On 28.04.2016 08:00, Barry wrote:
NOT work tried ..cannot bind the command 389 or 636 ,,,but telnet work

EOFnsslapd-security: offreplace: nsslapd-securitychangetype: modifydn: cn=configldapmodify -h ms -p 636 -D cn="Directory Manager" -w << EOF

ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

can you please try to put FQDN name of LDAP server to option -h ?
I have doubts that -h 'ms' is server name

Martin


2016-04-27 19:29 GMT+08:00 <barry...@gmail.com <mailto:barry...@gmail.com>>:

    thx let me try as i dont want stop dirsrv but live disable nsslapd
    security.

    2016年4月27日 下午7:26 於 "David Kupka" <dku...@redhat.com
    <mailto:dku...@redhat.com>> 寫道:

        On 27/04/16 13:15, barry...@gmail.com
        <mailto:barry...@gmail.com> wrote:

            Do u meant use ldapmodify?
            I tried update the dse.ldif but it will fall back after a
            while.

            2016年4月27日 下午7:10 於 "David Kupka" <dku...@redhat.com
            <mailto:dku...@redhat.com>
            <mailto:dku...@redhat.com <mailto:dku...@redhat.com>>> 寫道:

                On 27/04/16 12:48, barry...@gmail.com
            <mailto:barry...@gmail.com> <mailto:barry...@gmail.com
            <mailto:barry...@gmail.com>> wrote:

                    Hi:

                    Without restarting dirsrv possible do that ?


                    thx Regards

                    barry




                Hello Barry,

                this ldapsearch should list all attributes that needs
            restart after
                modification:

                $ ldapsearch -D "cn=Directory Manager" -w Secret123 -b
            cn=config
                nsslapd-requiresrestart

                I don't see nsslapd-security listed so it should be
            possible to change it in
                runtime.

                --
                David Kupka


        Yes, I mean ldapmodify.

        Editing dse.ldif while dirsrv is running has no effect because
        it is read only at start and written at least before exit.

        If you REALLY need to edit dse.ldif be sure to stop dirsrv
        then edit it and start dirsrv again.

-- David Kupka





-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to