[389-users] SSL connection based on cert

Hi, I´m tyring to test a SSL connection from one server(linux) to 389DS using openssl: openssl s_client -connect MY_389_SERVER:636 -cert local_server.crt -key local_server.key -CAfile CA-AD.crt And I got this error on my 389DS log: [31/Aug/2012:14:04:57 -0300] conn=146531 Netscape Portable Run

[389-users] Allow to add a user (userpassword)

How Can allow a normal user from my directory (for example uid=my.appuid,ou=test,dc=test,dc=com ) to add an user entry in the tree? (Remebering that I dont want this user as a administrator, I just want that user to be able to add users into a specific subtree in my directory). Is that possible?

[389-users] console vs nsslapd-allow-anonymous-access

Hi all, Why when i set nsslapd-allow-anonymous-access to off, the ds console stop to work? (I cant login anymore at console) The error message is: Cannot connect to the directory server: netscape.ldap.LDAPException: error result(32) thanks Alberto Viana -- 389 users mailing list 389-users

[389-users] compiling 389 DS

r each function it appears in ldap/servers/slapd/opshared.c: In function âop_shared_log_error_accessâ: ldap/servers/slapd/opshared.c:1702:23: warning: format â%lluâ expects argument of type âlong long unsigned intâ, but argument 3 has type âPRUint64â [-Wformat] Also tried 389-ds-base-1.3.0.3 an

[389-users] Multi master replication problem (389 DS - AD)

nt is that I was using MOZILA SDK to compile 389 and now I´m using the OPENLDAP. Any clue? Thanks Alberto Viana -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: [389-users] Multi master replication problem (389 DS - AD)

molog.rnp,OU=GTI,O=Rede Nacional de Ensino e Pesq uisa,L=Rio de Janeiro,C=BR" I already imported my certificates into 389 ds and windows 2008. I use win2008 as CA. Just to remeber that the same enviroment was working fine with my previous 389DS version. Do you need something mor

Re: [389-users] Multi master replication problem (389 DS - AD)

Norkio, No, it's a new machine. I just rebuild everything. I'm using Ubuntu 12.04.2 LTS. Alberto Viana On Fri, Jul 5, 2013 at 2:50 PM, Noriko Hosoi wrote: > Alberto Viana wrote: > >> I already imported my certificates into 389 ds and windows 2008. I use >> wi

Re: [389-users] Multi master replication problem (389 DS - AD)

ch and let you know. Alberto Viana On Fri, Jul 5, 2013 at 3:15 PM, Noriko Hosoi wrote: > Alberto Viana wrote: > > Norkio, > > No, it's a new machine. I just rebuild everything. > > When you switched to the new machine, you reuse the old server cert

Re: [389-users] Multi master replication problem (389 DS - AD)

Hi man, Where I can find the 1.3.1 source to download? I tried http://directory.fedoraproject.org/wiki/Source#Directory_Server_Source_Code, but it´s not available over there. Alberto Viana On Fri, Jul 5, 2013 at 3:24 PM, Alberto Viana wrote: > No. It's a new server cert (it's

Re: [389-users] Multi master replication problem (389 DS - AD)

ve the same envoriment working fine with ds base "389-Directory/1.2.10.12B2012.210.1745" with this options checked. I also set nsslapd-errorlog-level to "16384", but it didn´t give me anything else. What could be? There´s anything else that I can provide to help to de

[389-users] userPassword attribute

389-Directory/1.3.1.3 B2013.193.1948 I set an ACI to specific user to add,read or modify everything on this OU: dn: ou=UFRGS,ou=RNP,dc=homolog,dc=rnp changetype: modify add: aci aci: (targetattr="*")(version 3.0;aci "ufrgs add permission";allow (add,read,write,compare) userdn="ldap:///uid=app.uf

[389-users] upgrade 389ds from 1.2.10.12 to 1.3.1.8

instance NetscapeRoot failed [20/Sep/2013:14:58:26 -0300] - archive2db: Unable to restart 'NetscapeRoot' [20/Sep/2013:14:58:26 -0300] - Restore finished. Someone can point me what I'm doing wrong? Thanks Alberto Viana -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: [389-users] setup-ds-admin.pl errors

