[389-users] Announcing 389 Directory Server 1.4.0.26

389 Directory Server 1.4.0.26 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.26 Fedora packages are available on Fedora 29 Fedora 29 https://koji.fedoraproject.org/koji/taskinfo?taskID=36350217

[389-users] Announcing 389 Directory Server 1.4.1.6

389 Directory Server 1.4.1.6 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.1.6 Fedora packages are available on Fedora 30 and rawhide. https://koji.fedoraproject.org/koji/taskinfo?taskID=36349721

[389-users] Re: Unable to login to admin console after upgrade

On 7/18/19 1:53 PM, Leonard wrote: Trying to use "admin" {SUBJECT_DN=CN=LDAPSERVER, SUBJECT={CN=LDAPSERVER}, SERIAL=3572, AFTERDATE=Tue Jan 02 12:01:36 2029, ISSUER={CN=389 DS}, SIGNATURE=SHA256withRSA, BEFOREDATE=Wed Jan 02 12:01:36 2019, KEYTYPE=RSA, REASONS={}, VERSION=3,

[389-users] Re: Unable to login to admin console after upgrade

On 7/18/19 12:09 PM, Leonard Lawton wrote: On 7/18/19 9:05 AM, Mark Reynolds wrote: On 7/18/19 11:35 AM, Leonard wrote: After upgrading to the following versions, I cannot login to the console. I am presented with the error "error result (49): invalid credentials". 389-admin-

[389-users] Re: Unable to login to admin console after upgrade

On 7/18/19 11:35 AM, Leonard wrote: After upgrading to the following versions, I cannot login to the console. I am presented with the error "error result (49): invalid credentials". 389-admin-1.1.38-1.3.amzn1.x86_64 389-ds-base-libs-1.3.8.4-18.60.amzn1.x86_64

[389-users] Re: Recommended SLAPD cache sizes

Hi Paul, On 7/16/19 9:16 AM, Paul Whitney wrote: Is there some formula or recommendation on determining what would be the optimal cache settings for a directory server (389-ds of course) with following sizes? I looked at the DS 10 Admin Guide online and am getting conflicting information. 

[389-users] Re: Startup issue

What platform are you on?  What version of 389-ds-base?  Please provide more information when asking questions on the mailing list otherwise most people will not respond to your questions - just an FYI. Since I am somewhat familiar with the issue I will provide more background information

[389-users] Announcing 389 Directory Server 1.4.1.5

389 Directory Server 1.4.1.5 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.1.5 Fedora packages are available on Fedora 30 and rawhide. https://koji.fedoraproject.org/koji/taskinfo?taskID=36139436

[389-users] Announcing 389 Directory Server 1.4.0.25

389 Directory Server 1.4.0.25 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.25 Fedora packages are available on Fedora 29 Fedora 29 https://koji.fedoraproject.org/koji/taskinfo?taskID=36138415

[389-users] Re: Admin server and Slapd server will not start

John, What was the previous version and what was the new version?  rpm -qa | grep 389-ds-base This looks related to changes we made around systemd, but I need to know what versions, and platform, you are on to further investigate. Thanks, Mark On 7/8/19 12:44 PM,

[389-users] Re: Windows Sync Agreement not copying all objects

On 7/2/19 9:33 PM, William Brown wrote: On 3 Jul 2019, at 02:16, Mark Reynolds wrote: On 7/2/19 12:09 PM, Abhisheyk Deb wrote: Hi, It turns out it was mistake from our end, we were checking too early before the actual replication was done completely. Now that works properly

[389-users] Re: Windows Sync Agreement not copying all objects

On 7/2/19 12:09 PM, Abhisheyk Deb wrote: Hi, It turns out it was mistake from our end, we were checking too early before the actual replication was done completely. Now that works properly. The direction of replication is from AD -> 389 DS But now we have a new requirement which is to

[389-users] Announcing 389 Directory Server 1.4.0.24

389 Directory Server 1.4.0.24 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.24 Fedora packages are available on Fedora 29 Fedora 29 https://koji.fedoraproject.org/koji/taskinfo?taskID=35826090

[389-users] Announcing 389 Directory Server 1.4.1.4

389 Directory Server 1.4.1.4 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.1.4 Fedora packages are available on Fedora 30 and rawhide. https://koji.fedoraproject.org/koji/taskinfo?taskID=35621238

[389-users] Re: help. directory manager bypassing password policies, alternatives?

