On 11/29/2012 04:07 AM, Matti Alho wrote:
Hi,
I'm testing group sync between 389ds and Microsoft AD. It works
otherwise, but incremental updates are not working. Any changes to
groups on 389 side do not get synced to AD unless I do a full manual
update triggered via console. Syncing users
On 11/29/2012 07:20 AM, jovan.vuko...@sungard.com wrote:
Hi,
In case you follow instructions from ChainOnUpdate page,
http://directory.fedoraproject.org/wiki/Howto:ChainOnUpdate
note that in “Step 2 (Hub Only)” OID for
nsTransmittedControl: 2.16.840.1.113730.3.4.12
representing a proxied
On 11/30/2012 01:30 AM, Matti Alho wrote:
I'm testing group sync between 389ds and Microsoft AD. It works
otherwise, but incremental updates are not working. Any changes to
groups on 389 side do not get synced to AD unless I do a full manual
update triggered via console. Syncing users works
On 11/30/2012 07:47 AM, Matti Alho wrote:
On 11/30/2012 04:30 PM, Rich Megginson wrote:
On 11/30/2012 01:30 AM, Matti Alho wrote:
I'm testing group sync between 389ds and Microsoft AD. It works
otherwise, but incremental updates are not working. Any changes to
groups on 389 side do not get
On 12/03/2012 12:00 AM, Matti Alho wrote:
I don't know. Looks ok to me. I guess the next step would be to
reproduce the problem with the
http://port389.org/wiki/FAQ#Troubleshooting Replication log level
enabled, and then look in the errors log to see why the group add
operation is not being
On 12/05/2012 10:43 AM, Adriano Matos Meier wrote:
Dear,
replication 389 - AD (onewaysync) is working, but would like to
replicate the account lockouts in 389 (nsaccountlock = true) for AD
(userAccountControl = 514).
Is possible? Any suggestions?
Not possible with 389. Freeipa has a 389
back to office, I will give the exact error.
Thanks.
On Thu, Dec 6, 2012 at 10:19 PM, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 12/05/2012 10:07 PM, Sharuzzaman Ahmat Raslan wrote:
Hi all,
According to RH document, if you want to create
On 12/07/2012 03:11 AM, Matti Alho wrote:
On 12/03/2012 10:20 PM, Rich Megginson wrote:
On 12/03/2012 12:00 AM, Matti Alho wrote:
I don't know. Looks ok to me. I guess the next step would be to
reproduce the problem with the
http://port389.org/wiki/FAQ#Troubleshooting Replication log level
On 12/10/2012 02:29 PM, Deas, Jim wrote:
I am about to upgrade our systems to the current version. One of my
difficulty’s in the old version was the lack of nested groups.
Is there a way with the current software to create nested groups in
openldap
Not sure what you mean by in openldap.
On 12/10/2012 09:57 AM, Josh Ellsworth wrote:
We recently rolled out a replacement 389 environment to replace a pair
that had gotten corrupted. Ever since we put the new ones in place we
have had issues with the server not listening to new requests due to
too many open file descriptors. The
groups. I was
hoping that someone already had a schema and a plugin to do this.
Please file an RFE ticket at https://fedorahosted.org/389/
-Original Message-
*From:* Rich Megginson [mailto:rmegg...@redhat.com]
*Sent:* Monday, December 10, 20122:45 PM
*To:* General discussion list
On 12/12/2012 11:48 AM, Orion Poplawski wrote:
It there some way to find out when a 389 - AD password sync
operation fails? We're seeing issues where passwords are accepted by
the side making the change, but then the other side rejects it. But
we don't see any messages in the logs.
AD to
On 12/13/2012 01:43 PM, harry.dev...@faa.gov wrote:
We had an incident today using the 389-console GUI where our groups
were inadvertently deleted. We are in the process of recreating them
(not too bad, just tedious). I am looking at finding a way to back up
our data periodically so should
!
Harry
Harry Devine
Common ARTS Software Development
AJM-245
(609)485-4218
harry.dev...@faa.gov
From: Rich Megginson rmegg...@redhat.com
To: General discussion list for the 389 Directory server project.
389-users@lists.fedoraproject.org
Cc: Harry Devine/ACT/FAA@FAA
Date: 12/13/2012 03:45 PM
On 12/16/2012 09:22 AM, Colin Tulloch wrote:
Hi all – thanks for reading!
