Hi Marco,
This is isn't linux specific, but disabling the logs(access error) can
help. If you need the logs, move them to a dedicated FS. I don't know
if Linux has a FS cache, but on Solaris I've seen it is sometimes more
efficient to turn the DS cache settings all the way down, and allow
: 20120228201328Z
What I would like if all above time be my local time, which will a
little bit easy for understanding
--
Shouben Zhou
Science Systems and Applications Inc.(SSAI)
1 Enterprise Pkwy, Hampton, VA 23666
Tel: (757)951-1905 Fax: (757)951-1900
Email: shouben.z...@nasa.gov
Mark Reynolds
Hi Michael,
see comments below...
On 03/16/2012 02:42 PM, Michael Mercier wrote:
Hello,
I seem to be having problems using the 389-console GUI.
I am entering the following information into each of the fields:
User ID: cn=Directory Manager
Password: password
Administration URL:
Sam,
I could not reproduce the issue with the latest version of 389. After
an import it still had the the creatorsName that was present in the ldif
file.
Check the config in dse.ldif. Make sure nsslapd-lastmod is set to
on under cn=config.
Regards,
Mark
On 04/03/2012 11:15 PM, Sam Wen
Hi Herb,/
/While working on a different replication issue I accidentally
reproduced your issue. My issue was a typo in the password in the repl
agreement. I know you said you passwords were the same, but maybe there
is still a mismatch. Also, if the root dn specified in the agreement
Herb,
Do you know which server is hosting the config data for the
console(o=netscaperoot)? If you do, please provide the access log
output showing the cn=directory manager and admin binds? It might
not hurt to restart the admin server.
Thanks,
Mark
On 04/23/2012 04:06 PM, Herb
-hostname if that is in
fact the problem?
TIA,
Herb
On Tue, Apr 24, 2012 at 8:34 AM, Mark Reynolds marey...@redhat.com
mailto:marey...@redhat.com wrote:
Hi Herb,
I wanted to see the logs from the server that wasn't working.
According to these logs everything is fine. So, you
Also see: https://fedorahosted.org/389/ticket/365
This is will be included in a future release.
Mark
On 05/18/2012 02:13 PM, Alberto Viana wrote:
I have a 389 DS server replication agreement whith an AD Server and
when I change the password in the windows side it replicates into 389
but via
I think this is a reasonable RFE. We should probably have separate
tickets for the core server, and logconv.pl though.
Mark
On 05/21/2012 11:18 AM, Michael R. Gettes wrote:
Hi, I figured I would ask the question here before proceeding with a RFE.
I searched TRAC and couldn't locate any
Lucas,
A fix was just made to hide it from the audit log:
https://fedorahosted.org/389/ticket/365
The following ticket is to hide it all together, but this has not been
fixed yet:
https://fedorahosted.org/389/ticket/378
Mark
On 05/22/2012 05:32 PM, Lucas Sweany wrote:
Is there a way to
stored in the database, not
just in memory. Do you think the latest ticket will address that as well?
-Lucas
On Tue, May 22, 2012 at 2:37 PM, Mark Reynolds marey...@redhat.com
mailto:marey...@redhat.com wrote:
Lucas,
A fix was just made to hide it from the audit log:
https
error. Are there
any known bugs / changes that could possible cause this to happen?
Edward
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Senior Software Engineer
Red Hat, Inc
mreyno...@redhat.com
--
389
/Monitoring_DS_Using_SNMP.html
Mark
Josh
--
Joshua Ellsworth
System Administrator, Primatics Financial
Phone: 571.765.7528
jellswo...@primaticsfinancial.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Senior
://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Senior Software Engineer
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Senior Software Engineer
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Senior Software Engineer
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
if it is marked or not, we would know what to do with it.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Senior Software Engineer
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users
On 08/22/2012 04:23 PM, Rich Megginson wrote:
On 08/22/2012 02:18 PM, Mark Reynolds wrote:
On 08/22/2012 04:09 PM, Rich Megginson wrote:
Let's say you have a windows sync agreement
AD: cn=Users,dc=example,dc=com
DS: ou=People,dc=example,dc=com
Let's say you also have another user
=ldap:///uid=my.appuid,ou=test,dc=test,dc=com;;)
Thanks
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman
ubtree/user policies if you so desire.
