[389-users] Replication Between 8.2 Master and 9.0 Master

Hi everyone,Not sure if this is the right forum to ask about RHDS vs 389DS, butI am currently using RHDS 8.2 and am looking to deploy 9.0 (master, hub, and consumer).  Will I be able to replication between an 8.2 master and a 9.0 master?I have looked in the Administration Guide on Rhed hat

Re: [389-users] 389DS architecture

You can deploy more than four replication masters. You may have read four because that was what was tested at the time.  But I have seen deployments with more than 10 masters in replication.  Just depends on what your needs are.Windows AD is not part of a multi-master replication.  389DS master

Re: [389-users] 389 won't start - help please?

What about the error log? (/var/log/dirsrv/slapd-/errors) Paul M. Whitney email: paul.whit...@mac.com > On Sep 29, 2013, at 19:27, "Michael R. Gettes" wrote: > > We try to start the service and it dies very quickly. See trace below. > > This is one of our 2 masters running in MMR. Both mast

[389-users] Version Display on RHDS 9 Upgrade

I recently upgraded my DS9 instance (RHDS9 RHBA-2013-0960) on both ldap server and my console.  This should bring my servers to DS 9.1. Yet, I still see Version 9.0.0.  Is this correct or did I miss a step?Paul M. Whitney E-mail: paul.whit...@mac.com -- 389 users mailing list 389-users@lists.fe

Re: [389-users] Version Display on RHDS 9 Upgrade

The README points me to http://rhn.redhat.com/errata/RHBA-2013-0960.htmlThis page says run yum -Fvh.Paul M. Whitney E-mail: paul.whit...@mac.com On Dec 06, 2013, at 12:35 PM, Rich Megginson wrote:On 12/06/2013 10:41 AM, Paul Whitney wrote:I recently upgraded my DS9 instance (RHDS9 RHBA-2013

Re: [389-users] Version Display on RHDS 9 Upgrade

links and for 9.0 jar files, why will the console not use the jars already present?Paul M. Whitney E-mail: paul.whit...@mac.com Cell: 410.493.9448 On Dec 06, 2013, at 12:35 PM, Rich Megginson wrote:On 12/06/2013 10:41 AM, Paul Whitney wrote:I recently upgraded my DS9 instance (RHDS9 RHBA-2013

Re: [389-users] Version Display on RHDS 9 Upgrade

Paul M. Whitney E-mail: paul.whit...@mac.com On Dec 09, 2013, at 11:27 AM, Rich Megginson wrote:On 12/09/2013 09:30 AM, Paul Whitney wrote:Rich, I deinstalled and reinstalled my DS 9.0 ISO, then ran through the updates:   - DS9-RHBA-2011-1788 (nothing to update/install from here since the

Re: [389-users] Version Display on RHDS 9 Upgrade

09, 2013, at 12:53 PM, Rich Megginson wrote:On 12/09/2013 10:55 AM, Paul Whitney wrote: Paul M. Whitney E-mail: paul.whit...@mac.com On Dec 09, 2013, at 11:27 AM, Rich Megginson wrote: On 12/09/2013 09:30 AM, Paul Whitney wrote:Rich, I deinstalled and reinstalled my DS 9.0 ISO, then ran

Re: [389-users] Upgraded to RHDS 9.1 but Console is Still Looking for 9.0 JAR

On Jan 08, 2014, at 12:31 PM, Rich Megginson wrote:On 01/08/2014 10:31 AM, Paul Whitney wrote:Hi, I recently updated RHDS 9.0 servers to 9.1.  I am getting mixed results with the update.  Steps taken: 1.  Stop all dirsrv and dirsrv-admin services 2.  Executed yum localupdate *.rpm 3.  Aft

[389-users] Exporting Index from an Instance

Is there a way to export the Index of a directory server with the intent of importing into another server?Paul M. Whitney E-mail: paul.whit...@mac.com Cell: 410.493.9448 -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

[389-users] db2index on RHDS 9.1

We are trying to reindex RHDS 9.1 after importing an updated index.  Services were stopped.  Started the /usr/lib64/dirsrv/slapd-instance/db2index.Reindex starts but then consistently reports: Processed 300,000 entries ( pass 1)Processed 300,000 entries ( pass 2)and keeps repeating that sequence wi