On 6/3/19 1:16 PM, Eric Freeman wrote: Between 389 LDAP versions 1.2.11.15-33 and 1.2.11.15-97, we're finding that the Directory Manager account can bypass configured password policies and set user passwords to anything. I believe this is now by design, but is there a configuration file

[389-users] Announcing 389 Directory Server 1.4.0.23

389 Directory Server 1.4.0.23 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.23 Fedora packages are available on Fedora 28, and 29 Fedora 29 https://koji.fedoraproject.org/koji/taskinfo?taskID=35036509

[389-users] Announcing 389 Directory Server 1.4.1.3

pagure.io/389-ds-base * Fri May 24 2019 Mark Reynolds mreyno...@redhat.com <mailto:mreyno...@redhat.com> - 1.4.1.3-1 * Bump version to 1.4.1.3 * Issue 49761 - Fix CI test suite issues * Issue 50041 - Add the rest UI Plugin tabs - Part 2 * Issue 50340 - 2nd try - structs for diabled plu

[389-users] Re: acis in 99user.ldif and target on subtree

On 5/23/19 12:38 PM, Angel Bosch Mora wrote: Hi! two more questions: 1- when migrating should I take care about ACIs in 99user.ldif? rightnow there are four entries: aci: (target="ldap:///cn=schema;)(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare)

[389-users] Re: keeping internal attributes on export/import

On 5/23/19 4:13 AM, Angel Bosch Mora wrote: hi! quick question: is there any reason to keep modifyTimestamp, modifiersName, createTimestamp, and creatorsName when reimporting on a migration? These are important attributes about each each entry.  Knowing when an entry was created or

[389-users] Re: migrations

On 4/17/19 10:47 AM, natan wrote: Hi Is any chance to import all from openldap ? I install 389 Directory Server - from faq in webside + 389-console Now I wanted to import db from openldap - I get root.ldif My openldap have a "weird" root in tree likes: "dn: o=mydomain,c=pl objectClass: top

[389-users] Re: [389-announce] Announcing 389 Directory Server 1.4.0.22

/19 5:59 PM, Vandenburgh, Steve Y wrote: Are packages available for testing on RedHat/CentOS Linux? Steve Vandenburgh LDAP Directory Services/Identity Management *From:*Mark Reynolds *Sent:* Friday, March 29, 2019 5:06 PM *To:* 389-annou...@lists.fedoraproject.org; General discussion list

[389-users] Re: MIssing schemas?

Hi Deborah, Yes things changed since 1.2.x, the standard schema was moved to: /usr/share/dirsrv/schema/ Only custom schema gets added to the instance's schema directory. Regards, Mark On 4/3/19 9:38 AM, Crocker, Deborah wrote: I just loaded version 1.3.8.4 on a Centos7 system (yum install

[389-users] Re: Production level 389 release

Hi Jan, On 4/2/19 5:11 AM, Jan Tomasek wrote: Hi, I'm preparing migration from 389 DS 1.2.5. I'm using single master and 4 replicas all on RedHat which I would like to abandon in favor Debian which is my main platform. My idea was to use 389-ds 1.4.x line on Debian/Buster, but there is

[389-users] Announcing 389 Directory Server 1.4.0.22

389 Directory Server 1.4.0.22 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.22 Fedora packages are available on Fedora 28, and 29 Fedora 29 http://koji.fedoraproject.org/koji/buildinfo?buildID=1240342 Fedora 28

[389-users] Announcing 389 Directory Server 1.4.1.2

389 Directory Server 1.4.1.2 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.1.2 Fedora packages are available on Fedora 30 and rawhide. https://koji.fedoraproject.org/koji/taskinfo?taskID=33820830 - Rawhide

[389-users] Re: Change authentication for LDAP

Hi, On 3/22/19 9:46 AM, Zombie fork wrote: Hi,     We are trying to explore new methods of authentication. We want to move away from the traditional password based authentication to a more secure method like using Certificates , keys etc. Is it possible to implement this? What

