.1.6 and 389-admin-console-1.1.7 (via Git)

On 05/23/2011 05:57 AM, Michael Pelletier wrote: Can anyone help with this? On May 22, 2011, at 12:42 AM, Michael Pelletier wrote: Hello all, I am building my own package. I have compilied everything except 389-ds-console-1.2.5, 389-console-1.1.6 and 389-admin-console-1.1.7 I have bee

Re: [389-users] Install on RHEL 6....

On 02/14/2011 10:36 AM, danielg...@yaktech.com wrote: > I have managed to get everything compiled and all packages installed, but > when I go through the /usr/sbin/setup-ds-admin.pl script if fails with > > Could no start the admin server. Error: 256 > Failed to create and configure the admin serve

Re: [389-users] How to get alternate versions of src RPM's via yum, or better yet without yum?

On 11/29/2010 02:03 PM, brandon wrote: > Is there an easier way to get the SRC RPMs without YUM? > > I find the YUM repo a very frustrating way of getting the software. I > want the the src RPMs so I can rebuild them myself, but I don't want to > get the version that is pushed via yum by default.

Re: [389-users] Replication from 1.2.5 to 1.2.6 failed

On 10/16/2010 11:42 AM, Edward Z. Yang wrote: > I've got a failure, and I'm able to gdb it. However, I don't > know what to look for. What kind of tracing would you like to > see? I was going to wireshark but decrypting the Kerberos would > be annoying. > If you can break in acquire_replica(

Re: [389-users] synchronization state between replicas

On 09/30/2010 09:49 PM, Barry Sitompul wrote: > Hi All, > > > Does 389-DS provide a tool to check the synchronization state between > replicas to check whether or not the replicas have converged? > > I recall there was a tool called 'insync' that came with Sun Directory > Servers quite some time ag

Re: [389-users] SSHA and friends

On 09/22/2010 10:45 AM, Gerrard Geldenhuis wrote: Hi This is probably OT but I am not having much luck with google. How can I create SSHA512 strings? I have been using either a php script or slappasswd to create SSHA password but not sure how to do SSHA512. openssl can create the SHA512 dige

Re: [389-users] possibe selinux issue on 1.2.6

On 09/22/2010 05:48 AM, smlacc1 leador wrote: > Hi There, > > I just installed 1.2.6 from the epel repository onto a freshly > installed and updated RHEL 5.5. > > When I use "service dirsrv-admin start", it starts, but then refuses > to receive connections. the /var/log/dirsrv/admin-serv/error log

Re: [389-users] superior attributes (not object classes)

On 08/31/2010 08:28 PM, Brian LaMere wrote: > Was this ever looked at again for a feature enhancement? Is it > already available, if I do X thing? A feature enhancement to the schema conversion tool? I'm not sure who maintains that now. well, I was simply running the schema-

Re: [389-users] issue getting schema - Version 1.2.x return no operational attributes

On 07/29/2010 01:30 AM, Rudolf Hatheyer wrote: > Hi, > > I've noticed a difference in behavior between 1.0.x and 1.2.x Version of > FDS. > Version 1.2.x will not return the hole schema (without specifying > attributes objectClasses, matchingRules ). > This change came about from some work to ma

Re: [389-users] Windows Sync

On 07/27/2010 10:21 AM, --[ UxBoD ]-- wrote: > Hi, > > We have a Windows replication agreement in place which works great; plus we > are using the PassSync on the Windows server itself. The issue we have is > that when somebody changed their password on the Windows server it has got > stuck due

Re: [389-users] 'mail' attribute is now case-sensitive?

On 07/23/2010 07:20 AM, Dael Maselli wrote: > Hi, > > I installed a new 389 (389-ds-base-1.2.5-1.el5.x86_64) to replace the > old FDS (fedora-ds-base-1.1.3-2.fc6.x86_64) and migrated the content. > > Now I realize that search behavior on 'mail' has changed, the old was > case-insensitive and now is

Re: [389-users] new 00core.ldif break other ldif

On 07/23/2010 07:19 AM, Roberto Polli wrote: > Hi all, > > it seems that the new 00core.ldif doesn't contain the NAME alias for the > fields (eg. "cn" "commonName") > > it cause other old ldif not to work under new releases of fds. > > Why are the aliases have been removed? > I don't think that

Re: [389-users] Announcing 389 Directory Server 1.2.6 Release Candidate 3

dated 389-ds* and not 389* so the 389-admin* packages were mismatched. Once I upgraded everything to what was in updates-testing no more selinux messages, sorry about the confusion. Aaron 2010/7/15 Nathan Kinder mailto:nkin...@redhat.com>> On 07/15/2010 09:12 AM, Aar

Re: [389-users] enabling posixGroup for a group (error : attribute "uidNumber" not allowed)

On 07/06/2010 10:22 AM, Daniel Maher wrote: > On 07/06/2010 07:04 PM, Nathan Kinder wrote: > > >>> To clarify then, for the uids, instead of this : >>> >>> dnafilter: (|(objectclass=posixAccount)(objectclass=posixGroup)) >>> >>> It should