Rich, Any clues? On Thu, Nov 21, 2013 at 3:19 PM, Alberto Viana wrote: > $ ./configure --with-openldap > > I did not specify any CFLAGS. > > > > > On Thu, Nov 21, 2013 at 3:09 PM, Rich Megginson wrote: > >> On 11/21/2013 09:55 AM, Alberto Viana wrote: >&g

Re: [389-users] setup-ds-admin.pl errors

Thanks, I will try it. On Tue, Nov 26, 2013 at 11:44 AM, Rich Megginson wrote: > On 11/26/2013 04:17 AM, Alberto Viana wrote: > > Rich, > > Any clues? > > > Yes, fixed in 1.3.2.6. 1.3.2.7 is out now too. > > > > > On Thu, Nov 21, 2013 at 3:19 PM,

[389-users] migrate-ds-admin.pl

Hi, I'm trying to migrate from old machine (389-Directory/1.2.10.12) to a new machine (389-Directory/1.3.2.6) using the migrate script and i'm getting the following errors: migrate-ds-admin.pl --oldsroot /opt/dirsrv.20131029/ --actualsroot /opt/dirsrv --instance slapd-RNP General.ConfigDirectory

Re: [389-users] migrate-ds-admin.pl

start: Failed to start databases, err=-1 Unknown error: -1 +[02/Dec/2013:12:16:25 -0200] - Failed to start database plugin ldbm database Any clues? Thanks On Mon, Dec 2, 2013 at 10:48 AM, Alberto Viana wrote: > Hi, > > I'm trying to migrate from old machine (389-Directory/1.2.

[389-users] check hostname option

I have 2 389 running (389-Directory/1.3.2.6 and 389-Directory/1.3.1.3) with multiple master configuration. When I set the option "check hostname against name in certificate for outbound SSL connections" the agreement does not work and shows me this error: [05/Dec/2013:14:35:55 -0200] slapi_ldap_b

Re: [389-users] check hostname option

18 PM, Rich Megginson wrote: > On 12/05/2013 10:12 AM, Alberto Viana wrote: > > I have 2 389 running (389-Directory/1.3.2.6 and 389-Directory/1.3.1.3) > with multiple master configuration. > > When I set the option "check hostname against name in certificate for >

[389-users] group issues

I have 2 389 DS with multimaster replicaton and one of them replicating (multimaster) with my AD server 389DS2 <--> 389DS1 <--> ADServer 389-Directory/1.2.10.12 AD Server 2008 R2 With 2 specific groups, for some reason that could not identify in my logs, all members are deleted (i'm not sure if

Re: [389-users] group issues

I found the root cause, it's happens when I change a user from one OU to another on my windows side. Is that an expected behavior? On Thu, Dec 12, 2013 at 3:47 PM, Alberto Viana wrote: > I have 2 389 DS with multimaster replicaton and one of them replicating > (multimaster) with m

Re: [389-users] group issues

Rich, The behavior is a little bit different and I will try to explain: version: 389-Directory/1.2.11.25 B2013.347.1221 389DS <--> Windows 2008 R2 Name of group: GSG_TESTE Included a lot of users on this group, including this user: DN of the user on windows: CN=Alberto Viana,OU=TE

Re: [389-users] group issues

Rich, https://fedorahosted.org/389/ticket/47642 Thanks Alberto Viana On Fri, Dec 13, 2013 at 3:55 PM, Rich Megginson wrote: > On 12/13/2013 10:43 AM, Alberto Viana wrote: > > Rich, > > The behavior is a little bit different and I will try to explain: > version: 389-D

[389-users] groups issues

Hello, I have the following scenario with multi master replication 389DS (389-Directory/1.3.2.13 B2014.066.1215) <-> AD (windows 2008R2) I'm having the following problem using groups on 389: What I DID Create a user test1 Added this user to group GROUP_TEST When I delete this user from 389DS

[389-users] memberof plugin not working as expected

-level to 65536 but could not find any useful information. Thanks Alberto Viana -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: [389-users] memberof plugin not working as expected

rof.pl > > https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Configuration_Command_and_File_Reference/Perl_Scripts.html#fixup-memberof.pl > > Then, continue updating your user in a group? > Thanks, > --noriko > > Alberto Viana wrote: > > Hi, >