[389-users] Re: creating root suffix from cockpit

On 3/21/19 9:35 AM, Angel Bosch Mora wrote: Hi, I asked a broad question here: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/thread/7G2Y2ZYBYB7JNOCMIGV5WQMYDAWSD6VM/ but I would like to know specifically if root suffix can be created with cockpit. During

[389-users] [NOTICE] 389 admin console deprecation, removal, and web UI replacement

In Fedora 30, all the old java console packages have been marked as deprecated: 389-console 389-ds-console 389-admin-console 389-admin 389-adminutil 389-dsgw In Fedora 31 these packages will be removed. Our new Cockpit [1] plugin (cockpit-389-ds) will be the UI replacement, but important to

[389-users] Re: Samba & 389 Directory Server Integration

On 2/22/19 12:42 PM, Janet Houser wrote: Hi Folks, I'm running DS-389 (version: 1.3.7.5 ; Build: 2018.178.1311) on a Cent OS 7 vs. 7.6.1810) system.  I've been working through the Samba & 389 Directory Server Integration

[389-users] Re: Replicate 389DS with another LDAP server

On 2/20/19 5:59 AM, Howard Chu wrote: Date: Tue, 19 Feb 2019 13:50:11 +0100 From: wodel youchi Hi, is it possible to create a replication matser/master or master/slave between 389DS and another LDAP server openldap for example? Regards. Maybe. OpenLDAP has recently added support for

[389-users] Re: SHA1SUM incorrect on download website for Windows Console MSI files

On 2/19/19 11:56 AM, Steve Kuervers wrote: Good morning all, I've been working with 389-ds RPMs from EPEL on CentOS 7.6, looking to replicate in a testing environment the capabilities of RH directory server.  First off, thanks for your work on all this great 389 project! Thanks ;-) I'm

[389-users] Re: Setting an attribute value automatically according to some rule

On 2/17/19 8:01 PM, William Brown wrote: Yeah, I don’t think cos can do templating. Right, COS can add pre-defined virtual values to an entry based on certain attribute values found in that entry, but it can not generate dynamic values like this. If you would be willing Oliver, would you

[389-users] Re: Update userpassword from consummer

On 2/18/19 7:46 AM, wodel youchi wrote: Hi, I did a test, but unfortunately it didn't work for me. This is my LAB: * 389DS Servers : o OS CentOS7 all updates o 389DS version 1.3.8.4-22 o domain : dc=example,dc=com o users on : uid=%u,ou=people,dc=example,dc=com

[389-users] Announcing 389 Directory Server 1.4.0.21

389 Directory Server 1.4.0.21 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.21 Fedora packages are available on Fedora 28, and 29 Fedora 29 https://koji.fedoraproject.org/koji/taskinfo?taskID=32370360

[389-users] Re: Import an ldif

, John *From:*Mark Reynolds *Sent:* Wednesday, January 30, 2019 3:11 PM *To:* General discussion list for the 389 Directory server project. <389-users@lists.fedoraproject.org>; Berger, John *Subject:* Re: [389-users] Import an ldif On 1/30/19 3:58 PM, john.ber...@us.fujitsu.com <mailto

[389-users] Announcing 389 Directory Server 1.4.1.1

389 Directory Server 1.4.1.1 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.1.1 Fedora packages are available on Fedora 30 (rawhide). https://koji.fedoraproject.org/koji/taskinfo?taskID=32348343 -

[389-users] Re: Import an ldif

On 1/30/19 3:58 PM, john.ber...@us.fujitsu.com wrote: We are trying to import an ldif file from our old Sun One Directory Server 5.2. We have the 389 server set up and running. I can initialize the database I want to import in and it seems to work fine. However, we have a lot of users that

[389-users] Re: Replication problems

On 1/29/19 1:16 PM, Mitch Patenaude wrote: On 1/29/19, 10:12 AM, "Mitch Patenaude" wrote: additional info: Unknown attribute nsslapd-errorlog-loglevel will be ignored Figured out that it was suppoed to be nsslapd-errorlog-level. I should have read the docs. Me too :-/

[389-users] Re: Replication problems

On 1/28/19 8:13 PM, Mitch Patenaude wrote: On 1/28/19, 9:20 AM, "Mark Reynolds" wrote: [...] If that is not useful then turning on replication logging would be the next step. Trying to track the CSN only yielded that the same CSN was tried *many* times without success