Re: [389-users] enabling posixGroup for a group (error : attribute "uidNumber" not allowed)

On 07/06/2010 09:08 AM, Daniel Maher wrote: > On 07/06/2010 05:31 PM, Nathan Kinder wrote: > > >>> http://directory.fedoraproject.org/wiki/Howto:DNA >>> > >> The way you have DNA configured will cause it to try to add a >> "uidNumbe

Re: [389-users] enabling posixGroup for a group (error : attribute "uidNumber" not allowed)

On 07/02/2010 07:22 AM, Daniel Maher wrote: > On 07/02/2010 11:58 AM, Daniel Maher wrote: > > >> I am trying to get system groups working on 389-ds via the addition of >> "posixGroup" as a value for a given LDAP group. >> > >> However, this error appears in the log : >> >> [02/Jul/201

Re: [389-users] restarting the 389 after a reboot

On 06/24/2010 03:49 PM, Steven Jones wrote: > Steven Jones wrote: > >> > 8><- > >> >> see also the configuration directory ldap url - ldapurl in >> >> /etc/dirsrv/admin-serv/adm.conf >> >> > 8><- > >> Ok, I fixed the latter by editing the adm.conf to point at >> 636.

Re: [389-users] errors once in the admin console

On 06/15/2010 07:20 PM, Steven Jones wrote: > Hi, > > I installed with, "yum -y install 389-ds" > > I have started the console with, /usr/bin/389-console > > under the Server group folder I have "Administration Server" and "Directory > Server" (hostname) > > Clicking on either of these gives me a

Re: [389-users] magic numbers (DNA) : console issues & gid assignment problem

On 04/19/2010 07:03 AM, Daniel Maher wrote: > On 04/16/2010 06:39 PM, Nathan Kinder wrote: > > >> The document you are using off of the wiki is an feature design document >> that was used while developing DNA. Not everything mentioned in there >> is in the p

Re: [389-users] magic numbers (DNA) : console issues & gid assignment problem

On 04/16/2010 03:42 AM, Daniel Maher wrote: > On 04/15/2010 05:02 PM, Nathan Kinder wrote: > > >> That's why you need to set a magic value in the DNA config and use them >> in the Console. For example, you could configure the value "1" to be a >> ma

Re: [389-users] DNA plugin woes on a fresh centos-DS 8.1 install (now with a disastrous crash condition!)

On 04/15/2010 12:43 AM, Daniel Maher wrote: > On 04/14/2010 08:25 PM, Nathan Kinder wrote: > > >>>> When i use the console to add a new user, it expects there to be a value >>>> in three fields : UID Number, GID Number, and Home Directory. The >>>&g

Re: [389-users] DNA plugin woes on a fresh centos-DS 8.1 install (now with a disastrous crash condition!)

On 04/14/2010 04:10 AM, Daniel Maher wrote: > On 04/14/2010 11:45 AM, Daniel Maher wrote: > > >> At ~ 09:28, i attempted to add the user entry as described above. At ~ >> 09:29 i manually restarted the dirsrv service. As you can see, there >> are no long entries related to the interaction or

Re: [389-users] DNA plugin woes on a fresh centos-DS 8.1 install (now with a disastrous crash condition!)

On 04/14/2010 03:02 AM, Daniel Maher wrote: > On 04/14/2010 11:45 AM, Daniel Maher wrote: > > >> When i use the console to add a new user, it expects there to be a value >> in three fields : UID Number, GID Number, and Home Directory. The >> console will not create the entry if those fields ar

Re: [389-users] DNA plugin woes on a fresh centos-DS 8.1 install

On 04/13/2010 08:21 AM, Daniel Maher wrote: > Hello, > > First off, my apologies if this is not an appropriate forum for asking > questions related to the CentOS Directory Server. The 389-users > archives contain numerous messages related to this platform, so... > > The situation : fresh install o

Re: [389-users] The same error but with the 389-console

On 02/08/2010 01:05 AM, serge.ste...@fmsb.be wrote: Error adding object 'dn: cn=celem2,ou=machines,dc=fmsb,dc=be'. The error sent by the server was 'Invalid syntax. description: value #0 invalid per syntax '. The object is: LDAPEntry: cn=celem2,ou=machines,dc=fmsb,dc=be; LDAPAttributeSet: LDA

Re: [389-users] Distributed Numeric Assignment (DNA) Plugin Fails At 13003

On 01/14/2010 02:00 AM, Fazli wrote: Hi, I'm currently making use of the DNA plugin to assign unique values for the 'uidNumber' attribute for new POSIX users, which (from what I understand) is the 'ideal' configuration in a large, corporate environment. I decided to run a stress test by add

Re: [389-users] Auto-Increment of UserID in 389 Server?

On 01/13/2010 10:19 AM, Ajeet S Raina wrote: Andrey, I read the link of DNA plugin but have no idea how to implement that. Can you please help with the steps or any tutorial hint for the same. I appreciate your responsive help as I am not a good programmer. You don't need to do any programming