Re: [389-users] memberof plugin not working as expected

slapd-pluginVersion: 1.3.2.13 nsslapd-pluginVendor: 389 Project nsslapd-pluginDescription: memberof plugin I have 2 389DS with this version (replication enabled), the same behavior in both. Thanks On Thu, Jul 10, 2014 at 4:29 PM, Mark Reynolds wrote: > > On 07/10/2014 02:35 PM, Alberto

Re: [389-users] memberof plugin not working as expected

: inetuser ntUserLastLogoff: 0 ntUserDeleteAccount: true uid: alberto.viana sn: Viana givenName: Alberto cn: Alberto Viana dn: cn=GRP_SRV_WIKI_CONFLUENCE,OU=GROUPS,dc=mydc,dc=local uniqueMember: uid=alberto.viana,ou=IT,dc=mydc,dc=local objectClass: top objectClass: groupofuniquenames objectClass: ntGroup

Re: [389-users] memberof plugin not working as expected

ate my 389 to a newer version (due to a db2bak.pl problem that was fixed in this newer version) Alberto Viana On Thu, Jul 10, 2014 at 5:16 PM, Noriko Hosoi wrote: > Alberto, > > Alberto Viana wrote: > > Noriko, > > dn: uid=alberto.viana,ou=IT,dc=mydc,dc=local >

Re: [389-users] memberof plugin not working as expected

Jonathan, That worked for me too so I just added all users into a group (any group) and all users received the memberof attribute for all groups. Noriko, This query returns all users on my LDAP (all users have inetuser class). Alberto Viana On Wed, Jul 16, 2014 at 2:46 PM, Jonathan

[389-users] Replication doubts

Hi, I want to enable a replication to a specific subtree on my directory, how do I proceed? For example: I have my root suffix dc=homolog,dc=rnp And just want do enable replication for ou=teste,dc=homolog,dc=rnp Is that possible? Thanks -- 389 users mailing list 389-users@lists.fedoraproje

Re: [389-users] Replication doubts

Mark, Thanks, I will do that. Alberto Viana On Mon, Aug 4, 2014 at 2:25 PM, Mark Reynolds wrote: > > On 08/04/2014 01:19 PM, Alberto Viana wrote: > > Hi, > > I want to enable a replication to a specific subtree on my directory, > how do I proceed? > > For e

[389-users] import bulk

12/Aug/2014:16:37:28 -0300] - import userRoot: WARNING: bad entry: ID 720 What exactly that means? Thanks Alberto Viana -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: [389-users] import bulk

Rich, I have 9 users on this DN/OU, just this one gave me this error, I'm not sure that I understand what you're saying to me. On Tue, Aug 12, 2014 at 4:57 PM, Rich Megginson wrote: > On 08/12/2014 01:50 PM, Alberto Viana wrote: > > I setup a new 389 on my enviroment, an

Re: [389-users] import bulk

n dbscan as follows? > dbscan -f /var/lib/dirsrv/slapd-YOURID/db/YOURBACKEND/id2entry.db# > > Thanks, > --noriko > > Alberto Viana wrote: > > Rich, > > I have 9 users on this DN/OU, just this one gave me this error, I'm not > sure that I understand what you

[389-users] add user aci problem

uot; with same result. ldap_add: Constraint violation (19) additional info: invalid password syntax - passwords with storage scheme are not allowed I have an older server 389-Directory/1.3.2.17 B2014.182.124, and this works fine. What am I missing in the newer version? Or is that a bug? Thanks Albe

Re: [389-users] add user aci problem

:22 PM, Alberto Viana wrote: > > 389-Directory/1.3.2.17 B2014.182.124 > > > I'm trying to add an user (whitout using the manager, with a regular > user): > > Without any aci: > > ldap_add: Insufficient access (50) > additional info: Insufficient '

[389-users] Sync problems with AD 2012 R2

I'm trying to setup a new scenario with 389 and AD 2012 R2 (So far I'm using with AD 2008 R2 and everything works fine). 389-Directory/1.3.4.8 B2016.063.1654 Windows 2012 R2 64bits After configure the AD replication and Initiate a full sync, it starts to do some entries and I got the following

[389-users] Re: Sync problems with AD 2012 R2

ny 2008 r2 to test. * *In my production environment I have:* *389-ds-base 1.3.2.19 + Windows 2008 r2* On Mon, May 16, 2016 at 6:02 PM, Noriko Hosoi wrote: > On 05/16/2016 01:01 PM, Alberto Viana wrote: > > I'm trying to setup a new scenario with 389 and AD 2012 R2 (So far I'm &

