subject:"\[Freeipa\-users\] Re\: LDAP \- Zammad \-> not offering all fields"

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

2018-11-13 Thread Florence Blanc-Renaud via FreeIPA-users

On 11/12/18 12:58 PM, Tobi Berninger via FreeIPA-users wrote:

hey,
i just tried to add an new user as described in the howto/ldap from 
freeipa. and the console doenst show any errors,

but when i try to use that user as an bind user - it wont work at all.
Maybe something bigger isnt work?
this is the bind settings i use in zammad:
dc=int,dc=asta-frankfurt,dc=de
uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de
this it eh log when i try:
[12/Nov/2018:12:56:12.367897702 +0100] conn=5 op=117374 RESULT err=0 
tag=101 nentries=1 etime=0.079172
[12/Nov/2018:12:56:12.368072341 +0100] conn=5 op=117375 MOD 
dn="fqdn=radius.int.asta-frankfurt.de 
,cn=computers,cn=accounts,dc=int,dc=asta-frankfurt,dc=de"
[12/Nov/2018:12:56:12.370654530 +0100] conn=5 op=117375 RESULT err=0 
tag=103 nentries=0 etime=0.0002612503 csn=5be96b5fa6f30004

[12/Nov/2018:12:56:12.372265034 +0100] conn=74960 op=1 UNBIND
[12/Nov/2018:12:56:12.372279026 +0100] conn=74960 op=1 fd=146 closed - U1
[12/Nov/2018:12:56:15.498614694 +0100] conn=74961 fd=146 slot=146 SSL 
connection from 10.8.0.1 to 10.8.0.6

[12/Nov/2018:12:56:15.531133872 +0100] conn=74961 TLS1.2 256-bit AES-GCM
[12/Nov/2018:12:56:15.558425764 +0100] conn=74961 op=0 BIND 
dn="uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de" 
method=128 version=3
[12/Nov/2018:12:56:15.558859253 +0100] conn=74961 op=0 RESULT err=48 
tag=97 nentries=0 etime=0.0059811400

Hi,

the BIND fails with err=48, which means inappropriate authentication. 
Did you create the user with a password?

flo

[12/Nov/2018:12:56:15.586313574 +0100] conn=74961 op=-1 fd=146 closed - B1

with that change in setting binding isnt working at all,
when i change back to the system3 (the account i am also using for 
nextcloud) it is working fine, when i try it with an normal user also no 
problems

Am Mo., 12. Nov. 2018 um 09:56 Uhr schrieb Alexander Bokovoy 
mailto:aboko...@redhat.com>>:

On ma, 12 marras 2018, Tobi Berninger via FreeIPA-users wrote:
 >Hey,
 >i have an freeipa 4.5.4 on an Centos 7 up and running.
 >I allready binded that ipa trough an ldap on an nextcloud
installation.
 >Now i try to do the same with an zammad. Sadly it doesnt offers me the
 >right fields (first name, last name, mail and many more are missing)
 >I set up an extra ldap sysaccount just for that reason, as it was
described
 >here: https://www.freeipa.org/page/HowTo/LDAP
 >
 >Any ideas what i was doing wrong?
 >
 >Others users in the zammad forum told me that zammad is offering
them the
 >fields i need, so i am quite convinced that the error is in an
 >missconfiguration on my side. Sadly i didnt set the server up, i
just try
 >to keep it running.
It would be good to see what you did exactly.

Can you show which fields you are trying to access and what is the
sysaccount entry?

Can you show what searches are done by zammad in the
/var/log/dirsrv/slapd-/access log? You can find them by
the connection which starts by binding as your sysaccount. It should
look something like below. I used admin user to do the search but it
should not matter in terms of how things a logged. You need logs for the
same connection (conn=).