Regards,
Mark
On 09/28/2012 11:14 AM, Mark Reynolds wrote:
Juan,
I did reproduce the problem. If you setup a subtree policy
through the console, it doesn't pull in the config setting. I'll
between the client and the server, I have tried to
get TLS to run a few times but could not get it to run so far. Am I
right about the assumption that I need encryption between the server
and the clients for password change to work ?
Regards
On Mon, Nov 12, 2012 at 8:56 PM, Mark Reynolds marey
and bases.
If anyone is interested in helping me out, please email me directly.
Thanks,
Mark
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
Ok, thanks for those who responded. I have what I need.
Thanks,
Mark
On 01/09/2013 03:28 PM, Mark Reynolds wrote:
I'm working on some improvements to the logconv.pl script (access log
analyzer) - particularly memory usage. I would be greatly interested
in getting some real world access logs
- 20133 Milano (MI) Italy.
Phone: +39 02 26600525
Mobile: +39 3346220663
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users
accounts
if i can avoid it.
thanks -
Elizabeth J
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https
messages encountered when using POSIX winsync
Ticket 576 - DNA: use event queue for config update only at the
start up
Ticket 572 - PamConfig schema not updated during upgrade
Bug 906005 - Valgrind reports memleak in
modify_update_last_modified_attr
Mark Reynolds (4):
bump
, file it in
our Trac instance: https://fedorahosted.org/389
Detailed Changelog since 1.3.0.3
Mark Reynolds (3):
bump version to 1.3.0.4
Ticket 570 - DS returns error 20 when replacing values of a
multi-valued attribute (only when replication is enabled)
Ticket 590 - ns-slapd
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
for it and I only read about internal state.
Thanks in advance.
Moses.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users
@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
@lists.fedoraproject.org
_https://admin.fedoraproject.org/mailman/listinfo/389-users_
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
--
Mark Reynolds
389 Development Team
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
a question Ive noticed that when the plugin
updates the value of dnanextvalue it only does it on the local server
not all of them is there any way to get these fields to replicate.
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark
389server (FreeIPA) server?
Steven Crothers
steven.croth...@gmail.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
389 Development Team
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users
”
feature myself.
If you have the information on hand, that would be greatly appreciated. :)
Thanks for setting me in the right direction!
On Mar 10, 2014, at 10:25 AM, Mark Reynolds marey...@redhat.com wrote:
Steven,
What version of 389 are you using?
You can import it using the ldif2db
trying to restore? What do you mean it turns
into ldap2? What is the exact problem as it sounds like the import is
working?
thanks,
EJ
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
389 Development Team
-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Mark Reynolds
389 Development Team
Red Hat, Inc
mreyno...@redhat.com
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
On 05/05/2014 12:13 PM, Graham Leggett wrote:
On 05 May 2014, at 5:41 PM, Rich Megginson rmegg...@redhat.com wrote:
See https://fedorahosted.org/389/ticket/47606
This bug looks quite consistent with the OP's symptoms and the presence of
a large group entry, but he should be seeing Incoming
On 05/05/2014 12:46 PM, Graham Leggett wrote:
On 05 May 2014, at 6:18 PM, Mark Reynolds marey...@redhat.com wrote:
nsslapd-maxbersize: 0
0 tells the server to use the default value of 2mb, you need to set it
higher(5mb?).
You're kidding. Zero actually means 2MB. Intuitive.
I agree, I don't
On 05/28/2014 04:06 PM, John Trump wrote:
Haven't been able to come up with a solution yet. Hopefully someone on
the list has a suggestion.
On Fri, May 23, 2014 at 12:42 PM, John Trump trum...@gmail.com
mailto:trum...@gmail.com wrote:
I would like to relax the password policy for
log(/var/log/dirsrv/slapd-INSTANCE/access) output showing
the failed password attempt?
On Wed, May 28, 2014 at 4:14 PM, Mark Reynolds marey...@redhat.com
mailto:marey...@redhat.com wrote:
On 05/28/2014 04:06 PM, John Trump wrote:
Haven't been able to come up with a solution yet
On 05/30/2014 10:29 AM, Elizabeth Jones wrote:
I'm trying to figure out if 389 supports a way to track users last login.
I found this page
http://directory.fedoraproject.org/wiki/Account_Policy_Design#Logging
Does anyone know of any other documentation on implementing this?