[389-users] Re: Sync problems with AD 2012 R2

hangelogdb/169ce382-1b9011e6-91ddc5b4-dc63c95a_55c88d9900c8.db On Tue, May 17, 2016 at 10:08 AM, Alberto Viana wrote: > Noriko, > > *Did you use the same version of 389-ds-base against AD on 2008 R2 and > 2012 R2?* > *389-Directory/1.3.4.8 <http://1.3.4.8> B20

[389-users] Re: Sync problems with AD 2012 R2

6 AM, Rich Megginson wrote: > On 05/17/2016 08:01 AM, Alberto Viana wrote: > > Noriko, > > Just to let you know, after I replicated/created the exactly same OU > structure on both side, the replication seems to works fine. I'm still not > sure that is the expected behavior: &

[389-users] Re: Sync problems with AD 2012 R2

: Full sync ok* *OU just in AD side with users: Full sync ok* *If you need any other info, please let me know.* On Tue, May 17, 2016 at 2:54 PM, Noriko Hosoi wrote: > Thank you for your input, Alberto. > > On 05/17/2016 07:38 AM, Alberto Viana wrote: > > Rich, > > I&#

[389-users] Password expiration doubts

Hello, Version 389-Directory/1.3.4.11 B2016.182.1718 I'm trying to implement password expiration policy with no sucess, I've changed my config: dn: cn=config changetype: modify replace: passwordExp passwordExp: on - replace: passwordMaxAge passwordMaxAge: 120 But after that I'm still able to b

[389-users] Re: Password expiration doubts

Mark, Thanks, I will try on it. One more question, and what about changing password through winsync plugin? On Tue, Oct 25, 2016 at 1:21 PM, Mark Reynolds wrote: > > > On 10/25/2016 11:10 AM, Mark Reynolds wrote: > > > > On 10/25/2016 10:37 AM, Alberto Viana wrote: &

[389-users] Re: Password expiration doubts

I already tested it, and works as expected, Thanks. On Tue, Oct 25, 2016 at 2:24 PM, Alberto Viana wrote: > Mark, > > Thanks, I will try on it. > > One more question, and what about changing password through winsync plugin? > > On Tue, Oct 25, 2016 at 1:21 PM, M

[389-users] Re: Get user password expiration date

I'm also working on it right now and using perl to do that, so I used filter (objectclass=ntUser) and requesting the passwordExpirationTime attribute like this: filter => "objectclass=ntUser", attrs => ["entrydn","mail","passwordExpirationTime"], ); In my case, I prefer rather than write attribut

[389-users] Re: Get user password expiration date

Todor, Off course, but I started it today, so maybe I will finish in next week, please send a email directly to me so I can remember :) Cheers, Alberto Viana On Thu, Nov 3, 2016 at 10:16 AM, Todor Petkov wrote: > On Thu, Nov 3, 2016 at 2:13 PM, Alberto Viana > wrote: > > I&#x

[389-users] subtree password policy problems

objectClass: person objectClass: organizationalperson objectClass: inetOrgPerson Am I missing something? Thanks Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org

[389-users] Re: subtree password policy problems

Hi, Just to explain better what I need: Enforce a global password policy with password expiration but disable for some specifics OUs (just disable the password expiration). On Fri, Nov 4, 2016 at 12:54 PM, Alberto Viana wrote: > Hi, > > 389-ds: 1.3.4.11 > > What I Need

[389-users] Re: subtree password policy problems

Hi, Anyone? I really need some help on this. Thanks On Fri, Nov 4, 2016 at 1:01 PM, Alberto Viana wrote: > Hi, > > Just to explain better what I need: > > Enforce a global password policy with password expiration but disable for > some specifics OUs (just disable the p

[389-users] Re: subtree password policy problems

-console, everything works fine. Analysing the nsPwPolicyContainer and nsPwTemplateEntry created by both methods I could not find any difference. The exactly same thing happens on 1.3.4.11, so is that a script problem? Should I file a ticket anyway? Thanks Alberto Viana On Wed, Nov 16, 2016 at 10