[12/Nov/2018:10:51:11.951508884 +0200] conn=1098 fd=93 slot=93 SSL
connection from 192.168.100.180 to 192.168.100.180
[12/Nov/2018:10:51:11.959543784 +0200] conn=1098 TLS1.3 128-bit AES-GCM
[12/Nov/2018:10:51:11.959795901 +0200] conn=1098 op=0 BIND
dn="uid=admin,cn=users,cn=accounts,dc=h,dc=example,dc=com"
method=128 version=3
[12/Nov/2018:10:51:12.034886792 +0200] conn=1098 op=0 RESULT err=0
tag=97 nentries=0 etime=0.1916669164
dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"
[12/Nov/2018:10:51:12.035585653 +0200] conn=1098 op=1 SRCH
base="dc=h,dc=example,dc=com" scope=2 filter="(uid=admin)" attrs=ALL
[12/Nov/2018:10:51:12.037307748 +0200] conn=1098 op=1 RESULT err=0
tag=101 nentries=1 etime=0.0001826480
[12/Nov/2018:10:51:12.039934460 +0200] conn=1098 op=2 UNBIND
[12/Nov/2018:10:51:12.039960936 +0200] conn=1098 op=2 fd=93 closed - U1

 >
 >Thank u all for ur help and i apoligze for my english...

 >___
 >FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org

 >To unsubscribe send an email to
freeipa-users-le...@lists.fedorahosted.org

 >Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
 >List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
 >List Archives:

https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org

-- 
/ Alexander Bokovoy

Sr. Principal Software Engineer
Security / Identity Management

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

2018-11-12 Thread Rob Crittenden via FreeIPA-users

Alexander Bokovoy via FreeIPA-users wrote:
> On ma, 12 marras 2018, Tobi Berninger via FreeIPA-users wrote:
>> hey,
>> i just tried to add an new user as described in the howto/ldap from
>> freeipa. and the console doenst show any errors,
>> but when i try to use that user as an bind user - it wont work at all.
>> Maybe something bigger isnt work?
>> this is the bind settings i use in zammad:
>> dc=int,dc=asta-frankfurt,dc=de
>> uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de
>> this it eh log when i try:
>> [12/Nov/2018:12:56:12.367897702 +0100] conn=5 op=117374 RESULT err=0
>> tag=101 nentries=1 etime=0.079172
>> [12/Nov/2018:12:56:12.368072341 +0100] conn=5 op=117375 MOD dn="fqdn=
>> radius.int.asta-frankfurt.de
>> ,cn=computers,cn=accounts,dc=int,dc=asta-frankfurt,dc=de"
>> [12/Nov/2018:12:56:12.370654530 +0100] conn=5 op=117375 RESULT err=0
>> tag=103 nentries=0 etime=0.0002612503 csn=5be96b5fa6f30004
>> [12/Nov/2018:12:56:12.372265034 +0100] conn=74960 op=1 UNBIND
>> [12/Nov/2018:12:56:12.372279026 +0100] conn=74960 op=1 fd=146 closed - U1
>> [12/Nov/2018:12:56:15.498614694 +0100] conn=74961 fd=146 slot=146 SSL
>> connection from 10.8.0.1 to 10.8.0.6
>> [12/Nov/2018:12:56:15.531133872 +0100] conn=74961 TLS1.2 256-bit AES-GCM
>> [12/Nov/2018:12:56:15.558425764 +0100] conn=74961 op=0 BIND
>> dn="uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de"
>> method=128 version=3
>> [12/Nov/2018:12:56:15.558859253 +0100] conn=74961 op=0 RESULT err=48
>> tag=97
>> nentries=0 etime=0.0059811400
>> [12/Nov/2018:12:56:15.586313574 +0100] conn=74961 op=-1 fd=146 closed
>> - B1
>>
>> with that change in setting binding isnt working at all,
>> when i change back to the system3 (the account i am also using for
>> nextcloud) it is working fine, when i try it with an normal user also no
>> problems
> Can you show what attributes it tries to retrieve? I think the core of
> the issue is two-fold: there was a regression bug in 389-ds that applied
> anonymous
> user rights in doing ACI evaluation sometimes. I need to see what
> attributes are requested to see which ACIs are affected.

