How to get updated Fedora 31 Cloud Image?

The Fedora 31 qcow2 cloud image e.g. http://mirrors.rit.edu/fedora/fedora/linux/releases/31/Cloud/x86_64/images/ was built with a buggy grub bootloader which causes problems like https://bugzilla.redhat.com/show_bug.cgi?id=1669252 How do I request a new Fedora 31 cloud image to be built and pu

[389-users] Re: Replication + SSLCLIENTAUTH failure: setup_ol_tls_conn - failed: unable to create new TLS context

On 03/30/2016 06:45 PM, Graham Leggett wrote: On 31 Mar 2016, at 12:25 AM, Graham Leggett wrote: [30/Mar/2016:17:19:19 +] setup_ol_tls_conn - failed: unable to create new TLS context [30/Mar/2016:17:19:19 +] slapi_ldap_bind - Error: could not configure the server for cert auth - erro

Re: [389-users] Review 389-ds install/upgrade procedures and requisites on http://directory.fedoraproject.org/docs/389ds/download.html

ts to the latest 389-ds-base-1.2.11.15-50.el6? If you were using the old rmeggins repo or a copr repo, see http://www.port389.org/docs/389ds/releases/end-1-2-11.html Thanks. Is compiling from source our only option? Because, I can do that. I'd just rather not have to. On Mar

Re: [389-users] 389-console problem restore backup

On 04/02/2014 08:40 AM, Carsten Grzemba wrote: Am 02.04.14 schrieb *Rich Megginson * : On 04/02/2014 07:47 AM, Carsten Grzemba wrote: Am 02.04.14 schrieb *Rich Megginson * <mailto:rmegg...@redhat.com>: On 04/02/2014 02:50 AM, Carsten Grzemba wrote: If I try to restore backups

Re: [389-users] 389-console problem restore backup

On 04/02/2014 07:47 AM, Carsten Grzemba wrote: Am 02.04.14 schrieb *Rich Megginson * : On 04/02/2014 02:50 AM, Carsten Grzemba wrote: If I try to restore backups I get the error: error:could not read config file. In the console log I see: http://testcsw.contac.lan:2389/[1:0] recv> er

Re: [389-users] Kerberized admin server

On 03/04/2014 09:16 AM, Paul Robert Marino wrote: hello I know there use to be a document on doing this because I did it several years ago at a previous job but I cant seem to find it in the documentation now. I'm trying to make the the admin server accept Kerberos authentication. From which a

Re: [389-users] ACL processing

Import speed with no indexes is fairly fast). Any obvious clues I'm missing? No, not sure what's going on. Thanks, Russ. On Feb 19, 2014, at 4:08 PM, Rich Megginson <mailto:rmegg...@redhat.com>> wrote: On 02/19/2014 04:56 PM, Russell Beall wrote: Hi all, We've

Re: [389-users] replication stopped after server restart - problem to reenable

On 02/13/2014 02:05 AM, Jan Kowalsky wrote: On 2014-02-12 23:25, Rich Megginson wrote: On 02/12/2014 02:34 PM, Jan Kowalsky wrote: Hi Rich, thank you for answering, Since this is my first experience with replication I don't know if I do something completely wrong or it's a but. I

Re: [389-users] replication stopped after server restart - problem to reenable

On 02/12/2014 06:29 AM, Jan Kowalsky wrote: Hi all, this is my first post on the list. I'm using 389ds inside a kolab environment. We are going to migrate to the new kolab version which runs now 389ds. At the moment we are testing different scenarios for replication. I don't have much experie

Re: [389-users] Upgraded 389-admin rpms and now I can't start dirsrv-admin

On 01/23/2014 11:47 AM, Groten, Ryan wrote: Just upgraded my packages from: 389-ds-console-1.2.6-1.el5 389-console-1.1.7-1.el5 389-ds-console-doc-1.2.6-1.el5 389-admin-console-1.1.8-1.el5 389-admin-console-doc-1.1.8-1.el5 389-ds-base-1.2.9.9-1.el5 389-dsgw-1.1.7-2.el5 389-adminutil-1.1.1

Re: [389-users] Only username as bind dn

On 01/16/2014 12:56 AM, Paolo Barbato wrote: Thanks for replies, I think I need to better describe what I'm testing. As I said I've a central repository for credentials accessible via ldaps. 389dirsvr stores some information, but before get them I need that a user authenticate on the central r

Re: [389-users] Upgraded to RHDS 9.1 but Console is Still Looking for 9.0 JAR

nstance on the server and the new instances does show that it is using version 9.1. Right. New instances will work fine. The problem is in upgrading existing instances. Paul M. Whitney E-mail: paul.whit...@mac.com On Jan 08, 2014, at 12:31 PM, Rich Megginson wrote: On 01/08/201