[389-users] Re: Replication problems

On 1/28/19 12:06 PM, Mitch Patenaude wrote: I’ve got a somewhat complex replication arrangement. There are 6 masters total. 09-11-13 |\/ | \/| |/\ | /\| 10-12-14 So 11 and 12 replicate to all other servers, 09 and 10 replicate to each other and 11 and 12, and 13 & 14 replication

[389-users] Re: Problem with ldapsearch and scope one in 1.4.0.20

On 1/24/19 3:35 PM, Mihai Carabas wrote: On Thu, Jan 24, 2019 at 10:17 PM Mark Reynolds wrote: On 1/24/19 1:54 PM, Mihai Carabas wrote: Hello, [root@ldap ~]# dsctl slapd-ldap db2ldif --replication cursdb cursdb.ldif cursdb.ldif doesn't seem to contain any replication related info. What

[389-users] Re: Problem with ldapsearch and scope one in 1.4.0.20

queid=---", if you don't see this entry in the LDIF then it might not be working (sigh).  You can then use the legacy tool: db2ldif -r -n userroot -a LDIF_FILE Regards, Mark Thank you, Mihai On Thu, Jan 24, 2019 at 5:53 PM Mark Reynolds wrote: On 1/24/1

[389-users] Re: Problem with ldapsearch and scope one in 1.4.0.20

On 1/24/19 1:18 PM, Mihai Carabas wrote: Hello, In order to help you to help me ;), I've re-run db2index and collected the attached stacktraces. Did you see really high CPU? Thank you, Mihai On Thu, Jan 24, 2019 at 5:52 PM Mark Reynolds wrote: On 1/24/19 10:24 AM, Mihai Carabas wrote

[389-users] Re: Problem with ldapsearch and scope one in 1.4.0.20

wrote: Hello Mark, On Thu, Jan 24, 2019 at 4:35 PM Mark Reynolds wrote: On 1/24/19 8:37 AM, Mihai Carabas wrote: On Thu, Jan 24, 2019 at 12:52 AM William Brown wrote: On 24 Jan 2019, at 00:50, Mihai Carabas wrote: =profesor 42815 42818 42821 42824 42827 42830 42833 42836 42839

[389-users] Re: Problem with ldapsearch and scope one in 1.4.0.20

On 1/24/19 10:24 AM, Mihai Carabas wrote: Hello Mark, On Thu, Jan 24, 2019 at 4:35 PM Mark Reynolds wrote: On 1/24/19 8:37 AM, Mihai Carabas wrote: On Thu, Jan 24, 2019 at 12:52 AM William Brown wrote: On 24 Jan 2019, at 00:50, Mihai Carabas wrote: =profesor 42815 42818

[389-users] Re: Problem with ldapsearch and scope one in 1.4.0.20

On 1/24/19 8:37 AM, Mihai Carabas wrote: On Thu, Jan 24, 2019 at 12:52 AM William Brown wrote: On 24 Jan 2019, at 00:50, Mihai Carabas wrote: =profesor 42815 42818 42821 42824 42827 42830 42833 42836 42839 42842 42845 42848 43445 43450 45720 52253 =profesori 7 68 3232

[389-users] Re: Problem with userRoot cache (last one)

roy the original message to assure that it is not read, copied, or distributed by others. ---- *From:* Mark Reynolds *Sent:* Wednesday, January 16, 2019 12:16:19 PM *To:* General discussion list for the 389 Directory server

[389-users] Re: Problem with userRoot cache (last one)

On 1/16/19 12:05 PM, Mark Reynolds wrote: On 1/16/19 12:02 PM, Mark Reynolds wrote: Hi Paul, Okay I think I found the bug you are running into: https://bugzilla.redhat.com/show_bug.cgi?id=1627512 https://pagure.io/389-ds-base/issue/49618 So sounds like you need to upgrade to: 389

[389-users] Re: Problem with userRoot cache

On 1/16/19 12:02 PM, Mark Reynolds wrote: Hi Paul, Okay I think I found the bug you are running into: https://bugzilla.redhat.com/show_bug.cgi?id=1627512 https://pagure.io/389-ds-base/issue/49618 So sounds like you need to upgrade to: 389-ds-base-1.3.8.4-21 (RHEL/Centos 7.6