We're planning a deployment of RHDS in our environment right now. We
want to setup multi-mastering, however I'm confused by the 20 masters
per replication scenario limit that's in the Redhat documentation.
There
On 12/17/2012 10:42 PM, George Stoynev wrote:
Hi all,
I tried to search through the list but did not find what I was looking
for.
I am testing 389-ds installation and password policies implementation.
I installed it both on Ubuntu 12.04 Server and on CentOS 6.3. Still in
the beginning as I
On 12/18/2012 07:49 AM, Deyan Stoykov wrote:
Hi,
We are planning a Windows synchronization setup, but are being kind of
blocked by the inability to sync attributes other than the hard-coded
list (we need specifically displayName and optionally some of the the
eduPerson schema). Can this be
On 12/19/2012 10:22 AM, Doug Tucker wrote:
On 12/19/2012 09:53 AM, Doug Tucker wrote:
I am baffled. So reading the install documentation at
http://directory.fedoraproject.org/wiki/Install_Guide
It links to the install guide at redhat.com which indicates to type
yum install redhat-ds.
On 12/19/2012 10:39 AM, Doug Tucker wrote:
Ok. Looks like CentOS doesn't provide them. You'll have to get them
from EPEL6. http://port389.org/wiki/Download
Thanks! I must say the installation instructions are very confusing.
Is there a reason the install links to the redhat doc vs.
, Rich Megginson wrote:
On 12/19/2012 10:39 AM, Doug Tucker wrote:
Ok. Looks like CentOS doesn't provide them. You'll
have to get them from EPEL6.
http://port389.org/wiki/Download
Thanks! I must say the installation
On 12/20/2012 02:04 PM, Doug Tucker wrote:
I got it installed with the epel. Thanks to Rich for that! Doing an
ldapsearch on the base works, yea! I cannot launch the console
though. When I try I get this:
/usr/bin/389-console -a http://localhost:9830
Exception in thread main
On 12/23/2012 02:51 PM, Graham Leggett wrote:
Hi all,
After updating the directory as follows in order to make 389ds listen to
localhost:389 and external.ip.address:636 (with SSL), the server refuses to
start complaining as follows:
[22/Dec/2012:09:32:26 +] createprlistensockets -
On 12/27/2012 03:49 PM, Orion Poplawski wrote:
On 12/27/2012 03:26 PM, Orion Poplawski wrote:
Has any work been done towards supporting Apple OS X ldap schema in
389? It
seems like this is the latest OpenLDAP schema for Apple:
On 01/08/2013 10:46 AM, Tom Tucker wrote:
This additional might help explain my scenario.
I am attempting to make these changes on a downstream hub. The
current suffix referral window has my multi-master servers defined,
but the port specified is 389 vice 636. Assuming I can't manage this
On 01/11/2013 06:26 AM, Petr Spacek wrote:
Hello 389 users and developers,
I would be very happy if somebody could give me any advice about the
right way to solve this problem:
I have following objectClass in the schema:
objectClasses: ( 2.16.840.1.113730.3.8.6.1 NAME 'idnsZone' DESC 'Zone
On 01/11/2013 08:13 AM, Petr Spacek wrote:
On 11.1.2013 15:54, Rich Megginson wrote:
On 01/11/2013 06:26 AM, Petr Spacek wrote:
Hello 389 users and developers,
I would be very happy if somebody could give me any advice about
the right
way to solve this problem:
I have following objectClass
On 01/11/2013 10:07 AM, Petr Spacek wrote:
On 11.1.2013 17:05, Petr Spacek wrote:
On 11.1.2013 16:22, Rich Megginson wrote:
On 01/11/2013 08:13 AM, Petr Spacek wrote:
On 11.1.2013 15:54, Rich Megginson wrote:
On 01/11/2013 06:26 AM, Petr Spacek wrote:
Hello 389 users and developers,
I
On 01/14/2013 02:00 PM, Picture Book wrote:
Got the following error when trying to ADD userPassword attribute to an entry, but the same user has no
problem to REPLACE or DELETE userPassword attribute. The use has the write privillage to
userPassword attribute.
error code 50 - Insufficient
On 01/14/2013 03:53 PM, Jon Detert wrote:
Hello,
I have 3 root-suffixes served by 1 instance of slapd in fedora-ds v1.0.4 :
dc=example,dc=com
o=example.com
o=NetscapeRoot
I'm trying to import them into an instance of 389-ds v1.2.10, but I can only
get the 1st one imported.