Re: [389-users] 389DS UUID with Apple calendarserver

On 01/06/2014 09:38 AM, Oliver Werner wrote: hello guys, I use OpenLDAP and would like to upgrade to 389DS In OpenLDAP a field entryUUID exists what I use on my Apple calendar server. It has the format of the GUID /----/. In 389DS I have only found the nsUniq

Re: [389-users] group issues

.10.12 (as I described in my first email) On Thu, Dec 12, 2013 at 5:26 PM, Rich Megginson <mailto:rmegg...@redhat.com>> wrote: On 12/12/2013 12:15 PM, Alberto Viana wrote: Rich, but in my case, the new OU is not ou of my scope. The sync deleted all of my users from my

Re: [389-users] Upgrade failure

On 12/03/2013 03:25 PM, Gordon Messmer wrote: On 12/03/2013 02:19 PM, Rich Megginson wrote: On 12/03/2013 03:11 PM, Gordon Messmer wrote: Now I remember... there's no Windows sync in the RHEL package. Yes, there is. Do you mean POSIX Windows Sync? I'm uncertain. You mention

[389-users] Announcing 389 Directory Server versions 1.2.11.25, 1.3.0.9, 1.3.1.15, 1.3.2.5

389 Directory Server versions 1.2.11.25, 1.3.0.9, 1.3.1.15, 1.3.2.5 The 389 Directory Server team is proud to announce new 389-ds-base versions: * 1.2.11.25 for EL5 and EL6 * 1.3.0.9 for F18 * 1.3.1.15 for F19 * 1.3.2.5 for F20 and Rawhide These packages address CVE-2013-4485 https://bugzilla.r

Re: [389-users] Recommended Berkeley DB for compiling 389 DS 1.3.2.3 version

On 11/21/2013 07:48 AM, Balaji P wrote: Hi All, I downloaded 389 directory server source code 1.3.2.3**from link (http://port389.org/sources/389-ds-base-1.3.2.3.tar.bz2) and try to compile in my CentOS release 4.9 (Final) environment. I noticed below error message and suspect with referring i

Re: [389-users] 389 directory server crash

17:05, Rich Megginson wrote: On 11/18/2013 07:01 AM, Mitja Mihelič wrote: On 15. 11. 2013 21:46, Rich Megginson wrote: On 11/15/2013 02:58 AM, Mitja Mihelič wrote: On 14. 11. 2013 22:08, Rich Megginson wrote: On 11/14/2013 08:50 AM, Mitja Mihelič wrote: One of the consumers has crashed again

Re: [389-users] setup-ds-admin.pl errors

On 11/21/2013 08:07 AM, Alberto Viana wrote: I'm trying to set up a new instance of 389 DS in my homologation enviroment: 389-ds-base-1.3.2.4 389-adminutil-1.1.18 389-admin-console-1.1.8 After I ran setup-ds-admin.pl , i'm getting the following errors: Are you read

Re: [389-users] 389 directory server crash

On 11/15/2013 02:58 AM, Mitja Mihelič wrote: On 14. 11. 2013 22:08, Rich Megginson wrote: On 11/14/2013 08:50 AM, Mitja Mihelič wrote: One of the consumers has crashed again and I have attached the stacktrace. Four hous later it crashed again. I do hope there is something in the

Re: [389-users] COMPATIBILITY BETWEEN VERSIONS.

On 11/04/2013 09:39 AM, Ezequiel Larrarte wrote: On Mon, Nov 4, 2013 at 1:21 PM, Rich Megginson wrote: On 11/04/2013 09:06 AM, Ezequiel Larrarte wrote: No matter that they are different versions??? Yes. The replication protocol is the same. The only problems you might have are schema and

Re: [389-users] COMPATIBILITY BETWEEN VERSIONS.

ile a ticket and get it fixed asap, because it is supposed to work. Thanks ... On Mon, Nov 4, 2013 at 12:21 PM, Rich Megginson wrote: On 11/04/2013 08:16 AM, Ezequiel Larrarte wrote: Hi Rich, Can you be more specific? On Nov 4, 2013 11:49 AM, "Rich Megginson" wrote: On 11/03/2013 05:

Re: [389-users] PAM Pass through authentication only one threaded

On 11/04/2013 09:08 AM, Jan Tomasek wrote: On 11/04/2013 05:04 PM, Rich Megginson wrote: Does the script open a connection to the same server it is being called from? Yes. So this is a case of self-deadlock? I don't understand. What is it exactly that you expect will happen? -

Re: [389-users] PAM Pass through authentication only one threaded

On 11/04/2013 09:00 AM, Jan Tomasek wrote: On 11/04/2013 04:12 PM, Rich Megginson wrote: Looks like you do not have the right debuginfo packages installed. But there may be enough information in the stack trace anyway. Your pam script is waiting: Thread 11 (Thread 0x7f60c97ea700 (LWP 10146

Re: [389-users] MemberOf Plugin - experiences?