[389-users] Re: subtree password policy problems

Mark, Done, https://fedorahosted.org/389/ticket/49047 Thanks. On Fri, Nov 18, 2016 at 5:14 PM, Mark Reynolds wrote: > > > On 11/18/2016 01:39 PM, Alberto Viana wrote: > > Mark, > > I updated to 1.3.5.14 version and realized that: > > - If I create the subtree pol

[389-users] Replication strategy

I have been using 389 for a while and so far my replication strategy is: 389 <=> AD Replicating whole domain dc=my,dc=domain - OU=user -user1 -user2 - OU=people -user1 -user2 - OU=apps -user1 -user2 - OU=externos -user1 -user2 ... But this specific "OU=externos" do

[389-users] Re: Replication strategy

FALSE nsds5replicaLastInitStart: 0 nsds5replicaLastInitEnd: 0 On Thu, Jun 1, 2017 at 8:35 PM, William Brown wrote: > On Thu, 2017-06-01 at 10:48 -0300, Alberto Viana wrote: > > I have been using 389 for a while and so far my replication strategy is: > > > > 389 <=> AD > >

[389-users] Re: Replication strategy

try on it in my lab. Thanks a lot. On Sun, Jun 4, 2017 at 10:33 PM, William Brown wrote: > On Fri, 2017-06-02 at 10:36 -0300, Alberto Viana wrote: > > William, > > > > I do nothing hehehehe, what I mean that I just ignore the errors :) > > > > Here's my agr

[389-users] password replication

I have a replication setup (389 and AD): 389-Directory/1.3.2.19 B2014.201.1231 We are implementing password police on both side (and password expiration). When the account has expired on AD side (It means that on AD side I have the flag "user must change password" set on an user) , when I try t

[389-users] Re: password replication

the user password (I think that is the same behavior of 389 plugin, am I right?) On Tue, Jul 4, 2017 at 9:10 PM, William Brown wrote: > On Mon, 2017-07-03 at 11:21 -0300, Alberto Viana wrote: > > I have a replication setup (389 and AD): > > > > > > 389-Director

[389-users] compiling 389-ds 3.6(or newer) on ubuntu 16.04

/lib/dirsrv Seems to be missing the libevent(-levent), my workaround was to add it manually: LIBS=-levent ./configure I'm not sure if is an expected behavior, but anyway I just want to share my workaround. Cheers, Alberto Viana ___ 389-users ma

[389-users] Re: password replication

Anyone else that could point me why is this happening? On Tue, Jul 11, 2017 at 9:08 PM, William Brown wrote: > On Mon, 2017-07-10 at 16:39 -0300, Alberto Viana wrote: > > William, > > > > Yes, there's a flag on AD that forces users to reset their passwords, and >

[389-users] No NetscapeRoot under Replication

Hi, I'm testing version 1.3.7.1: ~# ns-slapd -v 389 Project 389-Directory/1.3.7.1.20170714gitecd2588 B2017.195.1935 And using 389 console there is no NetscapeRoot option under Replication (ony userRoot), is it an expected behavior? Thanks ___ 389-us

[389-users] Re: LDAP: error code 19 - invalid password syntax - passwords with storage scheme are not allowed

Hi Kirk I think that in newer versions of 389 you need a special permission to adding already hashed passwords or change user password scheme: http://www.port389.org/docs/389ds/design/password-administrator.html Hope that helps you. Cheers, Alberto Viana On Tue, Aug 29, 2017 at 4:48 PM, Kirk

[389-users] ACI help

nonato,ou=pop-ac,ou=pops,dc=my,dc=domain).attr(objectClass) to uid=my-test-user,ou=aplicacoes,dc=my,dc=domain: no aci matched the subject by aci(253): aciname= "All attributes PoP-AC Permissions", acidn="dc=my,dc=domain" What I need: An user that has no other rights on

[389-users] Re: ACI help

as expected. Thanks a lot for you both. Cheers, Alberto Viana On Thu, Sep 7, 2017 at 5:30 AM, Ludwig Krispenz wrote: > > On 09/07/2017 02:25 AM, William Brown wrote: > > On Wed, 2017-09-06 at 16:55 -0300, Alberto Viana wrote: > > Hi Folks, > > 389-Directory/1.3.7.3.20

