> On 22 Nov 2019, at 19:11, cool dharma06 <cooldharm...@gmail.com> wrote: > > hi, > > > On Fri, Nov 22, 2019 at 4:41 AM William Brown <wbr...@suse.de> wrote: >> >> >> >>> On 21 Nov 2019, at 16:13, cool dharma06 <cooldharm...@gmail.com> wrote: >>> >>> Hi, >>> >>> >>> On Thu, Nov 21, 2019 at 7:48 AM William Brown <wbr...@suse.de> wrote: >>>> >>>> >>>>> On 21 Nov 2019, at 10:49, cool dharma06 <cooldharm...@gmail.com> wrote: >>>>> >>>> >>>>> Hi William, >>>>> >>>>> Thanks for your reply. >>>>> >>>>> I want to enable 389ds to generate nsUniqueID, modifiedTimestamp, >>>>> creators name for all enteries which is added/getting added to 389-ds. >>>>> Any suggestions or reference link to enable this. >>>> >>>> They are all generated by default as part of the server - it may be the >>>> access controls preventing you from viewing them instead .... >>> >>> Sure, I will verify the access policy. And I used following commands to >>> retrieve the user information. >>> >>> $ dsidm ceenext-sles account get-by-dn >>> Enter dn to retrieve : cn=sudo,ou=Groups,dc=cee,dc=test,dc=com >>> dn: cn=sudo,ou=Groups,dc=cee,dc=test,dc=com >>> cn: sudo >>> gidNumber: 1950 >>> objectClass: posixGroup >>> objectClass: groupOfNames >>> objectClass: top >> >> You already have dsidm as a command ?! Which suse version are you on. > I am using SLES 15.1. I installed 389-ds-base from SUSE repo. > Lib386-XXX.rpm i took from Tumbleweed.
There are some updates coming soon to this package I think which will make things better. > >> Anyway, trying looking at the entry as "cn=Directory Manager" instead of >> anonymous, as cn=dm bypasses aci's. > > Thanks for your suggestions, now i am able to view all the attributes. Great! > >>> >>>>> >>>>> >>>>> I have OpenLdap set up with replication enabled and I want to make one >>>>> more 389-ds with replication in sles 15.1 machine . I am unable to find >>>>> admin-console package. >>>>> So I installed lib389 rpm and I am using dsctl, dsidm, dsconf tools to >>>>> experiment and add users in my local 389ds setup. >>>> >>>> SUSE does not ship admin-console, and never will - we are in the process >>>> of actually bringing the new ds* tools into SLE 15.0 and 15.1 which will >>>> make it much easier to administer the server. You can see these on the >>>> wiki or on Red Hat's correspending 389 docs >>>> >>>> http://www.port389.org/docs/389ds/howto/quickstart.html >>>> https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/ >>>> >>>> We are also in the progress of releasing 389-ds docs for SUSE as well, >>> >>> It will be very helpful if you share the ds* tools and 389-ds docs release >>> dates. >> >> I don't have a release date yet I'm sorry - not because I can't share, but >> because there is some administration going on with the packages and I'm not >> sure of when it will be done (but it's necessary steps :) ) > > No issue and thanks for the information. If official SUSE packages are > there it will very useful. Happy to help, and feel free to ask questions anytime! > >>> >>>>> >>>>> Once it's done I am planning to enable sync and replication in 389-ds. >>>>> >>>>> It will be very helpful if u have any guidelines on this. >>>> >>>> 389-ds can replicate with other 389-ds servers, but *not* openldap. So I >>>> think you need to do a datamigration .... >>> >>> Yes, with multiple 389-ds i am planning for replication. Any guidelines or >>> reference link to configure replication. >> >> In the red_hat_directory_server/11 link from redhat, look at their >> replication section :) > > Thank you, I will verify the redhat Guide links. As above, if you have any questions, please let us know. > >>> >>>> >>>>> >>>>> Thanks & Regards >>>>> cooldharma06 >>>>> >>>>> >>>>> On Thu, Nov 21, 2019, 4:33 AM William Brown <wbr...@suse.de> wrote: >>>>> >>>>> >>>>>> On 20 Nov 2019, at 15:41, cool dharma06 <cooldharm...@gmail.com> wrote: >>>>>> >>>>>> Hi all, >>>>>> >>>>>> i have OpenLDAP in my environment. And i am experimenting 389-ds and >>>>>> their functionalities. In my OpenLDAP, i have entries with following >>>>>> attributes: >>>>>> entryCSN, contextCSN, entryUUID. >>>>>> >>>>>> 1. For entryCSN and contextCSN - any equivalent attribute available in >>>>>> 389-ds >>>>>> >>>>>> 2. When i check for the above attributes in 389-ds, i am unable to find >>>>>> those attributes. From the post link, its mentioned like we can use >>>>>> nsUniqueID in place of entryUUID. but we might face issue during >>>>>> Sync/repl. >>>>>> >>>>>> Is this issue got fixed. >>>>>> https://pagure.io/389-ds-base/issue/137 >>>>>> >>>>>> Any suggestions for the above queries. >>>>> >>>>> OpenLDAP and 389-ds use a really different replication model. That's >>>>> probably why you can't find the same types and datapoints. >>>>> >>>>> My question is "what are you trying to achieve". You shouldn't need to >>>>> look at our replication state, that's an internal detail. >>>>> >>>>> If you want a "did this entry change" look at the entryUSN plugin. >>>>> >>>>> If you need the entries unique id, look at nsUniqueID attribute - we have >>>>> spoken about adding entryUUID too, but it's just never materialised. >>>>> >>>>> It's not recommended to set nsUniqueID manually, you should let 389-ds >>>>> generate that itself. >>>>> >>>>> Does that help? Really happy to help as much as possible with your 389-ds >>>>> experimenting :) >>>>> >>>>>> >>>>>> Thanks & Regards >>>>>> cooldharma06 >>>>>> _______________________________________________ >>>>>> 389-users mailing list -- 389-users@lists.fedoraproject.org >>>>>> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org >>>>>> Fedora Code of Conduct: >>>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>>> List Archives: >>>>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org >>>>> >>>>> — >>>>> Sincerely, >>>>> >>>>> William Brown >>>>> >>>>> Senior Software Engineer, 389 Directory Server >>>>> SUSE Labs >>>>> _______________________________________________ >>>>> 389-users mailing list -- 389-users@lists.fedoraproject.org >>>>> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org >>>>> Fedora Code of Conduct: >>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: >>>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org >>>>> _______________________________________________ >>>>> 389-users mailing list -- 389-users@lists.fedoraproject.org >>>>> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org >>>>> Fedora Code of Conduct: >>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: >>>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org >>>> >>>> — >>>> Sincerely, >>>> >>>> William Brown >>>> >>>> Senior Software Engineer, 389 Directory Server >>>> SUSE Labs >>>> _______________________________________________ >>>> 389-users mailing list -- 389-users@lists.fedoraproject.org >>>> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org >>>> Fedora Code of Conduct: >>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>> List Archives: >>>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org >>> _______________________________________________ >>> 389-users mailing list -- 389-users@lists.fedoraproject.org >>> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org >>> Fedora Code of Conduct: >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>> List Archives: >>> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org >> >> — >> Sincerely, >> >> William Brown >> >> Senior Software Engineer, 389 Directory Server >> SUSE Labs >> _______________________________________________ >> 389-users mailing list -- 389-users@lists.fedoraproject.org >> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org > _______________________________________________ > 389-users mailing list -- 389-users@lists.fedoraproject.org > To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org — Sincerely, William Brown Senior Software Engineer, 389 Directory Server SUSE Labs _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