On 10/21/2013 06:49 AM, Vesa Alho wrote: On 10/21/2013 01:37 PM, Lars Remes wrote: We are using the memberOf plugin in a global, multi-master-multi-slave setup, and so far we have not encountered any major issues. You can easily change the membership attribute, for example, to memberUid. MMR

Re: [389-users] hung 389 master 389-Directory/1.2.11.15 B2013.238.2155

On 10/09/2013 09:22 AM, Michael R. Gettes wrote: 389-Directory/1.2.11.15 B2013.238.2155 Nothing in errors, nothing in access log files uname -a Linux 2.6.32-358.18.1.el6.x86_64 #1 SMP Fri Aug 2 17:04:38 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux yum list | grep 389 389-admin.x86_64

Re: [389-users] 389-ds-base-1.2.10.14-3.2.el5: ns-slapd[5907]: segfault at 0000000000000018 rip 00002b5b390c3361 rsp 00002b5cac9ed560 error 4

On 09/10/2013 06:14 AM, Justin Piszcz wrote: Hello, We're running the following version of 389 DS: 389-adminutil-1.1.15-2.2.el5 389-admin-1.1.29-1.4.el5 389-ds-base-1.2.10.14-3.2.el5 389-ds-base-libs-1.2.10.14-3.2.el5 Recently, ns-slapd crashed on an LDAP search host: ns-slapd[5907]: segfault a

Re: [389-users] ACI invalid syntax

On 09/04/2013 08:11 AM, Mitja Mihelič wrote: Hi! We are moving our Directory server from CentOS 5 Directory Server to CentOS 6 with 389 Directory Server. Our DIT looks like this: dc=example,dc=com |- dc=guests,dc=example,dc=com We would like the users in dc=example,dc=com to have full write

Re: [389-users] Consumer Initialization Failure

ectly initialize consumers from the supplier again, so it’s important that I get them cleaned up on the supplier side. Thanks for your help! -Samson- *From:*Rich Megginson [mailto:rmegg...@redhat.com] *Sent:* Tuesday, September 03, 2013 10:44 AM *To:* Wick, Samson *Cc:* General discussion list for

Re: [389-users] Consumer Initialization Failure

*From:*Rich Megginson [mailto:rmegg...@redhat.com] *Sent:* Tuesday, September 03, 2013 10:15 AM *To:* Wick, Samson *Cc:* General discussion list for the 389 Directory server project. *Subject:* Re: [389-users] Consumer Initialization Failure On 09/03/2013 08:47 AM, Wick, Samson wrote: It probably

Re: [389-users] Best way to upgrade DS servers

On 08/21/2013 01:36 PM, Michael Lang wrote: Am 21.08.2013 21:31, schrieb Rich Megginson: On 08/21/2013 01:03 PM, Michael Lang wrote: Am 21.08.2013 19:25, schrieb Chris Taylor: I am looking at replacing our two CentOS DS servers which are 5.9 with some on the 6.4 channel. What is the best

Re: [389-users] Multi-Theading writes to the same 389 Master Server

On 08/21/2013 09:53 AM, David Boreham wrote: Another thing you might try : While the server is under stress, run the "pstack" command a few times and save the output. gdb will give much more detail http://port389.org/wiki/FAQ#Debugging_Hangs If you post the thread stacks here, someone fami

Re: [389-users] Multi-Theading writes to the same 389 Master Server

On 08/21/2013 09:29 AM, David Boreham wrote: On 8/21/2013 9:14 AM, Jeffrey Dunham wrote: The reason I asked about nsslapd-threadnumber is because during the time of the spike, all transactions slow. Meaning that binds, adds, searches, ect. all start increasing in their etime until it hits the

Re: [389-users] Multi-Theading writes to the same 389 Master Server

#x27;re switching over to 1.3.1 on RHEL6 in a few months. Are you planning to build this yourself? On Wed, Aug 21, 2013 at 7:09 AM, Rich Megginson <mailto:rmegg...@redhat.com>> wrote: On 08/20/2013 08:39 PM, Jeffrey Dunham wrote: We have a customer that has been multi-threading

Re: [389-users] Multi-Theading writes to the same 389 Master Server

On 08/20/2013 08:39 PM, Jeffrey Dunham wrote: We have a customer that has been multi-threading behind multiple servers and writing to our Master server. These writes come in the form of heavy spikes (1k over 5 second intervals) very much burst traffic and all the writes are adding new items t