Re: [389-users] db2index on RHDS 9.1

, then restarts with pass 12.There do not appear to be any glaring errors, just a constant processing and increment in pass number. Paul M. Whitney E-mail: paul.whit...@mac.com Cell: 410.493.9448 On Jan 30, 2014, at 11:57 AM, Rich Megginson wrote:On 01/30/2014 09:58 AM, Paul Whitney wrote:We

Re: [389-users] db2index on RHDS 9.1

n 30, 2014, at 12:48 PM, Rich Megginson wrote:On 01/30/2014 10:17 AM, David Boreham wrote:On 1/30/2014 10:18 AM, Paul Whitney wrote:rpm -q 389-ds-base389-ds-base-1.2.11.15-30.el6_5.x86_64No errors, just a status:reindex userRoot: Processed 315000 entries (pass 11) -- avg rate15283456.5/sec, recent ra

Re: [389-users] db2index on RHDS 9.1

Whitney E-mail: paul.whit...@mac.com On Jan 30, 2014, at 01:32 PM, Rich Megginson wrote:On 01/30/2014 11:33 AM, Paul Whitney wrote:Guys I appreciate you help in this issue.  I unfortunately am hosting on a disconnected network and cannot post any of the information you are requesting without in e

[389-users] LDAP Authenticated User Unable to Overwrite a File

I am having an issue where and LDAP authenticated user cannot overwrite or remove a file on the LDAP-client system even though the permission are set to 777. However, the user is able to create a new file (file is owned by that user) and can be removed by that user. Is there some limitation

Re: [389-users] LDAP Authenticated User Unable to Overwrite a File

Disregard. It was not related to LDAP but rather my use of nosuid or acl in my /etc/fstab. Paul M. Whitney paul.whit...@mac.com 410.493.9448 Sent from my iPad > On Jul 21, 2014, at 8:39, Paul Whitney wrote: > > I am having an issue where and LDAP authenticated user cannot ove

Re: [389-users] load balancing options

Isabella, You could look into purchasing a load balancer such as an F5 LTM/GTM solution. Paul Whitney email: paul.whit...@mac.com Sent from my iPhone > On Oct 9, 2014, at 14:12, Ghiurea, Isabella > wrote: > > Hi List, > > I would like to know what other options peopl

Re: [389-users] load balancing options

I do not know the exact costs. I do know it is not cheap. But it is the best hands-down. If you are looking for an open-source solution, you could take a looks at Zen Load Balancer. I have never used it before. This is just something I discovered with Google. http://www.zenloadbalancer.com/

Re: [389-users] 389 console

my cell phone but hopefully gives you an idea. Paul Whitney email: paul.whit...@mac.com Sent from my iPhone > On Oct 15, 2014, at 18:55, Ghiurea, Isabella > wrote: > > Thank you Rich, > I did that but I'm back to server1 ujsing 389UI Admin console and can'

[389-users] 389 DS in Amazon EC2 Environment

Has anyone had any success with hosting directory servers in the AWS environment? Paul M. Whitney E-mail: paul.whit...@mac.com Cell: 410.493.9448 Sent from my browser. -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

[389-users] Automating a 389 DS Build

Has anyone deployed 389 DS on a system using a script to setup, create instances, SSL enable, etc? Paul W. signature.asc Description: Message signed with OpenPGP using GPGMail -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

[389-users] File Permissions

I have a several openldap clients.  Certs are installed in /etc/openldap/cacerts.  I am using server certificates to to establish an SSL connection with the LDAP server.  Using PAM LDAP to authenticate users. I would like to test hardening these clients. 1.  What are the absolute minimum permi

Re: [389-users] access to LDAP log/access file to non admin users

You could add an ACL with readonly permissions to those logs by by userid or groupid. Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. On Aug 12, 2015, at 12:57 PM, ghiureai wrote: Hi List, I need a nice , clean solution to give access to LDAP error log and access file to

Re: [389-users] access to LDAP log/access file to non admin users

Or alternatively, create a sudo role that allows them to use the /bin/less or /bin/more command on the particular logs of interest. Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. On Aug 12, 2015, at 12:57 PM, ghiureai wrote: Hi List, I need a nice , clean solution to give

Re: [389-users] access to LDAP log/access file to non admin users

...@mac.com Cell: 410.493.9448 Sent from my browser. On Aug 12, 2015, at 01:55 PM, Paul Whitney wrote: Or alternatively, create a sudo role that allows them to use the /bin/less or /bin/more command on the particular logs of interest. Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my

[389-users] Question RE: 389DS

When SSL-enabling the directory server, am I allowed to use a wildcard certificate or is it mandatory the certificate include the FQHN? Thanks, Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedorapro

[389-users] Re: Upgrading to Centos 7...