I'd guess that a default LDAP bind user has little to no read rights
except to cn=compat.

rob

> 
>>
>>
>> Am Mo., 12. Nov. 2018 um 09:56 Uhr schrieb Alexander Bokovoy <
>> aboko...@redhat.com>:
>>
>>> On ma, 12 marras 2018, Tobi Berninger via FreeIPA-users wrote:
>>> >Hey,
>>> >i have an freeipa 4.5.4 on an Centos 7 up and running.
>>> >I allready binded that ipa trough an ldap on an nextcloud installation.
>>> >Now i try to do the same with an zammad. Sadly it doesnt offers me the
>>> >right fields (first name, last name, mail and many more are missing)
>>> >I set up an extra ldap sysaccount just for that reason, as it was
>>> described
>>> >here: https://www.freeipa.org/page/HowTo/LDAP
>>> >
>>> >Any ideas what i was doing wrong?
>>> >
>>> >Others users in the zammad forum told me that zammad is offering
>>> them the
>>> >fields i need, so i am quite convinced that the error is in an
>>> >missconfiguration on my side. Sadly i didnt set the server up, i
>>> just try
>>> >to keep it running.
>>> It would be good to see what you did exactly.
>>>
>>> Can you show which fields you are trying to access and what is the
>>> sysaccount entry?
>>>
>>> Can you show what searches are done by zammad in the
>>> /var/log/dirsrv/slapd-/access log? You can find them by
>>> the connection which starts by binding as your sysaccount. It should
>>> look something like below. I used admin user to do the search but it
>>> should not matter in terms of how things a logged. You need logs for the
>>> same connection (conn=).
>>>
>>> [12/Nov/2018:10:51:11.951508884 +0200] conn=1098 fd=93 slot=93 SSL
>>> connection from 192.168.100.180 to 192.168.100.180
>>> [12/Nov/2018:10:51:11.959543784 +0200] conn=1098 TLS1.3 128-bit AES-GCM
>>> [12/Nov/2018:10:51:11.959795901 +0200] conn=1098 op=0 BIND
>>> dn="uid=admin,cn=users,cn=accounts,dc=h,dc=example,dc=com" method=128
>>> version=3
>>> [12/Nov/2018:10:51:12.034886792 +0200] conn=1098 op=0 RESULT err=0
>>> tag=97
>>> nentries=0 etime=0.1916669164
>>> dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"
>>> [12/Nov/2018:10:51:12.035585653 +0200] conn=1098 op=1 SRCH
>>> base="dc=h,dc=example,dc=com" scope=2 filter="(uid=admin)" attrs=ALL
>>> [12/Nov/2018:10:51:12.037307748 +0200] conn=1098 op=1 RESULT err=0
>>> tag=101
>>> nentries=1 etime=0.0001826480
>>> [12/Nov/2018:10:51:12.039934460 +0200] conn=1098 op=2 UNBIND
>>> [12/Nov/2018:10:51:12.039960936 +0200] conn=1098 op=2 fd=93 closed - U1
>>>
>>>
>>> >
>>> >Thank u all for ur help and i apoligze for my english...
>>>
>>> >___
>>> >FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
>>> >To unsubscribe send an email to
>>> freeipa-users-le...@lists.fedorahosted.org
>>> >Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
>>> >List Guidelines:

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

2018-11-12 Thread Alexander Bokovoy via FreeIPA-users


On ma, 12 marras 2018, Tobi Berninger via FreeIPA-users wrote:

hey,
i just tried to add an new user as described in the howto/ldap from
freeipa. and the console doenst show any errors,
but when i try to use that user as an bind user - it wont work at all.
Maybe something bigger isnt work?
this is the bind settings i use in zammad:
dc=int,dc=asta-frankfurt,dc=de
uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de
this it eh log when i try:
[12/Nov/2018:12:56:12.367897702 +0100] conn=5 op=117374 RESULT err=0
tag=101 nentries=1 etime=0.079172
[12/Nov/2018:12:56:12.368072341 +0100] conn=5 op=117375 MOD dn="fqdn=
radius.int.asta-frankfurt.de
,cn=computers,cn=accounts,dc=int,dc=asta-frankfurt,dc=de"
[12/Nov/2018:12:56:12.370654530 +0100] conn=5 op=117375 RESULT err=0
tag=103 nentries=0 etime=0.0002612503 csn=5be96b5fa6f30004
[12/Nov/2018:12:56:12.372265034 +0100] conn=74960 op=1 UNBIND
[12/Nov/2018:12:56:12.372279026 +0100] conn=74960 op=1 fd=146 closed - U1
[12/Nov/2018:12:56:15.498614694 +0100] conn=74961 fd=146 slot=146 SSL
connection from 10.8.0.1 to 10.8.0.6
[12/Nov/2018:12:56:15.531133872 +0100] conn=74961 TLS1.2 256-bit AES-GCM
[12/Nov/2018:12:56:15.558425764 +0100] conn=74961 op=0 BIND
dn="uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de"
method=128 version=3
[12/Nov/2018:12:56:15.558859253 +0100] conn=74961 op=0 RESULT err=48 tag=97
nentries=0 etime=0.0059811400
[12/Nov/2018:12:56:15.586313574 +0100] conn=74961 op=-1 fd=146 closed - B1

with that change in setting binding isnt working at all,
when i change back to the system3 (the account i am also using for
nextcloud) it is working fine, when i try it with an normal user also no
problems

Can you show what attributes it tries to retrieve? I think the core of
the issue is two-fold: there was a regression bug in 389-ds that applied 
anonymous
user rights in doing ACI evaluation sometimes. I need to see what
attributes are requested to see which ACIs are affected.




Am Mo., 12. Nov. 2018 um 09:56 Uhr schrieb Alexander Bokovoy <
aboko...@redhat.com>:


On ma, 12 marras 2018, Tobi Berninger via FreeIPA-users wrote:
>Hey,
>i have an freeipa 4.5.4 on an Centos 7 up and running.
>I allready binded that ipa trough an ldap on an nextcloud installation.
>Now i try to do the same with an zammad. Sadly it doesnt offers me the
>right fields (first name, last name, mail and many more are missing)
>I set up an extra ldap sysaccount just for that reason, as it was
described
>here: https://www.freeipa.org/page/HowTo/LDAP
>
>Any ideas what i was doing wrong?
>
>Others users in the zammad forum told me that zammad is offering them the
>fields i need, so i am quite convinced that the error is in an
>missconfiguration on my side. Sadly i didnt set the server up, i just try
>to keep it running.
It would be good to see what you did exactly.

Can you show which fields you are trying to access and what is the
sysaccount entry?

Can you show what searches are done by zammad in the
/var/log/dirsrv/slapd-/access log? You can find them by
the connection which starts by binding as your sysaccount. It should
look something like below. I used admin user to do the search but it
should not matter in terms of how things a logged. You need logs for the
same connection (conn=).

[12/Nov/2018:10:51:11.951508884 +0200] conn=1098 fd=93 slot=93 SSL
connection from 192.168.100.180 to 192.168.100.180
[12/Nov/2018:10:51:11.959543784 +0200] conn=1098 TLS1.3 128-bit AES-GCM
[12/Nov/2018:10:51:11.959795901 +0200] conn=1098 op=0 BIND
dn="uid=admin,cn=users,cn=accounts,dc=h,dc=example,dc=com" method=128
version=3
[12/Nov/2018:10:51:12.034886792 +0200] conn=1098 op=0 RESULT err=0 tag=97
nentries=0 etime=0.1916669164
dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"
[12/Nov/2018:10:51:12.035585653 +0200] conn=1098 op=1 SRCH
base="dc=h,dc=example,dc=com" scope=2 filter="(uid=admin)" attrs=ALL
[12/Nov/2018:10:51:12.037307748 +0200] conn=1098 op=1 RESULT err=0 tag=101
nentries=1 etime=0.0001826480
[12/Nov/2018:10:51:12.039934460 +0200] conn=1098 op=2 UNBIND
[12/Nov/2018:10:51:12.039960936 +0200] conn=1098 op=2 fd=93 closed - U1


>
>Thank u all for ur help and i apoligze for my english...