Re: [389-users] How to keep dnanextvalue in sync when using DNA plugin?

n replicas, but that's quite complicated and best to avoid if possible. On 2013-07-30 12:36, Rich Megginson wrote: On 07/30/2013 10:19 AM, Kyle Johnson wrote: Each server does have the same range, yes, Why? however the first server was configured about a month before the second was

Re: [389-users] Question about lastlogintime

S Software Development AJM-245 (609)485-4218 harry.dev...@faa.gov From: Rich Megginson To: Harry Devine/ACT/FAA@FAA Cc: "General discussion list for the 389 Directory server project." <389-us...@lists.fedoraproject.org> Date: 07/30/2013 11:10 AM Subject:Re: [389-users] Qu

Re: [389-users] How to keep dnanextvalue in sync when using DNA plugin?

value on the other server. How did you configure DNA? Note that configuration under cn=config does not replicate to other servers. Does each server have the same range? On 2013-07-30 10:42, Rich Megginson wrote: On 07/30/2013 08:41 AM, Kyle Johnson wrote: Sorry, I should know better. 3

Re: [389-users] Fwd: Some cipher suites not working

On 07/19/2013 10:43 AM, Darcy Hodgson wrote: On Fri, Jul 19, 2013 at 11:37 AM, Rich Megginson <mailto:rmegg...@redhat.com>> wrote: On 07/19/2013 08:38 AM, Darcy Hodgson wrote: On Fri, Jul 19, 2013 at 10:00 AM, Rich Megginson mailto:rmegg...@redhat.com>> wrote:

Re: [389-users] Fwd: Some cipher suites not working

On 07/19/2013 08:38 AM, Darcy Hodgson wrote: On Fri, Jul 19, 2013 at 10:00 AM, Rich Megginson <mailto:rmegg...@redhat.com>> wrote: On 07/19/2013 06:43 AM, Darcy Hodgson wrote: Hello, I have been setting up SSL/TLS with 389 DS on CentOS 6.4. I have been able

Re: [389-users] 389 directory server crash

On 07/17/2013 01:52 AM, Mitja Mihelič wrote: On 07/16/2013 04:49 PM, Rich Megginson wrote: On 07/16/2013 01:23 AM, Mitja Mihelič wrote: On 07/15/2013 05:28 PM, Rich Megginson wrote: On 07/15/2013 02:57 AM, Mitja Mihelič wrote: On 07/12/2013 05:55 PM, Rich Megginson wrote: On 07/12/2013 08

Re: [389-users] 389 directory server crash

On 07/16/2013 01:23 AM, Mitja Mihelič wrote: On 07/15/2013 05:28 PM, Rich Megginson wrote: On 07/15/2013 02:57 AM, Mitja Mihelič wrote: On 07/12/2013 05:55 PM, Rich Megginson wrote: On 07/12/2013 08:22 AM, Mitja Mihelič wrote: On 07/09/2013 03:34 PM, Rich Megginson wrote: On 07/09/2013 06

Re: [389-users] 389 directory server crash

On 07/15/2013 02:57 AM, Mitja Mihelič wrote: On 07/12/2013 05:55 PM, Rich Megginson wrote: On 07/12/2013 08:22 AM, Mitja Mihelič wrote: On 07/09/2013 03:34 PM, Rich Megginson wrote: On 07/09/2013 06:43 AM, Mitja Mihelič wrote: Hi! We are having problems with some our 389-DS instances. They

Re: [389-users] Accessing TCP options data in 389ds Hello,

On 07/12/2013 03:25 PM, Justin Kinney wrote: Hello, I'm investigating the possibility of logging client IP address where 389ds is deployed behind a load balancer. Today, we lose the true client IP address as the source IP is replaced with the load balancer's before the packet hits the 389 hos

Re: [389-users] 389 directory server crash

On 07/12/2013 08:22 AM, Mitja Mihelič wrote: On 07/09/2013 03:34 PM, Rich Megginson wrote: On 07/09/2013 06:43 AM, Mitja Mihelič wrote: Hi! We are having problems with some our 389-DS instances. They crash after receiving an update from the provider. After looking at the stack trace, I

Re: [389-users] problems with dsgw

On 07/12/2013 08:33 AM, Barton, Joseph B. wrote: Date: Thu, 11 Jul 2013 14:55:01 -0600 From: Rich Megginson To: 389-us...@lists.fedoraproject.org Subject: Re: [389-users] problems with dsgw Message-ID: <51df1ba5.5010...@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed On

Re: [389-users] problems with dsgw

On 07/11/2013 02:32 PM, Barton, Joseph B. wrote: Hi, I am just starting to work with 389 on centos 6.3 , and run into a bit of a snag on a test install of 389. Everything seems to work fine with the basic install. I am able to access the /usr/bin/389-console, run commands from a prompt, plus