[389-users] Re: Problem with userRoot cache

the commit found in the pagure ticket above. Regards, Mark On 1/16/19 11:38 AM, Mark Reynolds wrote: Hey Paul, On 1/16/19 10:14 AM, Paul Whitney wrote: We were on version: 389-ds-base-1.3.7.5-24. What OS? The nsslapd-cache-autosize was set to 0.  We apply our own values. To keep

[389-users] Re: Problem with userRoot cache

ibuted by others. *From:* William Brown *Sent:* Tuesday, January 15, 2019 7:22:18 PM *To:* 389-users@lists.fedoraproject.org *Cc:* Paul Whitney *Subject:* Re: [389-users] Problem with userRoot cache > On 16 Jan 2019, at 06:49, Mark Reynolds wrote: &g

[389-users] Re: Problem with userRoot cache

What version were you previously on? Sounds like an issue with autocache sizing.  The errors log might give more info about why its being reset. Also check if "nsslapd-cache-autosize" is set under "cn=config,cn=ldbm database,cn=plugins,cn=config".  If it is, set it to zero to stop the

[389-users] Announcing 389 Directory Server 1.4.0.20

389 Directory Server 1.4.0.20 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.20 Fedora packages are available on Fedora 28, 29, and rawhide. Rawhide https://koji.fedoraproject.org/koji/taskinfo?taskID=31464161

[389-users] Re: Force users to modify their passwords

On 12/14/18 12:38 PM, wodel youchi wrote: Hi, We have 389DS as our main directory server, and we use it with many applications. recently we moved our mail application to Zimbra. Zimbra can use an external LDAP server for authentication, and we did configure that and it works. In 389DS, in

[389-users] Re: Multiple suppliers for a single consumer

On 12/12/18 12:56 AM, Leonard Lawton wrote: Let's say I have nodes A and B setup in a MMR configuration(providers). Is it possible to have node C configured as a consumer for both A and B? I am wanting to have a high availability setup so node C still receives updates if one of the providers

[389-users] Re: 389 Replication from 389-ds-base 1.2.11 to 1.3.8

On 12/10/18 2:55 PM, KONG, BOB wrote: I have a simple question I hope… We currently have a master 389 Directory Server on 1.2.11 and I was wondering if it is possible to replicate to a 389 Directory Server 1.3.8 consumer? Has anyone done this? Yes this should work just fine Thanks in

[389-users] Re: Server Group empty in 389 Management Console for windows

Hi Jason, Are you logging in as Directory Manager?  If not, try that. Now it could be possible that part of the "o=netscaperoot" suffix has been deleted(accidentally?).  That entire server group folder structure is o=netscaperoot, so the entries are either missing, or you don't have

[389-users] Re: Limiting access to same ou

On 12/2/18 7:45 PM, Alistair Cunningham wrote: This is all done and working. In the end, the changes I needed were: dn: cn=config changetype: modify replace: nsslapd-allow-anonymous-access nsslapd-allow-anonymous-access: rootdse dn: dc=example,dc=com changetype: modify delete: aci aci:

[389-users] Re: Limiting access to same ou

On 11/27/18 8:15 PM, Alistair Cunningham wrote: On 28/11/2018 12:08, Mark Reynolds wrote: On 11/27/18 7:24 PM, Alistair Cunningham wrote: I've added these acis, but a telephone (with objectClass 'person') in tenant1 can still see people (with objectClass 'inetOrgPerson') in tenant2

[389-users] Re: Limiting access to same ou

On 11/27/18 7:24 PM, Alistair Cunningham wrote: I've added these acis, but a telephone (with objectClass 'person') in tenant1 can still see people (with objectClass 'inetOrgPerson') in tenant2. Presumably there needs to also be a blanket aci to forbid all telephones from viewing other

[389-users] Re: Limiting access to same ou

On 11/26/18 8:35 PM, Alistair Cunningham wrote: On 27/11/2018 12:32, Mark Reynolds wrote: On 11/26/18 7:44 PM, Alistair Cunningham wrote: Thank you, I'll give that a go. On a related topic, do you know why when I try to add a simpleSecurityObject, I get a 'attribute "cn" not allo