I think as a general rule of thumb: RHEL 5 = RHDS 8 RHEL 6 = RHDS 9 RHEL 7 = RHDS 10 Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. On Nov 17, 2015, at 02:23 PM, Derek Belcher wrote: Hi guys! What version of 389ds is the equivalent to the RHDS packages? Currently I a

[389-users] Re: 389 and TLS woes

Phil, It looks like you are missing a package. Do you have the NSS package installed? Cheers, Paul M. Whitney paul.whit...@mac.com Sent from my Mac Book Pro > On Jan 15, 2016, at 1:03 PM, Phil Daws wrote: > > Hello all: > > Have tried to get my lab set up with 389 and secure connections mu

[389-users] CentOS 6 Upgrade and 389DS

We upgraded our CentOS 6 build yesterday and managed to break our 389DS service.  We have isolated the problem to a package:  nss-3.21.0-0.3.  When we role back the update to a previous version the 389ds service works fine.  Has anyone else experienced this? Paul M. Whitney E-mail: paul.whit...

[389-users] Red Hat Directory Server 10 Import Fails

I am testing Red Hat Directory Server 10.  I tried importing userRoot database into RHDS 10.  During import, the process (str2entry_dupcheck) complained of a duplicate value and then stopped the import process and cleared out the userRoot director in /var/lib/dirsrv/slapd-users/db. Is there a

[389-users] Re: Red Hat Directory Server 10 Import Fails

...@mac.com On Feb 03, 2017, at 06:10 PM, William Brown wrote:On Fri, 2017-02-03 at 21:27 +, Paul Whitney wrote:I am testing Red Hat Directory Server 10. I tried importing userRoot database into RHDS 10. During import, the process (str2entry_dupcheck) complained of a duplicate value and then stopped

[389-users] Replication Between RHDS 9 and RHDS 10

Hi everyone, I am currently testing RHDS 10 and have successfully initialized/replicated from RHDS 9 to RHDS 10.  Can I do the reverse?  Replicate from RHDS 10 to RHDS 9? Paul M. Whitney E-mail: paul.whit...@mac.com ___ 389-users mailing list -- 38

[389-users] Re: Replication Between RHDS 9 and RHDS 10

, at 09:41 AM, Mark Reynolds wrote: On 02/15/2017 09:27 AM, Paul Whitney wrote: Hi everyone, I am currently testing RHDS 10 and have successfully initialized/replicated from RHDS 9 to RHDS 10.  Can I do the reverse?  Replicate from RHDS 10 to RHDS 9? You can - the protocol is the same, but I ho

[389-users] Here is a stretch query......

I asked earlier if I could set up replication between DS 9 and DS 10.  Answer was favorable and in fact is working fine as part of my transition.  Here is the stretch: Can I temporarily replicate from DS 8 to DS 10? Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. _

[389-users] Scripting SSL Enabling of 389-DS Admin Serv and Instances

I have been building 389DS directory serves, and can automate most of the installation process to include creating my instances such as config.  However, SSL enabling seems to be difficult. I tried the simple copy db files and pin.txt, but when I get into the console to enable the certs, there

[389-users] Re: Replication Issue between versions - Space after commas issues in DN

We have experienced the same thing. Sort of. On RHEL 5 the name with a space in the DN is permitted and is treated as a separate entry. In CentOS 7 it barfs and rejects the entry as a duplicate entry. We are figuring out how to cope with it during our transition to all CentOS 7 . My guess is

[389-users] entry set tombstone rdn

Just detected  two entries in my errors log: _entry_set_tombstone_rdn - Failed to convert DN ou=Policies to RDN with different IDs.  The replicants seem to be performing fine, access logs show activity, but wondering what is this error and is it something I need to fix or can I attribute it