On 01/15/2013 07:09 AM, Picture Book wrote:
error code 50 - Insufficient 'write' privilege to the 'unhashed#user#password'
attribute of entry
DS version 1.2.10.12
Does it mean that ADD userPassword attribute will automatically ADD
'unhashed#user#password' attribute ?
Is there a way to
On 01/18/2013 11:08 AM, Josh Ellsworth wrote:
How do I configure the DNA plugin? I enabled it through the console –
do I just now add entries to dse.ldif? I’d like to do this without
restarting the service if possible.
On 01/23/2013 08:56 AM, Elizabeth Jones wrote:
I had a strange thing start up yesterday with my 389-console.
I have 4 directory servers in 2 data centers. I have been using
389-console to manage them. Yesterday, I opened 389-console for server 1
in datacenter 2 (DC2_1) and it ended up showing
On 01/23/2013 09:22 AM, Picture Book wrote:
After enabling the refertial integrity postoperation plugin, I created a user
and a group with the user as member. When I changed the user's rdn: uid. I got
the following error, and the uniquememeber of the group didn't change.
Is this a known
On 01/23/2013 09:44 AM, Picture Book wrote:
I have this problem in a production system. So I create a test instance to
confirm it. After create the test instance, I just enable the plugin without
changing any configuration.
I'm assuming you are using EL 6.3 with the EPEL6 version of
On 01/23/2013 11:36 AM, Picture Book wrote:
This is another bug exists in 1.2.10.12, but not exists in 1.2.11.14
enable cn=attribute uniqueness,cn=plugins,cn=config
with the default attribute: uid
copy and create cn=attribute test uniqueness,cn=plugins,cn=config
with another attribute,
On 01/24/2013 10:24 AM, Andrew Carr wrote:
Hello,
I am working on migrating from ApacheDS 1.5.7 to the newest 389-ds
offered in the centos repos (I believe at this time it is
1.2.10.2-10.el6_3.)
rpm -q 389-ds-base
Everytime I try to import there are errors. Most of the errors are
No Such
On 01/24/2013 11:09 PM, vladimir Safoo wrote:
My apologies,
I just saw the thread [389-users] AD - LDAP password expiration sync
Is this correct, there is no current way to sync the shadowLastChange
value?
Correct.
On Fri, Jan 25, 2013 at 12:04 AM, vladimir Safoo
wudadin2...@gmail.com
On 01/25/2013 04:37 PM, Josh Ellsworth wrote:
One of my coworkers deleted about 100 groups today by accident. I have
tried re-adding the groups but am getting a ‘entry already exists’
error. Is this due to the tombstone entries? Is there a way to get
past this?
I would prefer to reanimate
On 01/29/2013 09:39 AM, Carsten Grzemba wrote:
The problem is that the scripts use a env variable USER which is
commonly not set in Solaris (there is LOGNAME common). It try to work
arround this by setting this in:
/etc/opt/csw/default/dirsrv
So I guess if USER not set will the perl
first.
Santos U. Ramirez
Linux Systems Administrator
National DCP, LLC
150 Depot Street
Bellingham, Ma. 02019
Phone: 508-422-3089
Fax: 508-422-3866
santos.rami...@natdcp.com mailto:santos.rami...@natdcp.com
*From:*Rich Megginson [mailto:rmegg...@redhat.com]
*Sent:* Wednesday, January 30
On 01/31/2013 09:56 AM, Bright, Daniel wrote:
On 01/31/2013 09:14 AM, Bright, Daniel wrote:
When you say schema replication is tricky because it is a “single”
master, I am using an MMR environment where in effect every member is
a master. Is this a setting that is controlled elsewhere, and
On 01/31/2013 09:17 AM, Picture Book wrote:
After using dynamic group in ACL, I see the following messages in errors log
1
ldapsearch -h localhost -p 389 -D uid=ttest,ou=people,ou=Test,dc=example,dc=com -w sp
-b ou=people,ou=Test,dc=example,dc=com
[31/Jan/2013:10:53:36 -0500] NSACLPlugin -
On 02/03/2013 11:43 PM, Vesa Alho wrote:
Hi,
I'm currently planning to do a 389 production installation and was
wondering is there point to wait until new 1.3.x is available in
repos? Does someone know when 1.3.x can be expected in EPEL?