>___
>FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
>To unsubscribe send an email to
freeipa-users-le...@lists.fedorahosted.org
>Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
>List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
>List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org


--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland




___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

2018-11-12 Thread Tobi Berninger via FreeIPA-users

hey,
i just tried to add an new user as described in the howto/ldap from
freeipa. and the console doenst show any errors,
but when i try to use that user as an bind user - it wont work at all.
Maybe something bigger isnt work?
this is the bind settings i use in zammad:
dc=int,dc=asta-frankfurt,dc=de
uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de
this it eh log when i try:
[12/Nov/2018:12:56:12.367897702 +0100] conn=5 op=117374 RESULT err=0
tag=101 nentries=1 etime=0.079172
[12/Nov/2018:12:56:12.368072341 +0100] conn=5 op=117375 MOD dn="fqdn=
radius.int.asta-frankfurt.de
,cn=computers,cn=accounts,dc=int,dc=asta-frankfurt,dc=de"
[12/Nov/2018:12:56:12.370654530 +0100] conn=5 op=117375 RESULT err=0
tag=103 nentries=0 etime=0.0002612503 csn=5be96b5fa6f30004
[12/Nov/2018:12:56:12.372265034 +0100] conn=74960 op=1 UNBIND
[12/Nov/2018:12:56:12.372279026 +0100] conn=74960 op=1 fd=146 closed - U1
[12/Nov/2018:12:56:15.498614694 +0100] conn=74961 fd=146 slot=146 SSL
connection from 10.8.0.1 to 10.8.0.6
[12/Nov/2018:12:56:15.531133872 +0100] conn=74961 TLS1.2 256-bit AES-GCM
[12/Nov/2018:12:56:15.558425764 +0100] conn=74961 op=0 BIND
dn="uid=system4,cn=users,cn=accounts,dc=int,dc=asta-frankfurt,dc=de"
method=128 version=3
[12/Nov/2018:12:56:15.558859253 +0100] conn=74961 op=0 RESULT err=48 tag=97
nentries=0 etime=0.0059811400
[12/Nov/2018:12:56:15.586313574 +0100] conn=74961 op=-1 fd=146 closed - B1

with that change in setting binding isnt working at all,
when i change back to the system3 (the account i am also using for
nextcloud) it is working fine, when i try it with an normal user also no
problems


Am Mo., 12. Nov. 2018 um 09:56 Uhr schrieb Alexander Bokovoy <
aboko...@redhat.com>:

> On ma, 12 marras 2018, Tobi Berninger via FreeIPA-users wrote:
> >Hey,
> >i have an freeipa 4.5.4 on an Centos 7 up and running.
> >I allready binded that ipa trough an ldap on an nextcloud installation.
> >Now i try to do the same with an zammad. Sadly it doesnt offers me the
> >right fields (first name, last name, mail and many more are missing)
> >I set up an extra ldap sysaccount just for that reason, as it was
> described
> >here: https://www.freeipa.org/page/HowTo/LDAP
> >
> >Any ideas what i was doing wrong?
> >
> >Others users in the zammad forum told me that zammad is offering them the
> >fields i need, so i am quite convinced that the error is in an
> >missconfiguration on my side. Sadly i didnt set the server up, i just try
> >to keep it running.
> It would be good to see what you did exactly.
>
> Can you show which fields you are trying to access and what is the
> sysaccount entry?
>
> Can you show what searches are done by zammad in the
> /var/log/dirsrv/slapd-/access log? You can find them by
> the connection which starts by binding as your sysaccount. It should
> look something like below. I used admin user to do the search but it
> should not matter in terms of how things a logged. You need logs for the
> same connection (conn=).
>
> [12/Nov/2018:10:51:11.951508884 +0200] conn=1098 fd=93 slot=93 SSL
> connection from 192.168.100.180 to 192.168.100.180
> [12/Nov/2018:10:51:11.959543784 +0200] conn=1098 TLS1.3 128-bit AES-GCM
> [12/Nov/2018:10:51:11.959795901 +0200] conn=1098 op=0 BIND
> dn="uid=admin,cn=users,cn=accounts,dc=h,dc=example,dc=com" method=128
> version=3
> [12/Nov/2018:10:51:12.034886792 +0200] conn=1098 op=0 RESULT err=0 tag=97
> nentries=0 etime=0.1916669164
> dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"
> [12/Nov/2018:10:51:12.035585653 +0200] conn=1098 op=1 SRCH
> base="dc=h,dc=example,dc=com" scope=2 filter="(uid=admin)" attrs=ALL
> [12/Nov/2018:10:51:12.037307748 +0200] conn=1098 op=1 RESULT err=0 tag=101
> nentries=1 etime=0.0001826480
> [12/Nov/2018:10:51:12.039934460 +0200] conn=1098 op=2 UNBIND
> [12/Nov/2018:10:51:12.039960936 +0200] conn=1098 op=2 fd=93 closed - U1
>
>
> >
> >Thank u all for ur help and i apoligze for my english...
>
> >___
> >FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> >To unsubscribe send an email to
> freeipa-users-le...@lists.fedorahosted.org
> >Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> >List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> >List Archives:
> https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
>
>
> --
> / Alexander Bokovoy
> Sr. Principal Software Engineer
> Security / Identity Management Engineering
> Red Hat Limited, Finland
>
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