On 07/15/2014 12:48 PM, Isabella Ghiurea wrote:
Hi Gurus,
I'm new to 389 DS reading the RH DS docbefore start implementing,
have Q's trying tohave system with high performance cfg
Q1: Bellow in black is from RH DS documentation, I was expecting just
creating the indexes in GUI DS
On 08/04/2014 01:19 PM, Alberto Viana wrote:
Hi,
I want to enable a replication to a specific subtree on my directory,
how do I proceed?
For example:
I have my root suffix
dc=homolog,dc=rnp
And just want do enable replication for
ou=teste,dc=homolog,dc=rnp
Is that possible?
Not
Shilen,
A few things, you should not be adding a prehashed password (e.g.
{SSHA}DMK4S6PK6+rKSLNOL1Hl01mVJmgGi5jH) - but that should not break
replication. Can you confirm that only prehashed passwords are causing
the issue? If so, please files a ticket with a reproducible testcase:
!
-- Shilen
From: Mark Reynolds marey...@redhat.com mailto:marey...@redhat.com
Reply-To: mreyno...@redhat.com mailto:mreyno...@redhat.com
mreyno...@redhat.com mailto:mreyno...@redhat.com
Date: Tuesday, August 19, 2014 2:58 PM
To: General discussion list for the 389 Directory server project
On 08/20/2014 03:58 PM, Elizabeth Jones wrote:
additional info -
I increased logging on my supplier and see this error now -
TLS: hostname does not match CN in peer certificate
When I created the replication agreement, it is giving me a default
consumer, I don't know why. The default is
On 08/25/2014 10:21 AM, Elizabeth Jones wrote:
On 08/22/2014 10:34 AM, Elizabeth Jones wrote:
On 08/20/2014 03:58 PM, Elizabeth Jones wrote:
additional info -
I increased logging on my supplier and see this error now -
TLS: hostname does not match CN in peer certificate
When I created the
We are pleased to announce the launch of our new wiki
http://www.port389.org
The site has been significantly revised, and moved to a more stable
environment. The layout, content, and organization has all been
improved. Please note, you will need to revise any old bookmarks you
may have, as the
,
Thanks for the feedback! I'm not sure if this is available on the new
site(run on OpenShift using ruby MarkDown), but I will look into it
and get back to you.
Thanks,
Mark
2014-08-25 21:59 GMT+02:00 Mark Reynolds marey...@redhat.com
mailto:marey...@redhat.com:
We are pleased to announce
. All you need to do is create an
account on http://openshift.com, send me your username(usually an email
address) so I can grant you access, and then I will send out the rest of
the instructions.
Regards,
Mark
Thanks again for the good job!
2014-08-25 21:59 GMT+02:00 Mark Reynolds marey
On 08/30/2014 08:01 PM, Chase Miller wrote:
Is broke
HI Chase,
Sorry about that, there was case issue with the link:
http://www.port389.org/binaries/389-console-1.1.6-i386.msi
http://www.port389.org/binaries/389-console-1.1.6-x86_64.msi
should of been:
when the site
changed and what new pages were added or modified. It allowed me to
stay informed and in without clicking on all the links of the site.
Is it possible to bring back that sort of feature?
Thanks again for the good job!
2014-08-25 21:59 GMT+02:00 Mark Reynolds marey...@redhat.com
Hi Chris,
You still need to run the 389 setup scripts afterwards, check out this link:
http://www.port389.org/docs/389ds/download.html#directory-server-11-and-later
Regards,
Mark
On 09/11/2014 02:15 PM, Chris Taylor wrote:
I was actually going to use yum update so I am not sure if that
On 09/19/2014 12:16 PM, Paul Tobias wrote:
Hi guys,
We need to implement password expiration because of some policy. The
problem is users are not able to bind to ldap anymore, after I switch on
password expiration for our ou=People subtree . The ldap command line
tools and 389-console both
On 10/01/2014 02:34 PM, Ghiurea, Isabella wrote:
Hello 389 users,
I'm having problems getting the memberof plugin work on
389-Directory/1.2.11.15 B2014.219.179. We are using groupofuniquenames
groups.
Here's the configuration of the memberof plugin:
objectClass: extensibleObject
*From:* Mark Reynolds [marey...@redhat.com]
*Sent:* Wednesday, October 01, 2014 2:59 PM
*To:* General discussion list for the 389 Directory server project.;
Ghiurea, Isabella
*Subject:* Re: [389-users] 389DS memeberof plugin not working
On 10
Isabella,
Sounds like the server was still running when you copied the file over.