[389-users] Re: Limiting access to same ou

On 11/26/18 7:44 PM, Alistair Cunningham wrote: Thank you, I'll give that a go. On a related topic, do you know why when I try to add a simpleSecurityObject, I get a 'attribute "cn" not allowed' error? $ cat 1234567890.ldif dn: cn=1234567890,ou=2,dc=integrics,dc=com objectClass:

[389-users] Announcing 389 Directory Server 1.4.0.19

389 Directory Server 1.4.0.19 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.19 Fedora packages are available on Fedora 28, 29, and rawhide. Rawhide https://koji.fedoraproject.org/koji/taskinfo?taskID=30902290

[389-users] Re: Configuring Account lockout policy for a individual user or a specific OU

On 11/8/18 3:47 AM, Zombie fork wrote: Hi,     Today we have a global account lockout policy in 389 which is applied to a specific instance. With many countries applying different compliance rules for securing personal data of their cititizen we see an increasing demand to have a seperate

[389-users] Re: Unable to enable SSL using ldapmodify on 389-Directory/1.3.7.5

On 11/6/18 4:43 PM, Jason Jenkins wrote: Hi I’m in the process of migrating from 389-Directory/1.2.11.15 -> 389-Directory/1.3.7.5. I’m trying to automate the setup. I’m finding that I can no longer enable SSL via the command line using ldapmodify. For V1.3.7.5 setup I followed

[389-users] Re: Allow filters through PTA Plugin

On 11/6/18 4:04 AM, LHEUREUX Bernard wrote: Hi all, I'm pretty new in the usage of 389-DS and I would like to know if some of you could help me achieve a feature that would: Have a 389-Directory server in front of AD Domain Controllers acting as "ldap proxy" to protect access to the DC but

[389-users] Re: How to define templates and add an entry to the menu?

On 11/2/18 5:38 PM, "Stefan Günther" wrote: Hello, when adding a new entry, the menu already contains entries like user, group or organizational unit, with preselected attributes. Is possible to add further entries to this menu, e.g. a kopano user with attributes out of the already imported

[389-users] Re: When binding non-anonymously, error code 48 - Anonymous access is not allowed

On 11/2/18 11:17 AM, Graham Leggett wrote: Hi all, My Jira server just forgot all of it’s LDAP settings for no clear reason. While trying to put the settings back, Jira is logging into 389ds by binding as the user "cn=Atlassian,dc=x”. 389ds is in return responding as follows: [LDAP: error

[389-users] Announcing 389 Directory Server 1.3.9.0

389 Directory Server 1.3.9.0 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.9.0 Fedora packages are available on Fedora 27. https://koji.fedoraproject.org/koji/taskinfo?taskID=30581994 Bodhi

[389-users] Re: issues with password encryption changes after upgrade

On 10/31/18 1:25 PM, Ghiurea, Isabella wrote: Hi list, we upgrade from1.3.5.15-1.fc24, to  1.3.7.5-24.el7 What platform are you on now?  Do you see any errors in the errors log when the server starts up? , this a multi master replication environment  we are seeing the paswd encryption

[389-users] Re: Adding additional optional attritubes

Hi Tina, Sounds like you want to add new/custom schema to the server.  So here in a link to the documentation on how to do it: https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/extending_the_directory_schema HTH, Mark On 10/31/18 10:25

[389-users] Re: Track constraint violation due password policy

I can analyse, but in some cases not, so I think that should exist something in 389 to show to us(admin) that. Thanks anyway for your help. On Wed, Oct 31, 2018 at 11:27 AM Mark Reynolds <mailto:mreyno...@redhat.com>> wrote: Hi Alberto, Did you check the access log?   There &q

[389-users] Re: Track constraint violation due password policy

Hi Alberto, Did you check the access log?   There "should" be a small text message that said what syntax was violated on the RESULT line in the access log.  Just grep for err=19 in the access logs.  Let me know if you find it.  But that's all there would be for troubleshooting this.  