[389-users] db2index.pl Questionable

Hi guys, I am trying to update the index on our userRoot database.  I imported the attribute using the ldif2db routine. Error log reports success. Then I ran the db2index.pl routine with no particular attribute (in essence I guess the whole database is re-indexed) causing the database to g

[389-users] Performance Degradation with Split Database

Still in migration mode from RHEL5/DS 8.2 to CentOS7/DS10 (389-ds-base 1.3.5.10-20). Our one instance is setup with two databases (userRoot and groupRoot).  We are seeing some really high etimes when performing mods/search on the second database (groupRoot).  Wondering if anyone else has exp

[389-users] Re: Performance Degradation with Split Database

...@mac.com Sent from my browser. On May 31, 2017, at 02:38 PM, Mark Reynolds wrote: On 05/31/2017 02:36 PM, Paul Whitney wrote: Still in migration mode from RHEL5/DS 8.2 to CentOS7/DS10 (389-ds-base 1.3.5.10-20). Our one instance is setup with two databases (userRoot and groupRoot

[389-users] Re: Performance Degradation with Split Database

...@mac.com Sent from my browser. On Jun 04, 2017, at 09:25 PM, William Brown wrote:On Fri, 2017-06-02 at 19:14 +, Paul Whitney wrote:Not sure to what type of deployment the tuning guide is written to,but I think in an enterprise environment the numbers are too low.Perhaps it is based on a small lab

[389-users] setup-ds-admin.pl -u Script

Just updated 389-ds-base to version 1.3.5.10-21.  When I run the SUBJ script, I get an error indicating that could not update the Admin Server with Error: Administrative limit exceeded. Any ideas how I can get around this? Thank you, Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my

[389-users] Re: setup-ds-admin.pl -u Script

correctly? Is it something else? Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. On Jun 28, 2017, at 12:48 PM, Mark Reynolds wrote: On 06/28/2017 12:40 PM, Paul Whitney wrote: Just updated 389-ds-base to version 1.3.5.10-21.  When I run the SUBJ script, I get an error

[389-users] Last update message time stamp

Hi guys, Is there a reason why the update time stamp defaults to Dec 31, 19:00 EST 1969 in the console?  Is there a way to preserve the last successful or failed timestamp?     Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. ___

[389-users] Re: Last update message time stamp

cessful replication time. Ditto for the Consumer Initialization Status, the time stamps get reset to "Wed Dec 31 1900 EST 1969" Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. On Aug 28, 2017, at 12:41 PM, Mark Reynolds wrote: On 08/28/2017 11:54 AM, Paul Whitney wrot

[389-users] Recovering a Hub

Hi, not sure what happened to our DS server, but I need to clone the userRoot and groupRoot database from a working server to this one bad one.  What is the preferred/recommended method for this: I tried simple reinit, that failed. I tried export/import from LDIF file and that failed. Will db2

[389-users] Re: Recovering a Hub

. Also check for the 389-ds-base versions on each node. M. On Thu, Oct 19, 2017 at 10:03 AM, Paul Whitney wrote: Hi, not sure what happened to our DS server, but I need to clone the userRoot and groupRoot database from a working server to this one bad one.  What is the preferred/recommended method

[389-users] Re: Recovering a Hub

the re-init and off-line import failed? Thanks, M. On Fri, Oct 20, 2017 at 11:11 AM, Paul Whitney wrote: I took your advice and looked up the versions of 389-ds-base. On the servers we are having problems with, they are running version 1.3.6.1-19 and the servers replicating to them are running an

[389-users] Last Successful Replication Time Stamp on Console

We are seeing an issue with our replication agreements on 389DS.  When we look at the Console, we used to be able to tell when was the last successful attempt to replicate and end of said replication.  Same thing for Initialization state. With the new 389DS (currently using version 1.3.5.10-21)

[389-users] Inadvertent Update Applied to Directory Server

We have a few new servers deployed with 389-ds-base version 1.3.5.10-21.  These servers were deployed in an environment where auto-patching happens and we forgot to disable that feature. Overnight the servers were updated to 389-ds-base version 1.3.6.1-19.  All of the upgraded servers are now