2018-11-12 Thread Alexander Bokovoy via FreeIPA-users


On ma, 12 marras 2018, Tobi Berninger via FreeIPA-users wrote:

Hey,
i have an freeipa 4.5.4 on an Centos 7 up and running.
I allready binded that ipa trough an ldap on an nextcloud installation.
Now i try to do the same with an zammad. Sadly it doesnt offers me the
right fields (first name, last name, mail and many more are missing)
I set up an extra ldap sysaccount just for that reason, as it was described
here: https://www.freeipa.org/page/HowTo/LDAP

Any ideas what i was doing wrong?

Others users in the zammad forum told me that zammad is offering them the
fields i need, so i am quite convinced that the error is in an
missconfiguration on my side. Sadly i didnt set the server up, i just try
to keep it running.

It would be good to see what you did exactly.

Can you show which fields you are trying to access and what is the
sysaccount entry?

Can you show what searches are done by zammad in the
/var/log/dirsrv/slapd-/access log? You can find them by
the connection which starts by binding as your sysaccount. It should
look something like below. I used admin user to do the search but it
should not matter in terms of how things a logged. You need logs for the
same connection (conn=).

[12/Nov/2018:10:51:11.951508884 +0200] conn=1098 fd=93 slot=93 SSL connection 
from 192.168.100.180 to 192.168.100.180
[12/Nov/2018:10:51:11.959543784 +0200] conn=1098 TLS1.3 128-bit AES-GCM
[12/Nov/2018:10:51:11.959795901 +0200] conn=1098 op=0 BIND 
dn="uid=admin,cn=users,cn=accounts,dc=h,dc=example,dc=com" method=128 version=3
[12/Nov/2018:10:51:12.034886792 +0200] conn=1098 op=0 RESULT err=0 tag=97 nentries=0 
etime=0.1916669164 dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"
[12/Nov/2018:10:51:12.035585653 +0200] conn=1098 op=1 SRCH base="dc=h,dc=example,dc=com" 
scope=2 filter="(uid=admin)" attrs=ALL
[12/Nov/2018:10:51:12.037307748 +0200] conn=1098 op=1 RESULT err=0 tag=101 
nentries=1 etime=0.0001826480
[12/Nov/2018:10:51:12.039934460 +0200] conn=1098 op=2 UNBIND
[12/Nov/2018:10:51:12.039960936 +0200] conn=1098 op=2 fd=93 closed - U1




Thank u all for ur help and i apoligze for my english...



___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org



--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

[Freeipa-users] Re: LDAP - Zammad -> not offering all fields

5 matches

Site Navigation

Mail list logo

Footer information