EPEL6? Probably never.
Thanks.
-Vesa
--
389
On 02/04/2013 09:06 AM, Vesa Alho wrote:
I'm currently planning to do a 389 production installation and was
wondering is there point to wait until new 1.3.x is available in
repos? Does someone know when 1.3.x can be expected in EPEL?
EPEL6? Probably never.
So will it come to EPEL7 whenever
On 02/22/2013 06:46 PM, Dan Lavu wrote:
Todor,
Are the values the same? i.e. the password hash? If it is, I'd use a COS
pointer, essentially pointing sambaNTPassword to Password.
It's not the same. 389 doesn't support the RC2 and DES required by samba.
On 02/27/2013 05:34 AM, william_dar...@navyfederal.org wrote:
We have some extra attributes stored in our Windows 2008 AD Domain
that I need to sync down to our RHDS 9.0 environment.The
attributes would obviously need to be created in the DS schema if they
don't exist.
Is it possible to
On 02/27/2013 08:48 AM, Nathan Kinder wrote:
On 02/27/2013 06:57 AM, Rich Megginson wrote:
On 02/26/2013 10:17 PM, Nathan Kinder wrote:
On 02/26/2013 08:42 PM, David Baird wrote:
Hi,
We have been experiencing an intermittent problem with our AD sync,
where updates to a group in 389 have
On 02/28/2013 04:05 AM, Vesa Alho wrote:
Hi,
I'm having problems with syncing groups from 389 to AD. I wrote about
this earlier but made some more testing.
Using the latest EPEL6 stable:
389-ds-base-1.2.10.12-1.el6.x86_64
389-ds-1.2.2-1.el6.noarch
AD: 2008 R2 64-bit
Group
On 03/01/2013 04:40 AM, Fosiul Alam wrote:
Hi
I just wanted to know whats the best practice to make sure all Slave
as same data as master.
while reading on google,
Best to read the docs
On 03/04/2013 01:51 AM, Vesa Alho wrote:
Hi,
I have now 389 to AD sync working (thanks Rich!). Another question
related to that.
There are currently two Windows sync agreements:
1. Users
ou=People,dc=domain,dc=com == cn=Users,dc=domain,dc=com
2. Projects
On 03/05/2013 06:38 AM, Luigi Santangelo wrote:
Hi,
I have configured two server (called A and B) in replica multimaster mode.
Server B is in read only mode. In server A I have configured
succesfully replication to B of my userRoot.
What is the platform for A and B? What are the 389-ds-base
There is a new tool used to monitor db, entry cache, and dn cache usage.
https://github.com/richm/scripts/wiki/dbmon.sh
If you find problems or have suggestions, please use
https://github.com/richm/scripts/issues
--
389 users mailing list
389-users@lists.fedoraproject.org
On 03/20/2013 05:15 AM, Roberto Polli wrote:
Hi Rich,
On Tuesday 19 March 2013 13:19:08 Rich Megginson wrote:
Looks like you might need to do a manual db upgrade procedure, even
though you should not be affected by the subtree rename conditions, as
in
http://port389.org/wiki
On 03/14/2013 11:11 AM, Roberto Polli wrote:
On Thursday 14 March 2013 11:04:46 Rich Megginson wrote:
What about the scripts such as dirsynccrtl.py, winsyncssl.py, etc. that
use dsadmin.py? Should they be in the same repo as dsadmin.py?
your choiche ;)
I would just separate the reusable
On 03/18/2013 08:37 AM, Roberto Polli wrote:
Hi Rich,
a question about Entry behavior.
Given the following entry:
t = 'o=foo', {'objectclass': ['organization', 'top']}
e = Entry(t)
Use dict.update would be very nice, but if you try
e.data.update({'dc': 'bar', 'objectclass':['organization',
On 03/21/2013 12:18 PM, Paul Whitney wrote:
Hi everyone,
Not sure if this is the right forum to ask about RHDS vs 389DS, but
I am currently using RHDS 8.2 and am looking to deploy 9.0 (master,
hub, and consumer). Will I be able to replication between an 8.2
master and a 9.0 master?