[389-users] Re: Inadvertent Update Applied to Directory Server

own wrote: > > On Wed, 2017-11-22 at 13:30 +0000, Paul Whitney wrote: >> We have a few new servers deployed with 389-ds-base version 1.3.5.10- >> 21. These servers were deployed in an environment where auto- >> patching happens and we forgot to disable that feature. >&g

[389-users] 389 DS Time Skew Error

Hi guys, I have been reading up on a fix for this and only found one set of procedures to repair this issue. (http://directory.fedoraproject.org/docs/389ds/howto/howto-fix-and-reset-time-skew.html).   Would removing/recreating the replication agreement resolve this issue instead of the steps i

[389-users] Re: Enabling TLS in Directory Server Using the Console

Hi Jeremy, I would look at the /var/log/dirsrv/admin-serv/error and /var/log/dirsrv/slapd-config/errors files to see what is preventing you from starting the services. Paul M. Whitney E-mail: paul.whit...@mac.com Sent from my browser. On Apr 17, 2018, at 10:28 PM, Jeremy Tourville wrote:

[389-users] LDBM recommended Setting

Hi guys, Am looking to improve performance in my 389 DS deployment. In reviewing the documentation, the recommended size for the LDBM cache is the sum of the backend database + 15% of the backend database. For me that comes out to almost 27GB. Seems high considering the database cache is set

[389-users] Using dbmon.sh

Hi, I am using the dbmon.sh program to see how my database cache is performing. I am puzzled with the results: dbcachefree: -1639628800 free% -10006900 hit% 90 Do the negative values reflect me needing to increase the LDBM cache? Paul M. Whitney __

[389-users] 389 DS Access Log

Is there a way to prevent LDAP filters from being truncated in the Access Log, even as a temporary measure? Thanks, Paul M. Whitney RHCSA, VCP, CISSP, Security+ Chesapeake IT Consulting, Inc. 2680 Tobacco Rd Chesapeake Beach, MD 20732 Work: 443-492-2872 Cell: 410.493.9448 Email: paul.whit..

[389-users] Problem with userRoot cache

We recently updated to 389-ds-base-1.3.8.4-18. I am not sure I can attribute this issue to this update since we are now just discovering it. But setting the nsslapd-cachememsize is reverting to a default value of 2GB. I have attempted to restore the value through the console and restarting th

[389-users] Re: Problem with userRoot cache

turn or destroy the original message to assure that it is not read, copied, or distributed by others. From: William Brown Sent: Tuesday, January 15, 2019 7:22:18 PM To: 389-users@lists.fedoraproject.org Cc: Paul Whitney Subject: Re: [389-users] Problem with userRo

[389-users] Re: Problem with userRoot cache

server project.; Paul Whitney; William Brown Subject: Re: [389-users] Re: Problem with userRoot cache Hey Paul, On 1/16/19 10:14 AM, Paul Whitney wrote: We were on version: 389-ds-base-1.3.7.5-24. What OS? The nsslapd-cache-autosize was set to 0. We apply our own values. To keep us afloat w

[389-users] Re: Problem with userRoot cache (last one)

list for the 389 Directory server project.; Paul Whitney; William Brown Subject: Re: [389-users] Re: Problem with userRoot cache (last one) On 1/16/19 12:05 PM, Mark Reynolds wrote: On 1/16/19 12:02 PM, Mark Reynolds wrote: Hi Paul, Okay I think I found the bug you are running into: https://bug

[389-users] Re: Problem with userRoot cache (last one)

e to assure that it is not read, copied, or distributed by others. From: Mark Reynolds Sent: Wednesday, January 16, 2019 1:03:04 PM To: General discussion list for the 389 Directory server project.; Paul Whitney; William Brown Subject: Re: [389-users] Re: Probl

[389-users] Re: MIssing schemas?

Look in /usr/share/dirsrv. I came across the same thing. Not sure if you need to copy what you need into /etc or if it is just sourced. Paul W. > On Apr 3, 2019, at 9:48 AM, Mark Reynolds wrote: > > Hi Deborah, > > Yes things changed since 1.2.x, the standard schema was moved to: > > /usr/

[389-users] Re: MIssing schemas?