Re: [389-users] Multi master replication problem (389 DS - AD)

On 07/10/2013 12:16 PM, Alberto Viana wrote: Hi Noriko, DS Base:389-Directory/1.3.1.3 B2013.189.1813 389 DS + Win2008 (I use my windows as CA) The error came out again, so I decide to investigate it. The error: [10/Jul/2013:10:52:23 -0300] NSMMReplicationPlugin - agmt="cn=AD

Re: [389-users] 389 directory server crash

On 07/09/2013 06:43 AM, Mitja Mihelič wrote: Hi! We are having problems with some our 389-DS instances. They crash after receiving an update from the provider. After looking at the stack trace, I think this is https://fedorahosted.org/389/ticket/47391 The crash happened twice after about a

Re: [389-users] Authentication method not supported

On 06/30/2013 12:10 AM, il...@atacom.kz wrote: Good morning! Yes. Accesslog level is *772*: /[30/Jun/2013:12:00:31 +0600] conn=50705 fd=69 slot=69 connection from 127.0.0.1 to 127.0.0.1/ /[30/Jun/2013:12:00:31 +0600] conn=50705 op=0 BIND dn="uid=kolab-service,ou=Special Users,dc=example,dc=kz"

Re: [389-users] ldbm errors when adding/modifying/deleting entries

On 06/12/2013 10:56 AM, Mahadevan, Venkat wrote: inetOrgPerson (structural) 504000/400 = 1410 bytes/entry - pretty small -- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: [389-users] Users and groups

On 05/16/2013 02:28 AM, Aziza Lichir wrote: Hello, It's being a while, I've started with 389 DS and it never occurred me to see if the users I add in the console will be add automatically to server in kind of "ldif" file :p .! I know now that i didn't really get it. so now I would like

Re: [389-users] Posix problem

-testing-389-ds-base to get the most recent stable versions of 389-ds-base if you want something newer than what the OS provides. And for RedHat Directory Server it's not free (do you have any idea about the price ?). No, not sure. Am I right ? Best regards, Alex 2013/4/30 Rich Megg

Re: [389-users] Install 389 1.3.x on CentOS 6.3

On 04/10/2013 04:27 AM, Moisés Barba Pérez wrote: Hello, I would like to upgrade our LDAP to the last stable versión in CentOS 6.3 but I have seen in the epel-389 repository that the last version is 1.2.10.26. Asking at IRC channel somebody said to me there is not support of 1.3.x on el6. I u

Re: [389-users] MemberOf Plugin Question

out. Now I could see MemberOf attribute in my user entries. Thanks again! --Chandan On Friday, March 22, 2013, Rich Megginson wrote: On 03/22/2013 11:06 AM, Chandan Kumar wrote: Hello, So far I have been managed to do some setup of 389 server, thanks

Re: [389-users] Certificate between 389DS and Active Directory

of the window. On this link: https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Windows_Sync-Configuring_Windows_Sync.html Thanks 2013/3/27 alexandre mailto:axel0fe...@gmail.com>> Thanks for the new Link !

Re: [389-users] Certificate between 389DS and Active Directory

On 03/27/2013 08:46 AM, Grzegorz Dwornicki wrote: I had missunderstood you im this case. No you don't need to create second CA. But you must generate cert for DS on AD CA. Then you need to import this cert with AD CA cert on DS You don't have to use AD CA to generate the 389DS server cert.

Re: [389-users] Distributed Numeric Assignment plugin fails with indexing

Title: Untitled Document On 03/22/2013 03:24 AM, Scott Crooks wrote: Greetings, We're using 389-ds on CentOS 6.4 What  version of 389-ds-base? rpm -q 389-ds-base with 3 master LDAP servers in different locat

Re: [389-users] Possible to block large multivalued updates

On 03/21/2013 02:05 PM, Jeffrey Dunham wrote: I have run into a bug that is still open several times now causing large problems in our LDAP Service. https://fedorahosted.org/389/ticket/346 We have group updates that are very large in size (20k+ records) and while we're specifically targeting

Re: [389-users] Windows Sync

On 03/21/2013 05:32 AM, s.oreilly wrote: Hi, Am I correct in my understanding that I cannot sync OU's from Active Directory to 389-DS? Correct. I am trying to sync users fro an AD server that I do not control and most of the users are separated in to different OU's Is there any way of making

Re: [389-users] 389-ds-base-devel and rhel6

On 03/20/2013 02:42 PM, Robert Viduya wrote: I'm trying to set up 389 on an RHEL6 server, all our previous installs have been on RHEL5 or earlier. We have a locally developed plugin and we need the include files from package 389-ds-base-devel. I've got both epel and epel-389-ds-base configur