The server should be stopped when manually updating the dse.ldif.
Regards,
Mark
On 11/03/2014 04:03 PM, Ghiurea, Isabella wrote:
_
*From:*Ghiurea, Isabella
On 11/10/2014 12:22 PM, Alberto Viana wrote:
389-Directory/1.3.2.17 http://1.3.2.17 B2014.182.124
I'm trying to add an user (whitout using the manager, with a regular
user):
Without any aci:
ldap_add: Insufficient access (50)
additional info: Insufficient 'add' privilege to the
On 11/19/2014 02:38 PM, ghiureai wrote:
More details:
I need for non directory manager to be able to count all the DS
entries , I have cfg ldse.ldif sizelimit set to 50 but the non
directory manager user gets error:
Hi Isabella,
It's the lookthroughlimit you want to adjust - it's
On 12/08/2014 02:08 PM, Fong, Trevor wrote:
Hi Everyone,
We’ve inherited a 389-ds system (1.2.11.15-48.el6_6) that is running
on a VM provisioned with a single CPU. We have been experiencing high
CPU with a client that connects with a single connection, and then
runs large amounts of
.
Thanks,
Trev
From: Mark Reynolds marey...@redhat.com mailto:marey...@redhat.com
Reply-To: mreyno...@redhat.com mailto:mreyno...@redhat.com
mreyno...@redhat.com mailto:mreyno...@redhat.com
Date: Monday, December 8, 2014 at 11:29 AM
To: 389-users@lists.fedoraproject.org
mailto:389-users
. The Directory
Manager account should only be used under certain circumstances.
Avoid using this account for client applications.
Cleaning up temp files...
Done.
From: Mark Reynolds marey...@redhat.com mailto:marey...@redhat.com
Reply-To: mreyno...@redhat.com mailto:mreyno...@redhat.com
mreyno
Looks like you ran out of memory on the system(possibly a Directory
Server memory leak?) Was there anything in the Directory Server errors log?
What version of 389 are you using? rpm -qa | grep 389-ds-base
You should monitor the 389 process and see if it continues to grow day
after day.
On 01/15/2015 11:06 AM, Jean Félix DESIR wrote:
Hi,
I'am facing this import issue:
I can't add this attribut to a object on my 389 DS:
dn:
cn=template,ou=services,ou=profiles,ou=Authent,dc=region,dc=enterprise,dc=net
rbClientDnsPri: XXX
*rbForwardPolicy: MYVALUE*
rbContextName: PPP
John,
FYI, I was able to reproduce this, and I opened this ticket:
https://fedorahosted.org/389/ticket/47994
Regards,
Mark
On 01/05/2015 10:18 AM, John Trump wrote:
389-ds-base-1.2.11.25-1.el6.x86_64
idm-console-framework-1.1.7-2.el6.noarch
389-ds-console-1.2.6-1.el6.noarch
On Wed, Dec
On 01/14/2015 08:01 AM, carne_de_passaro wrote:
Hello guys,
I am planning to recreate my replica agreements, which today uses SSL
on port 636, to use startTLS on port 389.
My question is: Do I have to reinitialize the databases of the
agreements that I recreate?
Danilo,
You should not
On 01/30/2015 02:43 PM, Justin Edmands wrote:
389 List,
I need to modify the replication schedule via LDIF import. I have no
issues doing it in the 389-console.
I am attempting to import this ldif (with dc changes to mask our info)
dn: cn=dirsrv1 to
Hi Jordan,
See comments below...
On 01/26/2015 03:08 PM, Jordan, Phillip wrote:
First late me state that I have been tasked to fix and upgrade the
directory due to recent issues. I have vast experience in most other
directories but not in 389 Directory space. So I have a few questions
Andrey,
This just isn't enough information to diagnose. Do you have a core
file? If not, please enable core files:
http://www.port389.org/docs/389ds/FAQ/faq.html#sts=Debugging%C2%A0Crashes
Hopefully you can catch it again and get a core, and then we can work on it.
Regards,
Mark
On
On 03/17/2015 06:11 PM, William wrote:
So in the case of having RI on two ldap servers, you would set this to
off, since the server that handled the delete will replicate the other
updates soon after. In the case of RI on a single server, when the
non-RI server issues a delete, the RI enabled
On 03/15/2015 07:14 PM, William wrote:
Anyway, I think I'd need to look at the internals of the plugin at this
point to work out for sure what's going on.