On 03/22/2013 10:28 AM, Morgan Jones wrote:
On Mar 22, 2013, at 12:04 PM, Rich Megginson wrote:
On 03/21/2013 02:45 PM, Morgan Jones wrote:
Hello everyone,
We've standardized on CentOS Directory our ~30,000 user directory environment.
It's a 6 servers total: two multi-master, two read-only
On 03/22/2013 11:06 AM, Chandan Kumar wrote:
Hello,
So far I have been managed to do some setup of 389 server, thanks to
prompt community.
Now, I am having some trouble in getting the MemberOf plugin work
for 389-ds-base-1.2.11.15-11. When I add a user into a group, the
memberOf attribute
Member of mcon group: Australia •
Austria • China • Czech Republic • Germany • India • Japan •
Malaysia • Russia • South Korea • Switzerland • USA
On 03/22/2013 11:57 PM, Rich Megginson wrote
On 03/28/2013 04:05 AM, alexandre wrote:
Hello,
I want to Configure the Password Sync Service and do this command (in
/etc/dirsrv/slapd-instance):
certutil -d . -L -n CA certificate -a dsca.crt
But CA certificate doesn't exist. As I can see in web:
|/etc/dirsrv/slapd-[instance name]|
On 03/26/2013 11:14 AM, jovan.vuko...@sungard.com wrote:
Hi,
I have 389 DS (1.2.10.7 version)
I am getting confusing ldapsearch results when I use two classic CoS
entries defined under the same subtree in order to have the subtree
accounts assigned with one of two different values of a
On 04/02/2013 08:28 AM, Vesa Alho wrote:
I have a need to create new attribute where to store password in
different hash than used in 389ds. This is because 3rd party does not
support our SSHA-512.
You can configure the password policy to use a different storage scheme:
On 04/03/2013 02:11 PM, Thang Nguyen wrote:
I'm running 389-ds-base.x86_64 1.2.11.15-12.el6_4 on RHEL 6.3.
When I do a replace: userPassword with an empty set of values (which
will cause the attribute to be removed), 389ds only remove the
userPassword attribute and doesn't remove the
On 04/08/2013 06:09 PM, Russell Beall wrote:
Hi,
I have a quick question about fractional replication.
There is an attribute which allows for excluding attributes as needed.
nsds5replicatedattributelist: (objectclass=*) $ EXCLUDE attribute1, attribute2, …
The documentation appears to
On 04/10/2013 07:42 AM, alexandre wrote:
Hi,
anyone knows about Windows Password Synchronisation, if it's soon
available for Windows 2012 server ?
The .msi for 2008 should also work on 2012.
And the last one:
it's easy to configure multi replication with multiple Active
Directory
On 04/10/2013 09:07 AM, Kevin Thorpe wrote:
I followed these instructions and managed to chain to a client's
external LDAP
domain once. Deleted it while fiddling about and now I'm getting
'Critical extension
unavailable'. WHICH extension? Nothing in the logs either so I have no
clue as to
If you are using the EL6 builds from the epel-389-ds-base as described here
http://port389.org/wiki/Download
you will probably be interested in upgrading to 1.2.11 at some point. I
have made the latest 1.2.11.21 build available in the
epel-testing-389-ds-base repo. If there is enough positive
, there is no firewall between them. I
can't figure what could the supplier be disconnected.
2013/4/10 Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com
On 04/09/2013 08:33 AM, carne_de_passaro wrote:
Hello folks,
I have a test environment with a FDS version 1.2.0
/Configuring_Directory_Databases-Using_Referrals.html#Using_Referrals-Creating_Smart_Referrals
On 11 April 2013 16:41, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 04/11/2013 09:25 AM, Kevin Thorpe wrote:
Hi I'm using smart referrals to pull in a list of users from a
foreign LDAP
On 04/11/2013 01:25 PM, carne_de_passaro wrote:
It would appear the DN is corrupted. We might be able to find
it. The entries are sent in roughly entry ID order. So assuming
the first entry with ID 1 is sent in op=4, we should be looking
for an entry with ID 43381-4 = 43377
On 04/12/2013 10:14 AM, A Iqbal wrote:
Greetings,
New to server 389 and am trying to set up chainonupdate so my
consumers can forward updates to master servers. Using the recipe at
http://directory.fedoraproject.org/wiki/Howto:ChainOnUpdate#Problems_During_Implementation
OS is CentOS 6.3
389
On 04/22/2013 04:43 AM, s.varadha rajan wrote:
Hi Team,
We have implemented 389-ds in Ubuntu 12.04 LTS. Everything is working
fine.we have created ou called groups such as
ou=groups,dc=xxx,dc=com. same 389-ds (1.2.1-0ubuntu2)implemented in
the Ubuntu linux 10.04 LTS and we can see the aci
On 04/22/2013 02:44 AM, Moisés Barba Pérez wrote:
Hi,
Tryint to clean a ruv of an old server (the server doesn't exist any
more) I use:
[root@xxx ~]# ldapmodify -D cn=Directory Manager -x -W EOF
dn: cn=X-Y1-Y2, cn=replica, cn=o=xxx,dc=xxx,dc=xx, cn=mapping
tree, cn=config
On 04/22/2013 07:02 AM, Aziza Lichir wrote:
Thanks for your answer i actualy succeed with the synchronisation
between AD and DS with a simple connection now my question is it
possible to integrate like a kind of filter to choose the OU that i
want to synchronise or not like for example i have
On 04/30/2013 05:42 AM, alexandre wrote:
Hello,
do you know when the stable version 1.2.11 will be available ?