[389-users] Re: 389 PassSync 1.1.7 and WIndows Server 2012R2

Hi, Did you try change the log level? HKEY_LOCAL_MACHINE\SOFTWARE\PasswordSync Change LogLevel to 1 (If Im not wrong, the default is 0). Restart the service and check de log again. Hope that helps. On Wed, Dec 20, 2017 at 6:28 PM, Geoff Hardin wrote: > We are implementing PassSync 1.1.7 in

[389-users] password administrator

Hi Guys, Can I set multiple groups in passwordAdminDN? I know that I can set per policy (subtree or user), but there is any other way to specify more than one group globally? Thanks ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To u

[389-users] password policy

Hi guys, When I enable global password policy, is that suppose to affect cn=config? I Just want to confirm that. ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org

[389-users] error moving an user

Hey Guys, 389 version: 389-Directory/1.3.7.4.20170912git26a9426 B2017.255.1330 I'm trying to move one of my users to another OU and I see this kind of error: Error while moving entry - [LDAP: error code 1 - Operations Error] java.lang.Exception: [LDAP: error code 1 - Operations Error] at In t

[389-users] Re: error moving an user

Anyone? Any clues? On Tue, Mar 20, 2018 at 2:15 PM, Alberto Viana wrote: > Hey Guys, > > 389 version: 389-Directory/1.3.7.4.20170912git26a9426 B2017.255.1330 > > I'm trying to move one of my users to another OU and I see this kind of > error: > > Error while moving

[389-users] Re: error moving an user

t; changetype: modify > replace: nsslapd-errorlog-level > nsslapd-errorlog-level: 16385 > EOF > > Thanks, > Simon > > - Original Message - > > From: "Alberto Viana" > > To: "General discussion list for the 389 Directory server project."

[389-users] Debug password check syntax

Hi Guys, I'm testing the password policy and want to debug it. Basically I'm trying so set a valid password (based on my password policy) and 389 returns to me "19: Constraint violation" What should be nsslapd-errorlog-level to debug it? Thanks ___ 389

[389-users] password policy

I have a password applied globally like this: dn: cn=cn\3DnsPwPolicyEntry\2CDC\3Dmy\2CDC\3Ddomain,cn=nsPwPolicyContainer,dc= my,dc=domain passwordLockout: off passwordGraceLimit: 50 passwordWarning: 86400 passwordInHistory: 3 passwordMinLength: 8 passwordMinCategories: 3 passwordStorageScheme: S

[389-users] Re: password policy

d_administrators > > HTH, > > Mark > > On 09/26/2018 02:31 PM, Alberto Viana wrote: > > I have a password applied globally like this: > > dn: > cn=cn\3DnsPwPolicyEntry\2CDC\3Dmy\2CDC\3Ddomain,cn=nsPwPolicyContainer,dc= > my,dc=domain > passwordLockout: off > p

[389-users] Re: error moving an user

n Fri, Sep 28, 2018 at 4:00 PM Kreuzenstein, Luke (OIT) < luke.kreuzenst...@alaska.gov> wrote: > >>> From: "Alberto Viana" > >>> To: "General discussion list for the 389 Directory server project." > <389-users@lists.fedoraproject.org>

[389-users] Track constraint violation due password policy

Hi Guys, There's any way to log or track constraint violation reason? Once We have 2 environments I need to track when an user could change password on windows side but this password could not be replicated to 389 due to password policy . I can see this on passsync log: 10/30/18 18:43:38: Sear

[389-users] Re: Referential Integrity and moving subtree to another parent fails

I'm facing a very similar problem, my version: 389-Directory/1.3.7.4.20170912git26a9426 So, it's probably you right, maybe It's a 1.3.x problem. In my case, I disabled the plugin until I can upgrade my 389 version. On Fri, Feb 22, 2019 at 1:07 AM William Brown wrote: > Okay, I did this with a

[389-users] Re: import userRoot: Skipping entry "XXXXXXXXXXX" which has no parent, ending at line 0 of file "(bulk import)"

Hi Guys, Recently I had the same issue and I copied the database backup from one server to another and used ldif2db.pl to import it and worked fine. After that, the replication works fine. Hope that helps you. On Wed, Mar 6, 2019 at 5:24 PM Jason Jenkins wrote: > Thanks. I'll give that a try.

