On 12/10/2012 01:12 AM, Sharuzzaman Ahmat Raslan wrote:
Hi Rich,
The error when changing user from uid to cn is:
Error renaming object 'dn: uid=replicator,cn=config'
The error sent by the server was:
'LDAP server is unwilling to perform. Operations on Directory Specific
Entry not allowed'
The sreenshot of the error is attached. The step that I take is inside
the Flash video as the following URL:
https://googledrive.com/host/0B2Q_4ry4aOoCc3Q5dE9jelBLbDQ/ldap.swf
Thanks.
Looks like a bug, or we just don't support renames under cn=config.
Note that you can use uid=replicator - it doesn't have to be cn=replicator.
ldap.swf
<https://docs.google.com/file/d/0B2Q_4ry4aOoCZTNYRVB4aURJOWM/edit>
On Thu, Dec 6, 2012 at 11:20 PM, Sharuzzaman Ahmat Raslan
<sharuzza...@gmail.com <mailto:sharuzza...@gmail.com>> wrote:
In the URL
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_the_Supplier_Bind_DN_Entry.html
Quote:
However, although Red Hat recommends not storing simple user
entries under |cn=config| for performance reasons, it can be
useful to store special user entries such as the Directory Manager
entry or replication manager (supplier bind DN) entry under
|cn=config| since this centralizes configuration information.
Quote:
1.
Stop the Directory Server. If the server is not stopped, the
changes to the |dse.ldif| file will not be saved. See
Section 1.3, “Starting and Stopping Servers”
<https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Starting_and_Stopping-DS.html>
for more information on stopping the server.
2.
Create a new entry, such as |cn=replication
manager,cn=config|, in the |dse.ldif| file.
I cannot give the error message now, as I'm not at customer site.
When I get back to office, I will give the exact error.
Thanks.
On Thu, Dec 6, 2012 at 10:19 PM, Rich Megginson
<rmegg...@redhat.com <mailto:rmegg...@redhat.com>> wrote:
On 12/05/2012 10:07 PM, Sharuzzaman Ahmat Raslan wrote:
Hi all,
According to RH document, if you want to create the
replication user, you must edit the dse.ldif file and put the
user information there.
No. Where does it say that you must edit the dse.ldif?
I tried to use 389-console, create user (which use
uid=repman) then try to enable cn=repman, but there is error
saying that directory server refuse to do the renaming.
Can you provide the exact error message?
What is the correct way to create cn=repman only by using 389
console?
Thanks.
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_the_Supplier_Bind_DN_Entry.html
--
Sharuzzaman Ahmat Raslan
--
389 users mailing list
389-us...@lists.fedoraproject.org
<mailto:389-us...@lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Sharuzzaman Ahmat Raslan
--
Sharuzzaman Ahmat Raslan
--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-us...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