[389-users] Announcing 389-console 1.1.19

389 Console 1.1.19 The 389 Directory Server team is proud to announce 389-console version 1.1.19 Fedora packages are available from the Fedora 28, Fedora 29 and Rawhide repositories. Fedora 29 https://koji.fedoraproject.org/koji/taskinfo?taskID=30316371

[389-users] Re: Password policy not working

That is the wrong package "389-ds", what is the version of "389-ds-base"? Can you share what is in the server's access log when the password is changed (/var/log/dirsrv/slapd-YOUR_INSTACE/access)? There should be a few operations that occur during the password change so please make sure to

[389-users] Re: can't start dirsrv-admin service after reboot

] [:debug] [pid 3447:tid 140517964691584] mod_admserv/mod_admserv.c(2620): [3447] adminsdk [0xbogus %p flag 0 in output file there is pid of 3447, but I can't find this pid. Sincerely, -- DaV On Tue, Oct 9, 2018, at 05:46, Mark Reynolds wrote: On 10/2/18 10:47 PM, DaV wrote: Hi gu

[389-users] Announcing 389 Directory Server 1.3.8.10

389 Directory Server 1.3.8.10 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.8.10 Fedora packages are available on Fedora 27. https://koji.fedoraproject.org/koji/taskinfo?taskID=30171199 Bodhi

[389-users] Announcing 389 Directory Server 1.4.0.18

389 Directory Server 1.4.0.18 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.18 Fedora packages are available on Fedora 28, 29, and rawhide. Rawhide https://koji.fedoraproject.org/koji/taskinfo?taskID=30170262

[389-users] Announcing 389 Directory Server 1.3.8.9

389 Directory Server 1.3.8.9 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.8.9 Fedora packages are available on Fedora 27. https://koji.fedoraproject.org/koji/taskinfo?taskID=30150274 Bodhi

[389-users] Announcing 389 Directory Server 1.4.0.17

389 Directory Server 1.4.0.17 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.17 Fedora packages are available on Fedora 28, 29, and rawhide. Rawhide https://koji.fedoraproject.org/koji/taskinfo?taskID=30149568

[389-users] Re: can't start dirsrv-admin service after reboot

On 10/2/18 10:47 PM, DaV wrote: Hi guys, I am facing an issue of can't start dirsrv-admin service after reboot 389ds server. Can anyone help me? Thank in advance. It seems that some files missing after 389ds server reboot. OS: CentOS Linux release 7.5.1804 (Core) Packages:

[389-users] Re: password policy

checking on then Password Admin functionally breaks, correct?  If so, it sounds like a bug then.  Please file a ticket with the exact steps to reproduce the problem. https://pagure.io/389-ds-base/new_issue Thanks, Mark On Wed, Sep 26, 2018, 16:47 Mark Reynolds <mailto:mreyno...@redhat.

[389-users] Re: repl-monitor.pl - monitoring user

On 09/07/2018 04:14 AM, rai...@ultra-secure.de wrote: Hi, I'd like to define a special user just for monitoring the replication (instead of using the Directory Manager). What kind of permissions does that user need? Or does that user need to many privileges that I could use the Directory

[389-users] Re: Making the console-GUI localhost-only

On 09/07/2018 03:47 AM, rai...@ultra-secure.de wrote: Hi, so, the GUI is really served by a webserver, as it looks like? In /etc/dirsrv/admin-serv/console.conf there is a listen directive. I want to change that to 127.0.0.1 instead of 0.0.0.0. Can I edit that file directly or is there

[389-users] Re: Question about replication

On 09/05/2018 12:36 PM, rai...@ultra-secure.de wrote: Am 2018-09-04 17:39, schrieb Marc Muehlfeld: Hi Rainer, Yes it is a typo, it should be: cn=dc\=sub\,dc\=domain\,dc\=ch,cn=mapping tree,cn=config thanks for finding the typo. I fix it and republished the guide:

[389-users] Re: 389 console is blank

Okay, I think you should remove the o=netscaperoot backend, and rerun the register script.   It's not finding your domain ou=northshore.edu in o=netscaperoot First remove the suffix and database configuration:

[389-users] Re: 389 console is blank

erver info to the Configuration Directory Server..." (Screenshot below).  Any ideas? image.png Cassandra Reed 978-762-4222 EDP Systems Analyst III North Shore Community College 1 Ferncroft Road, Danvers MA 01923 On Fri, Aug 31, 2018 at 10:01 AM Mark Reynolds <mailto:mreyno...@redha