Looks like someone already did this.
nsslapd-pluginAllowReplUpdates
It looks like there is no documentation about how this config
On 03/16/2015 06:50 PM, William wrote:
nsslapd-pluginAllowReplUpdates
It looks like there is no documentation about how this config value
works though: and the values it influences aren't widely through the
code so I can't confirm if it's a finished feature.
It is finished, and I will write
On 03/11/2015 05:48 PM, prmari...@gmail.com wrote:
Update I got pulled away on something else but there is progress.
I tried the Apache Kerberos 5 auth module initial auth worked but then it went back to
LDAP error 32 because it looks like it passed username@realm to the ldap
server as the
On 02/26/2015 08:30 AM, Mitja Mihelič wrote:
Hi!
We have a provider/consumer (master/slave) setup and we wish to create
a database backup on the master.
Replica setting on the master are set to Single Master.
But when I run
.../db2bak $backup_path/$current_date
Backup fails an the following
On 05/08/2015 09:51 AM, Chase Miller wrote:
Hello 389 Group,
Is there an object class/attribute that I can add to a user's entry
that will capture their last authenticated time stamp. I want to
capture this so I can go delete users that have not authenticated
after so many days.
Chase,
Hi Bobby,
See comments below...
On 05/14/2015 09:24 AM, Bobby Krupczak wrote:
Hi!
Hey, I'm sure you guys are tired of folks asking this question but
I've spent the last day searching the InterWebs and still have
questions.
I'm fixing to switch from openldap/slapd to 389 for ldap
On 04/06/2015 10:28 AM, harry.dev...@faa.gov wrote:
I know this is slightly off topic, but I thought that maybe someone on
this list could be of some assistance. I need to get the list of
groups that a particular user belongs to, similar to the linux command
line program ‘groups’. I
is the resources
available on the system (disk space, CPU, memory)
*From:*389-users-boun...@lists.fedoraproject.org
[mailto:389-users-boun...@lists.fedoraproject.org] *On Behalf Of *Mark
Reynolds
*Sent:* Tuesday, May 19, 2015 2:31 PM
*To:* General discussion list for the 389 Directory server project
Hi Robert,
Which version of Fedora is going to start being python3 only?
Thanks,
Mark
On 06/24/2015 08:05 AM, Robert Kuska wrote:
Hello everyone,
I am Robert Kuska, I am a python co-maintainer
and co-owner of change Python3 as default which aims to provide
python3 only packages by default
On 06/15/2015 05:23 AM, Prashant Bapat wrote:
There is no error. It goes thru fine. When I restart the LDAP server
after adding it, there is nothing in the audit file. And no entry in
the dse.ldif.
Are you directly modifying the dse.ldif? If so, you MUST do so while
the server is stopped,
On 05/19/2015 02:25 PM, Colin Tulloch wrote:
Hi all –
Is there a limit to the number of databases that can be present on an
instance of directory server – or on a server/VM itself?
Some colleagues of mine seem to believe there is a limit of 10 DBs per
server. I haven’t seen this in the
On 08/20/2015 10:20 AM, bahan w wrote:
Hm ok.
Ok, and to do that I use the ldapmodify command ?
Something like :
ldapmodify -x -D cn=Directory Manager -w mdp password manager -h FQDN hosting
server -p 389
dn:cn=config
changetype:modify
replace:nsslapd-accesslog
nsslapd-accesslog:MYPATH
On 08/04/2015 07:50 AM, Andrey Ivanov wrote:
Looks like the behavior change was introduced in this ticket:
https://fedorahosted.org/389/ticket/47810
Yes, with the introduction of backend transaction plugins in 1.3.3, if a
plugin fails to do its job, the entire operation should fail. This
Hi Andrey,
On 08/04/2015 10:33 AM, Andrey Ivanov wrote:
Hi Mark,
thank you for your rapid reply,
2015-08-04 16:14 GMT+02:00 Mark Reynolds marey...@redhat.com
mailto:marey...@redhat.com:
Looks like the behavior change was introduced in this ticket:
https://fedorahosted.org/389
On 07/31/2015 12:42 PM, ghiureai wrote:
Hi lIst.
we are getting the following in access files, would like to know
wher eto look for clues , what means Resource temporarily unavailable ?
op=1 RESULT err=0 tag=101 nentries=5514 etime=14 notes=U
[31/Jul/2015:09:37:21 -0700] conn=143371
On 08/05/2015 06:19 AM, Ludwig Krispenz wrote:
On 08/04/2015 08:32 PM, Mark Reynolds wrote:
On 08/04/2015 12:53 PM, German Parente wrote:
- Original Message -
From: Mark Reynolds marey...@redhat.com
To: General discussion list for the 389 Directory server project.