By your line of questioning I assume you are talking about EL6, and you
are not using the official packages from RHEL6 or CentOS6, you are
using the epel-389-ds-base.repo
Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com
On 04/30/2013 11:56 AM, alexandre wrote:
Hello,
I take a look for 389DS centos version, and I need to install
epel repo otherwise there is just 389-ds-base, and I need the
graphic part too.
Right. 389-ds
On 05/01/2013 10:35 AM, alexandre wrote:
Hello,
when I put the MemberOf Plugin enable, it doesn't work for me...
For exemple, when I do a right click on a user, I can't see any group
for this user.
Any ideas ?
On 05/02/2013 03:21 PM, Denise Cosso wrote:
Dear,
replication 389 - AD (onewaysync) is working, but would like to
replicate the account lockouts in 389 (nsaccountlock = true) for AD
(userAccountControl = 514).
Is possible? Any suggestions?
You can do this with freeipa winsync, but not
On 05/07/2013 01:27 AM, alexandre wrote:
Hello,
I try to update my 1.2.10 389-ds-base to 1.2.11 389-ds-base.
With this command:
yum --enablerepo=epel-testing-389-ds-base --enablerepo=epel-testing
update 389-ds-base
The installation begin, but I get an error:
Error: Package:
On 05/13/2013 09:09 AM, Vincent Gerris wrote:
hi,
I noticed this entry when trying to use the db2bak.pl script.
I found out that the -a option only works when for example
the /var/lib/dirsrv/slapd-server/bak or a subdir is used (effectively)
the same dir as without the -a option.
I was using a
On 05/14/2013 01:34 PM, Denise Cosso wrote:
Description of problem:
In the Directory Console, when you click on user that was synced
from Directory Server, and open the properties page, if you click
on the NT User, and uncheck the Enable NT User Attributes
check box and attempt to save, you will
On 05/15/2013 08:40 AM, alexandre wrote:
Hello,
I had two problems because I missunderstand Windows Server 2012.
I made the install of the PasswordSync as for Windows 2008R2, I need
to do just 3 things more:
* run powershell as administrator.
* I don't know if is needed, but I set
at 9:36 PM, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 05/16/2013 06:06 PM, Jonathan Vaughn wrote:
We're trying to create accounts (with the posixaccount
objectclass and so forth) via LDAP, and while we can add the
objectclasses and set the attributes
functions its still an array
('count' = 1, 0 = [value]) and so I was silently throwing them away
(hadn't gotten around to putting in actual errors for these yet). :D
Totally my fault.
Ok. Thanks for the info.
On Fri, May 17, 2013 at 11:49 AM, Rich Megginson rmegg...@redhat.com
mailto:rmegg
On 05/17/2013 12:24 PM, Denise Cosso wrote:
Hi,
I would like to help to understand how does the timing of
passwords between Directory Server and AD (Windows8). Configured
unidirectional timing (LDAP-AD), not installed the Windows side
PassSync.
The Directory Server is with password
On 05/28/2013 04:57 AM, Vincent Gerris wrote:
I encountered a similar issue.
I got it when creating an index with the vlvindex command, which was
apparently not correct.
Can you provide your vlv index configuration and the exact command line
you used?