Re: [389-users] 389 hang while upgrading from 1.2.2 to 1.2.10

On 03/18/2013 11:39 AM, Roberto Polli wrote: Hi all, while upgrading with yum from 1.2.2 to 1.2.10, 389 hang while in ns-slapd upgradedb. gdb says it's in ldbm_ancestorid_create_index(), but it's running from 3hrs on an almost-empty database (there are just a few test entries). Can somebo

Re: [389-users] dsadmin python library

On 03/14/2013 10:59 AM, Roberto Polli wrote: On Wednesday 13 March 2013 09:33:05 Rich Megginson wrote: a separate github repo just for dsadmin.py yes. It could become an useful stand-alone library. What about the scripts such as dirsynccrtl.py, winsyncssl.py, etc. that use dsadmin.py? Should

Re: [389-users] almost off-topic: when is it advisable to get a 3rd party signed (vs. a self-signed) cert to use with 389-ds?

On 03/12/2013 09:45 AM, Jon Detert wrote: I managed to get 389-ds working with encryption. Whew. The project should really update http://directory.fedoraproject.org/wiki/Howto:SSL to make it simpler to figure out. I'm willing to, but the wiki says "We are not ready to accept contributions at

Re: [389-users] dsadmin python library

On 03/12/2013 10:58 AM, Roberto Polli wrote: Hi Rich, why don't move the useful dsadmin python library in a separate repo? Not sure what you mean - https://github.com/richm/scripts - you mean have a separate github repo just for dsadmin.py, separate from the other scripts? I could contri

Re: [389-users] Replication fails: id2entry.db4 too large?

On 03/05/2013 07:58 AM, Luigi Santangelo wrote: What is the platform for A and B? What are the 389-ds-base versions on A and B? A and B are Red Hat Enterprise Linux Server release 5.5 (Tikanga); 389-ds-base are 389 Directory Server version 1.2.5 Note that it is going to be very difficult to s

Re: [389-users] 389 and AD group sync

On 02/28/2013 10:36 AM, Vesa Alho wrote: The value should be TRUE Looks like we have a doc bug. https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Using_Windows_Sync-Synchronizing_Groups.html 12.4.4.1. Configuring Group Sync in the Console

Re: [389-users] DS performance settings while multi-mastering

On 02/21/2013 08:27 AM, Patrick Raspante wrote: Is it required (or at least suggested) that multi-mastered directory server instances have the equal values for dbcache and entry cache settings? If so, what adverse effects result from not configuring the caches similarly? There is a tool which

Re: [389-users] questions about client certificate-base authentication

On 02/06/2013 06:55 AM, yp wrote: Hi all, I'm testing the 389 DS on centos 6 and I had a problem with the certmap.conf file. The certmap.conf file exists (and there is no symlink between them) at 2 locations : /etc/dirsrv/config and /etc/dirsrv/slapd-instancename. The documentation https://acce

Re: [389-users] notes=U, unindex search? really

On 01/31/2013 09:33 AM, Picture Book wrote: As a directory server admin, I need to look at access log and find out who is doing expensive unindexed searchs. So that I can work with ldap clients to optimize search filter and DS indexes. The way DSEE reports notes=U make it very simple for DS ad

Re: [389-users] Rolling upgrade of multiple servers

On 01/31/2013 09:14 AM, Bright, Daniel wrote: When you say schema replication is tricky because it is a “single” master, I am using an MMR environment where in effect every member is a master. Is this a setting that is controlled elsewhere, and does this mean that any custom changes to the sc

Re: [389-users] Rolling upgrade of multiple servers

On 01/31/2013 08:19 AM, Bright, Daniel wrote: |schema changes made over LDAP? Yes, schema replication is tricky because it is "single" master. When you say schema replication is tricky because it is a “single” master, I am using an MMR environment where in effect every member is a master.

Re: [389-users] 389 Master - Master Replication

mirez *Sent:* Wednesday, January 30, 2013 1:36 PM *To:* 'Rich Megginson' *Cc:* General discussion list for the 389 Directory server project. *Subject:* RE: [389-users] 389 Master - Master Replication Excellent I will be in touch soon. Thank you once again. Santos U. Ramirez Linux

Re: [389-users] 389 Master - Master Replication

santos.rami...@natdcp.com <mailto:santos.rami...@natdcp.com> *From:*Rich Megginson [mailto:rmegg...@redhat.com] *Sent:* Wednesday, January 30, 2013 12:17 PM *To:* General discussion list for the 389 Directory server project. *Cc:* Santos Ramirez *Subject:* Re: [389-users] 389 Master -