[389-users] cockpit problems

wxrwx---. 2 dirsrv dirsrv 155 Dec 9 17:25 ssca Also tried to disable selinux, but the behavior is the same. What am I missing? How can I debug it? Thanks Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe s

[389-users] Re: cockpit problems

, Alberto Viana On Thu, Dec 12, 2019 at 1:29 PM Viktor Ashirov wrote: > Hi, > > > On Thu, Dec 12, 2019 at 5:18 PM Alberto Viana > wrote: > >> Hi Guys, >> >> I have installed 389 from source (389-Directory/1.4.2.4 B2019.344.19) >> >> Installed

[389-users] cockpit handlebars warning (npm)

This may allow attackers to crash the application or execute Arbitrary Code in specific conditions.", "recommendation": "Upgrade to version 4.5.3 or later.", I had to update package-lock.json pointing to the latest version of handlebars(4.5.3) in order to install it. Just

[389-users] cockpit plugin doubts

Hi Guys, In the old 389-console was possible to manage remote instances (installations in different machines) and what about in new UI? Should I install a cockpit plugin to each 389 machine in my environment? Any docs about it? Thanks Alberto Viana

[389-users] dsconf problems

Hi Guys, I'm trying to config and enable uniqueness attribute plugin: ~# dsconf RNP plugin attr-uniq add "uid-test" --attr-name uid Successfully created the cn=uid-test,cn=plugins,cn=config if I try to enable it: ~# dsconf RNP plugin attr-uniq enable uid-test Error: 'Namespace' object has no att

[389-users] Re: dsconf problems

Hi Mark, No problems at all, the idea is to contribute to the project. Thanks!! Alberto Viana On Mon, Dec 16, 2019 at 12:19 PM Mark Reynolds wrote: > > On 12/16/19 10:13 AM, Alberto Viana wrote: > > Hi Guys, > > I'm trying to config and enable uniqueness attribute pl

[389-users] selinux doubts

led on the system ~# getenforce Enforcing Centos7 # ns-slapd -v 389 Project 389-Directory/1.4.2.4 B2019.352.1557 What am I missing? Could not found any related doc at 389 or rhds pages. Thanks. Alberto Viana ___ 389-users mailing list --

[389-users] Re: selinux doubts

om License: MIT license May be am I missing this lib(python3-libselinux)? On Wed, Dec 18, 2019 at 5:39 PM Mark Reynolds wrote: > > On 12/18/19 3:21 PM, Alberto Viana wrote: > > Hi Guys, > > I compiled my 389 with selinux enabled (--with-selinux): > > configure:21564:

[389-users] Re: selinux doubts

https://bugzilla.redhat.com/show_bug.cgi?id=1756015 https://bugzilla.redhat.com/show_bug.cgi?id=1719978 Seems to me there's no solution at this point, Am I right? Thanks On Wed, Dec 18, 2019 at 6:20 PM Mark Reynolds wrote: > > On 12/18/19 4:05 PM, Alberto Viana wrote: > > Mark

[389-users] Re: selinux doubts

William, It's clear to me. I will try centos8 :) Thanks. Alberto VIana On Thu, Dec 19, 2019 at 2:50 AM William Brown wrote: > > > > On 19 Dec 2019, at 08:09, Alberto Viana wrote: > > > > Mark, > > > > Seems that's not going to be so eas

[389-users] 389 centOS8 selinux issues

this? Thanks Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

[389-users] Re: 389 centOS8 selinux issues

William, Build 389 by myself. Also created and loaded an selinux module allowing the needed permissions. I Just wonder if is the right/best way to do that and if is an expected behavior. Thanks Alberto Viana On Wed, Jan 8, 2020, 20:58 William Brown wrote: > > > > On 9 Jan 20

[389-users] Re: 389 centOS8 selinux issues

gt; > On 9 Jan 2020, at 10:13, Alberto Viana wrote: > > > > William, > > > > Build 389 by myself. Also created and loaded an selinux module allowing > the needed permissions. I Just wonder if is the right/best way to do that > and if is an expected behavior. > &

[389-users] Re: Attribute encryption issue

installation) the 389 starts to show this error in log. Seems that 389 works fine even with this error in log and I didn't try anything to correct it. Cheers, Alberto Viana On Fri, Jan 10, 2020 at 8:55 PM Mark Reynolds wrote: > > On 1/10/20 6:48 PM, Iain Morgan wr