The index creation failed with a segfault
On 05/26/2013 02:50 PM, Graham Leggett wrote:
On 25 May 2013, at 10:27 PM, Graham Leggett minf...@sharp.fm wrote:
It just gets weirder and weirder.
We start with no index on the associatedDomain attribute:
[root@monica slapd-monica]# ls -al
On 06/07/2013 08:44 AM, Petr Spacek wrote:
On 7.6.2013 16:11, Rich Megginson wrote:
On 06/07/2013 05:42 AM, Petr Spacek wrote:
I would like to get opinions from 389 gurus to following problem.
I have an application (DNS server), which needs to read content of
whole one
sub-tree (cn=dns, dc
On 06/07/2013 09:57 AM, Petr Spacek wrote:
On 7.6.2013 16:51, Rich Megginson wrote:
On 06/07/2013 08:44 AM, Petr Spacek wrote:
On 7.6.2013 16:11, Rich Megginson wrote:
On 06/07/2013 05:42 AM, Petr Spacek wrote:
I would like to get opinions from 389 gurus to following problem.
I have
On 06/12/2013 01:03 AM, Vesa Alho wrote:
Hi,
I have been using Console to Export/Import subtrees between production
= qa = test
One question, is it possible to import the whole root suffix(
dc=domain,dc=com)? So far when I have needed to import subtree, I have
first deleted the old subtree
On 06/13/2013 11:26 AM, Rodney wrote:
I'm running 389 DS version 1.2.10.14 for all servers on RHEL 5.8 hosts.
First question, when defining the nsDS5ReplicaUpdateSchedule
attribute for the replication agreement. The Administration manual
says the format should look like this (with no dash in
On 06/14/2013 05:47 AM, jovan.vuko...@sungard.com wrote:
Hi,
We are starting installations of four 389 DS, version 1.2.11 and would
like to pass an inf file together with command line parameters to
setup-ds-admin.pl script.
At the moment we have one 389 DS instance installed where
• Banking • Bulevar Milutina Milankovića 136b, Belgrade,
Serbia • tel: +381.11.6555-66-1 • jovan.vuko...@sungard.com
mailto:jovan.vuko...@sungard.com
*From:*Rich Megginson [mailto:rmegg...@redhat.com]
*Sent:* Friday, June 14, 2013 3:26 PM
*To:* General discussion list for the 389 Directory server
On 06/18/2013 01:51 AM, thierry bordaz wrote:
On 06/18/2013 12:35 AM, Mahadevan, Venkat wrote:
I do not know why your environment is prone to trigger db_deadlock
(lot of replica agreements, VM, slow disks...).
I think the best way to progress is that you fill a ticket/bug so
that we may
On 06/20/2013 08:11 PM, Zane Williamson wrote:
Hi 389-users list!
I appear to have an issue holding onto authentication when attempting
to save changes to an ldap entry.
I am able to authenticate properly, but when I attempt to Save Changes
It takes me to:
On 06/21/2013 08:53 AM, Zane Williamson wrote:
Hi Rich,
I do:
drwx-- 2 dsadmin root4.0K Jun 20 22:44 cookies
Do you see authentication cookies in that directory?
Are there any errors in /var/log/dirsrv/admin-serv/error?
On Fri, Jun 21, 2013 at 7:15 AM, Rich Megginson rmegg
On 06/21/2013 08:56 AM,
jovan.vuko...@sungard.com wrote:
Hi,
We have four 389 DS masters, version 1.2.11
that we are organizing in multi-master replication topology.
On one host we do not
an option in the dsgw conf where I can turn up the
logging verbosity?
not really
Is there a cookie in your browser for dsgw?
On Fri, Jun 21, 2013 at 8:27 AM, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 06/21/2013 08:53 AM, Zane Williamson wrote:
Hi Rich
by changing the encoding of the
page itself to UTF-8 or by specifying accept-charset=utf-8 on the form
element. @ https://mydomain.net/dsgwcmd/dosearch
Could be - not sure - please file a ticket at
https://fedorahosted.org/389/newticket
On Fri, Jun 21, 2013 at 1:44 PM, Rich Megginson rmegg
On 06/22/2013 03:58 PM,
jovan.vuko...@sungard.com wrote:
Hi,
We have four 389 DS, version 1.2.11 that we
are organizing in multi-master replication topology.
After I enabled all four
401 - 500 of 813 matches
Mail list logo