Re: [389-users] 389 Master - Master Replication

On 01/30/2013 10:00 AM, Santos Ramirez wrote: Good Morning, We have a master – master replication agreement. When we initialize the replication it works perfectly we can see changes to a test user we have set up go up and down from the two servers. However at some point the replication s

Re: [389-users] setup-ds-admin.pl failure

On 01/30/2013 01:21 AM, Carsten Grzemba wrote: Am 29.01.13 schrieb *Rich Megginson * : On 01/29/2013 09:39 AM, Carsten Grzemba wrote: The problem is that the scripts use a env variable USER which is commonly not set in Solaris (there is LOGNAME common). It try to work arround this by

Re: [389-users] setup-ds-admin.pl failure

On 01/29/2013 08:00 AM, jovan.vuko...@sungard.com wrote: Hi,   It is not the first instance of 389DS I have attempted to install on Solaris, but the first one that failed and the reason is  

Re: [389-users] attribute uniqneness plugin error: Another entry with the same attribute value already exists

On 01/23/2013 01:29 PM, Picture Book wrote: Is this https://fedorahosted.org/389/ticket/406 ? Yes. Thanks a lot. Rich. I recently migrated to 389 DS 1.2.10.12 from SUN DSEE. Overall it was a smooth migration and I am really happy about 389 DS. I asked questions about 3 bugs I encounter in the

Re: [389-users] notes=U, unindex search? really

On 01/18/2013 08:29 AM, Picture Book wrote: filter="(&(AllowAccess=Y)(uid=bill))" AllowAccess is unindexed attribute uid is indexed attribute access log search result: notes=U I imagine that directory server will do an indexed search by uid=bill, get the entry and then verify if AllowAccess=Y.

Re: [389-users] netscaperoot deleted

On 01/16/2013 09:55 AM, Elizabeth Jones wrote: You might try running setup-ds-admin.pl -u on all of your machines. thanks. I ran this and it looks like it ran successfully, but still no netscaperoot on my second server. I went back and looked at the first server, and it looks like he may have s

Re: [389-users] netscaperoot deleted

On 01/16/2013 09:16 AM, Elizabeth Jones wrote: We have a cluster of 4 directory servers that we are trying to put into production. One of our admins was doing some experimenting on one of them and it looks like he deleted netscaperoot. What is weird though is that we can still start and access th

Re: [389-users] Problem for migrate from fedora-ds 1.0.4 to 389-ds

On 01/15/2013 10:29 AM, German Waisvol wrote: thanks Leo. it is this procedure valid for migrate fedora-ds 1.0.4 to 389-ds? , since the document is written for redhat directory server. Yes. They are all pretty much the same. I like to know why the migration is not working, since i have fol

Re: [389-users] AD <-> LDAP password expiration sync

On 01/02/2013 10:46 AM, Orion Poplawski wrote: Is it possible to synchronize password expiration times between AD and LDAP? We're just discovering that the AD sync to LDAP doesn't update shadowLastChange which we are currently using on the LDAP side. Should we use a different scheme for passw

Re: [389-users] installation issues

On 12/19/2012 09:53 AM, Doug Tucker wrote: I am baffled. So reading the install documentation at http://directory.fedoraproject.org/wiki/Install_Guide It links to the install guide at redhat.com which indicates to type yum install redhat-ds. Doing so results in nothing on my centos 6.3 mach

Re: [389-users] creating replication user from 389-console

w entry, such as |cn=replication manager,cn=config|, in the |dse.ldif| file. I cannot give the error message now, as I'm not at customer site. When I get back to office, I will give the exact error. Thanks. On Thu, Dec 6, 2012 at 10:19 PM, Rich Megginson mailto:r

Re: [389-users] 389ds + modrdn + NSMMReplicationPlugin - Consumer failed to replay change

On 11/13/2012 07:21 PM, Derek Belcher wrote: Here is the error message that I am receiving in /var/log/dirsrv/slap-/errors : [13/Nov/2012:20:13:27 -0600] NSMMReplicationPlugin - agmt="cn=sync001" (AD1.company.net:636 ): Consumer failed to replay change (uniquei

Re: [389-users] segfault while moving entry to non-existent LDAP container

. On Tue, 2012-11-13 at 09:58 -0800, Noriko Hosoi wrote: (2012/11/13 05:22), Rich Megginson wrote: On 11/13/2012 03:30 AM, Vladimir Elisseev wrote: Hello, First of all I'd say that most likely this segfault is a result of badly designed application and/or bad coding. The segfault occurs w

Re: [389-users] MMR issue ...

ard *From:*389-users-boun...@lists.fedoraproject.org [mailto:389-users-boun...@lists.fedoraproject.org] *On Behalf Of *Reinhard Nappert *Sent:* Tuesday, November 13, 2012 12:22 PM *To:* Rich Megginson; General discussion list for the 389 Directory server project. *Subject:* Re: [389-users] MMR i

Re: [389-users] MMR issue ...