[389-users] Re: Question about replication

On 09/04/2018 10:13 AM, rai...@ultra-secure.de wrote: Hi, I'm trying to follow the handbook on creating a multi-master setup (2 servers). cat set_referral_on_t2.ldif dn: cn=cn=dc\=sub\,dc\=domain\,dc\=ch,cn=mapping tree,cn=config changetype: modify replace: nsslapd-referral

[389-users] Re: Installing the console

On 09/04/2018 10:01 AM, rai...@ultra-secure.de wrote: Hi, I setup several servers with setup-ds.pl, instead of setup-ds-admin.pl. Now, the console is not configured. How do I configure it after already configuring the actual 389 server? When I run setup-ds-admin.pl it wants to re-install,

[389-users] Re: 389 console is blank

that this will not affect the userroot database in any way, since classes start next week and I value my job :) Cassandra Reed 978-762-4222 EDP Systems Analyst III North Shore Community College 1 Ferncroft Road, Danvers MA 01923 On Thu, Aug 30, 2018 at 4:19 PM Mark Reynolds <mailto:mre

[389-users] Re: 389 console is blank

s-admin.pl to recreate o=netscaperoot suffix for that server Regards, Mark Cassandra Reed 978-762-4222 EDP Systems Analyst III North Shore Community College 1 Ferncroft Road, Danvers MA 01923 On Thu, Aug 30, 2018 at 3:20 PM Mark Reynolds <mailto:mreyno...@redhat.com>> wrote: On

[389-users] Re: 389 console is blank

op=4 RESULT err=32 tag=101 nentries=0 etime=0 Thank you, -Cassie Cassandra Reed 978-762-4222 EDP Systems Analyst III North Shore Community College 1 Ferncroft Road, Danvers MA 01923 On Thu, Aug 30, 2018 at 9:44 AM Mark Reynolds <mailto:mreyno...@redhat.com>> wrote: Are you l

[389-users] please review: PR 49933 - Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly

https://pagure.io/389-ds-base/pull-request/49933 ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html

[389-users] Re: ds-privilege-name equivalent

On 08/30/2018 12:04 PM, rai...@ultra-secure.de wrote: Am 2018-08-30 00:48, schrieb William Brown: On Wed, 2018-08-22 at 12:41 +0200, rai...@ultra-secure.de wrote: Hi, I have a few users in my open-ds dump that have the following attribute: ds-privilege-name: password-reset Does something

[389-users] Announcing 389 Directory Server 1.3.8.8

389 Directory Server 1.3.8.8 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.8.8 Fedora packages are available on Fedora 27. https://koji.fedoraproject.org/koji/buildinfo?buildID=1139178 Bodhi

[389-users] Announcing 389 Directory Server 1.4.0.16

389 Directory Server 1.4.0.16 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.16 Fedora packages are available on Fedora 28, 29, and rawhide. Rawhide https://koji.fedoraproject.org/koji/buildinfo?buildID=1139175

[389-users] Re: Documentation for 1.4

On 08/26/2018 11:27 AM, Aleks wrote: Dear 389 members. I try to find some documentation about 1.4.0 version on http://www.port389.org/docs/389ds/documentation.html is there one? Is there a bigger information what's was changed in 1.4 as I haven't found any informatin on

[389-users] Re: user privileges needed to run repl-monitor.pl

On 08/17/2018 04:59 PM, Sergei Gerasenko wrote: Hi Mark, I have a test instance of 389-ds running on a vm. I’ve tried updating the aci like this: dn: cn=mapping tree,cn=config changetype: modify replace: aci aci: (targetattr = "cn || nsuniqueid || createtimestamp || description ||

[389-users] Re: user privileges needed to run repl-monitor.pl

little differently, but it should be an easy test though. Regards, Mark Thanks,   Sergei On Aug 17, 2018, at 12:23 PM, Mark Reynolds <mailto:mreyno...@redhat.com>> wrote: Add an ACI to this entry (using your suffix of course) allowing the user or group to read/search/comp

[389-users] Re: user privileges needed to run repl-monitor.pl

On 08/17/2018 11:51 AM, Sergei Gerasenko wrote: Hi, I’ve been using repl-monitor.pl for monitoring replication problems. I would like to use an account with a minimal set of permissions needed for the functionality. I created a user and added the permission to Read Replication Agreements.

<    1   2   3   4   5   6   7   8   9   >