389-users
On 08/04/2015 11:57 AM, ghiureai wrote:
https://www.flowdock.com/app/canfar/access-control/threads/QyygOboGumgx3qw3tIO_828AMgQ
We are seeing poor performance from LDAP retrieving 2500-4500 entries
compare with one of our regular RDBMS , here is bellow the result for
a ldapsearch.
We are
On 08/05/2015 08:24 AM, Mark Reynolds wrote:
On 08/04/2015 11:57 AM, ghiureai wrote:
https://www.flowdock.com/app/canfar/access-control/threads/QyygOboGumgx3qw3tIO_828AMgQ
We are seeing poor performance from LDAP retrieving 2500-4500 entries
compare with one of our regular RDBMS , here
surrounding wildcards then you must use 3 characters: cn=*abc*
Regards,
Mark
Thank you
[389-users] 389-DS poor performance retrieving groups
On 08/05/2015 08:24 AM, Mark Reynolds wrote:
/
//
// On 08/04/2015 11:57 AM, ghiureai wrote:
//
https://www.flowdock.com/app/canfar/access-control
On 08/11/2015 10:14 AM, Aleksey Chudov wrote:
Hi,
I'm configuring 389 DS on CentOS 7 using some packages from epel-testing
# rpm -qa | grep 389 | sort
389-admin-1.1.42-1.el7.x86_64
389-admin-console-1.1.10-1.el7.noarch
389-admin-console-doc-1.1.10-1.el7.noarch
On 08/04/2015 12:53 PM, German Parente wrote:
- Original Message -
From: Mark Reynolds marey...@redhat.com
To: General discussion list for the 389 Directory server project.
389-users@lists.fedoraproject.org
Sent: Tuesday, August 4, 2015 6:04:17 PM
Subject: Re: [389-users] 389-DS
On 08/04/2015 11:57 AM, ghiureai wrote:
https://www.flowdock.com/app/canfar/access-control/threads/QyygOboGumgx3qw3tIO_828AMgQ
We are seeing poor performance from LDAP retrieving 2500-4500 entries
compare with one of our regular RDBMS , here is bellow the result for
a ldapsearch.
We are
On 10/21/2015 01:33 PM, ghiureai wrote:
Gmorning Mark
the indexes had been removed at developers request to improve
performance , now I reboot the DS and the indexes come up online.
Maybe there was a misunderstanding. I'm sure a developer did not
recommend you remove the default system
On 11/12/2015 02:09 PM, ghiureai wrote:
Gmorning Mark,
Thank you again for fast reply, do I stilll need to create a rep agreement ?
Yes, if you want to replicate changes to another server. This was also
the last step in my previous reply.
Here's how to do it through the command line:
On 11/16/2015 12:30 PM, Adrian Damian wrote:
Hello 389 Gurus,
This is a very subtle issue that we are seeing on our LDAP server.
Sometimes, the ACIs return different results for the same search
executed from different clients (a Java client vs. a Python or the
ldapsearch client). More
group read", acidn="ou=admingroups,ou=abc"
...
[16/Nov/2015:10:41:43 -0800] NSACLPlugin - STAR Access allowed on
attr:uniqueMember; entry:cn=jcmt-mjlsg14b,ou=admingroups,ou=abc
[16/Nov/2015:10:41:43 -0800] NSACLPlugin - conn=57465 op=52 (on attr):
Allow read on
entry(cn=jcmt-mjlsg1
the client to list larger number of entries and it
works fine.
Or is there a different configurable size limit? What should I look for?
Thanks,
Adrian
On 11/16/2015 12:23 PM, Mark Reynolds wrote:
On 11/16/2015 01:58 PM, Adrian Damian wrote:
Hi Mark,
Thanks for the quick reply. I don't exactl
On 11/12/2015 12:31 PM, ghiureai wrote:
Hi List ,
I'm looking for cmd line steps to make a dedicated consumer in a
supplier in single master replication ( if original master goes
offline), I have the steps from Admin GUI ,
I would like to hase same steps but using cmd's line :
- add
1 - 100 of 872 matches
Mail list logo