On 11/13/2012 09:24 AM, Reinhard Nappert wrote: Hi, I’ve encountered issues with a MMR setup, which looks like the following: A --- B \ / \ / \ / C The replication works for approximately 24 hours. There are not many chan

Re: [389-users] Problem sync groups with Active Directory

On 10/18/2012 05:20 AM, Juan Asensio Sánchez wrote: Hi Using 389DS 1.2.5 on CentOS 5.5 i385, I need to sync users and groups from 389DS to Active Directory (Windows Server 2003). I the 389DS side I have this: dn: cn=ALERGIAS_gestion,ou=Groups,o=,dc=,dc=es objectClass: groupOfNames objec

Re: [389-users] extract CA certificate

On 09/12/2012 08:59 AM, Gregory Matthews wrote: is it possible to extract/export the CA certificate stored on a 389 directory server? If so, how so? GREG http://port389.org/wiki/Howto:SSL#Export_the_CA_cert -- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject

Re: [389-users] Can an admin server manage remote directory servers?

On 09/11/2012 09:24 AM, Orion Poplawski wrote: Can an admin server manage remote directory servers? The docs always seems to refer to running an admin server alongside the directory server, but in the case of running a slave directory server, it would be nice to be able to manage that from the

Re: [389-users] Protection of entries on downstream master or hub

https://fedorahosted.org/389 -Lucas On Thu, Aug 30, 2012 at 12:07 PM, Rich Megginson <mailto:rmegg...@redhat.com>> wrote: On 08/30/2012 12:52 PM, Lucas Sweany wrote: I would like to protect certain entries in a hub 389-ds host from getting obliterated during a full re-initia

Re: [389-users] GUI errors when viewing replication agreements

On 08/30/2012 10:29 AM, Wes Hardin wrote: On 08/29/2012 04:24 PM, Rich Megginson wrote: On 08/29/2012 03:11 PM, Wes Hardin wrote: On 08/28/2012 03:43 PM, Rich Megginson wrote: On 08/28/2012 02:35 PM, Wes Hardin wrote: On 08/28/2012 12:16 PM, Rich Megginson wrote: On 08/28/2012 09:23 AM, Wes

Re: [389-users] 389-ds-base-1.2.10.14-1.el5 broke my server

On 08/30/2012 09:59 AM, Rich Megginson wrote: On 08/30/2012 09:54 AM, Orion Poplawski wrote: So, 389-ds-base-1.2.10.14-1.el5 came in today and broke my server, ldap searches returned the base of the tree but nothing else. I needed to downgrade to 1.2.9.9 and restore my /etc/dirsrv/slapd-cora

Re: [389-users] GUI errors when viewing replication agreements

On 08/28/2012 02:35 PM, Wes Hardin wrote: On 08/28/2012 12:16 PM, Rich Megginson wrote: On 08/28/2012 09:23 AM, Wes Hardin wrote: When viewing replication agreements in the 389-console (under the Configuration tab, Replication, userRoot), the first time I select each replication agreement, I

Re: [389-users] GUI errors when viewing replication agreements

On 08/28/2012 09:23 AM, Wes Hardin wrote: When viewing replication agreements in the 389-console (under the Configuration tab, Replication, userRoot), the first time I select each replication agreement, I am greeted by an error window titled "Insufficient Permissions" stating "The user cn=root do

Re: [389-users] PasswordExpiringControl, PasswordExpiredControl and DraftBeheraLDAPPasswordPolicy10RequestControl

On 08/28/2012 01:11 AM, Juan Asensio Sánchez wrote: Hi We are testing the password policy in the 389DS. Using CentOS 5.5 i386, 389-ds-base 1.2.5. I have enabled the global password policy, and set 180 days for password expiration, 14 days for warnings, and 3 grace logins. If I do a login before

Re: [389-users] Backup Directory Server by db2bak.pl script

On 08/17/2012 04:39 AM, Fosiul Alam wrote: Hi I know you can take a backup of full directory server by using db2bak.pl but dont understand what will be syntax i checked the helped file but no luck So when i do this /var/lib/dirsrv/slapd-ldap-2/bak/ldap-2-2012_8_3_10_13

Re: [389-users] problem initializing replica

On 08/14/2012 11:26 AM, Vladimir Elisseev wrote: Version of 389-ds-base is 1.2.10.2. Regards, Vlad. On Tue, 2012-08-14 at 11:21 -0600, Rich Megginson wrote: On 08/14/2012 10:50 AM, Vladimir Elisseev wrote: Hello, I've problems for initializing replica from Admin console or using ldapm

  1   2   3   4   5   6   7   >