[389-users] healthcheck problems

ReferentialIntegrityPlugin ... Checking MonitorDiskSpace ... Checking Replica ... Checking Changelog5 ... Checking DSEldif ... Error: [Errno 2] No such file or directory: '/etc/dirsrv/slapd-{instance_name}/dse.ldif' Is that a bug? Thanks Alberto Viana ___ 389-use

[389-users] Re: healthcheck problems

file_dse: FileNotFoundError: [Errno 2] No such file or directory: '/etc/dirsrv/slapd-{instance_name}/dse.ldif' ERROR: Error: [Errno 2] No such file or directory: '/etc/dirsrv/slapd-{instance_name}/dse.ldif' Thanks. Alberto Viana On Mon, Jan 13, 2020 at 4:19 PM Mark Reynold

[389-users] Re: healthcheck problems

Mark, I'm installing it from source, to install lib389 I run: make lib389-install Am I missing something? Thanks Alberto Viana On Mon, Jan 13, 2020 at 4:36 PM Mark Reynolds wrote: > > On 1/13/20 2:24 PM, Alberto Viana wrote: > > Mark, > > Here's: > >

[389-users] Re: healthcheck problems

Mark, Just to let you know, I'm cloning pagure repo and in /src/lib389 the VERSION file points me to this version: ~# cat VERSION 1.0.4 Thanks Alberto Viana On Mon, Jan 13, 2020 at 4:48 PM Alberto Viana wrote: > Mark, > > I'm installing it from source, to install lib389 I

[389-users] dsconf and dsctl bugs

Hi Guys, 389-Directory/1.4.3.1.20200116git4f9aafca9 B2020.016.1843 python3-lib389-1.4.3.1-20200116gita08202a5b.el8.noarch *dsconf*: If I try to create an instance got this error: DEBUG: name 'ensure_list_str' is not defined Traceback (most recent call last): File "/usr/sbin/dscreate", line 75,

[389-users] Re: healthcheck problems

Mark, Thanks, I'm now building the packages as well. Alberto Viana On Mon, Jan 13, 2020 at 4:58 PM Mark Reynolds wrote: > > On 1/13/20 2:56 PM, Alberto Viana wrote: > > Mark, > > Just to let you know, I'm cloning pagure repo and in /src/lib389 the > VERSION

[389-users] Re: dsconf and dsctl bugs

Mark, I wait for the commits to build my package again. Thanks!! Alberto Viana On Thu, Jan 16, 2020 at 4:44 PM Mark Reynolds wrote: > > On 1/16/20 2:25 PM, Alberto Viana wrote: > > Hi Guys, > > 389-Directory/1.4.3.1.20200116git4f9aafca9 B2020.016.1843 > p

[389-users] DB problems

Hi Guys, 389-Directory/1.4.3.1.20200116git4f9aafca9 Start to get this error: [17/Jan/2020:11:49:56.436658541 -0300] - NOTICE - bdb_start - Detected Disorderly Shutdown last time Directory Server was running, recovering database. And 389 do not start anymore. Thanks _

[389-users] Re: DB problems

Mark, There's nothing else in the log. There's no file like /var/lib/dirsrv/slapd-YOUR_INSTANCE/db/__db.* also tried a db_recover but without success. Do you recommend to downgrade my version? Thanks On Fri, Jan 17, 2020 at 12:08 PM Mark Reynolds wrote: > > On 1/17/20

[389-users] Re: DB problems

drwx--. 2 dirsrv dirsrv 4.0K Jan 17 12:04 userroot Thanks On Fri, Jan 17, 2020 at 12:49 PM Mark Reynolds wrote: > > On 1/17/20 10:25 AM, Alberto Viana wrote: > > Mark, > > There's nothing else in the log. > > There's no file like /var/lib/dirsrv/slapd-Y

[389-users] Re: DB problems

Reynolds wrote: > > On 1/17/20 10:51 AM, Alberto Viana wrote: > > Mark, > > > Here's the files: > > ~]# ls -lha /var/lib/dirsrv/slapd-RNP/db/ > total 11M > drwxrwx---. 3 dirsrv dirsrv 61 Jan 17 12:16 . > drwxrwx---. 6 dirsrv dirsrv 58 Jan 16 20:04 .. > -

  1   2   >