Does an admin need to copy those back in or do all instances just use the common path for schemas? Paul W. > On Apr 3, 2019, at 9:48 AM, Mark Reynolds wrote: > > Hi Deborah, > > Yes things changed since 1.2.x, the standard schema was moved to: > > /usr/share/dirsrv/schema/ > > Only custom

[389-users] Re: Proper upgrade procedure using Redhat repo and yum

Your steps are correct. We run a production with multi-master replication with redundant sites. Using Ansible to perform updates (with too many servers to hit one at a time.) We do disable from load-balancer by site instead of just the one host. 1. remove server1 from the load balancer co

[389-users] Latest Version of 389-ds-base for CentOS 7

I was looking up the latest version of 389-ds and noticed that an update has not been released since March 2019. Has there not been anymore updates to this bundle? Paul M. Whitney, RHCSA, CISSP Chesapeake IT Consulting, Inc. 2680 Tobacco Rd Chesapeake Beach, MD 20732 Work: 443-492-2872 Cell:

[389-users] 389-DS Downgrade Breaks dirsrv.target

When attempting to downgrade 389-ds-base from version 1.3.8.4-23 to version 1.3.7.5-18 I discovered that the systemctl cannot start dirsrv.target. I am able to start the individual instances however. Any suggestions on how to resolve this? I am only downgrading: * 389-ds-base * 389-d

[389-users] Re: 389-DS Downgrade Breaks dirsrv.target

stroy the original message to assure that it is not read, copied, or distributed by others. From: William Brown Sent: Thursday, July 11, 2019 8:49 PM To: 389-users@lists.fedoraproject.org Subject: [389-users] Re: 389-DS Downgrade Breaks dirsrv.target >

[389-users] Recommended SLAPD cache sizes

Is there some formula or recommendation on determining what would be the optimal cache settings for a directory server (389-ds of course) with following sizes? I looked at the DS 10 Admin Guide online and am getting conflicting information. But the manual shows a table and suggests that the max

[389-users] Re: Recommended SLAPD cache sizes

k Reynolds Sent: Tuesday, July 16, 2019 9:30 AM To: General discussion list for the 389 Directory server project.; Paul Whitney Subject: Re: [389-users] Recommended SLAPD cache sizes Hi Paul, On 7/16/19 9:16 AM, Paul Whitney wrote: Is there some formula or recommendation on determining what would

[389-users] Re: LDAP Groups in sudoers file.

The one thing I would look at is your /etc/sssd/sssd.conf file. Assuming you are configured for LDAP, you could exclude the the local admin account in the [nss] section with the "filter_users" setting. Example: [nss] filter_users = root,nagios,local_admin_acct That should get SSSD to not look

[389-users] Re: Looking for installation documentation for CentOS 7

Take a look here. It is your best source for a consolidated set of documentation for CentOS 7 - 389 DS install. https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/ Paul M. Whitney paul.whit...@

[389-users] FIPS 140-2 and dirsrv-admin

Hi guys, I have SSL enabled both slapd instances and dirsrv-admin on FIPS enabled CentOS 7. The instances seem to start up no problem. However, the admin console (dirsrv-admin) is complaining the password credentials are not valid for the NSS FIPS 140-2 DB even through the exact same credenti

[389-users] Re: FIPS 140-2 and dirsrv-admin

ssue > lately where the dirsrv-admin used a different pin.txt to the > dirsrvinstances, but I'm not sure of the details. > > Are there fresh installs of ds? Or upgrades? > >> On 28 Aug 2019, at 05:51, Paul Whitney >> wrote: >> >> Hi guys, >>

[389-users] Re: FIPS 140-2 and dirsrv-admin

Ok, is there an action required from me? Paul On 8/29/19, 5:34 PM, "William Brown" wrote: This could be in "report an issue" territory I think in that case. Seems easy to reproduce. > On 30 Aug 2019, at 02:15, Paul Whitney wrote: > > H

[389-users] Re: FIPS 140-2 and dirsrv-admin

open the issue on your behalf, or if it's serious and you want it > looked at as a priority, you may want to consider raising a case with RH/SUSE > direct. > >> On 30 Aug 2019, at 09:32, Paul Whitney >> wrote: >> >> Ok, is there an action required from

[389-users] Re: FIPS 140-2 and dirsrv-admin

I'm sorry we simply don't have the resources to support deprecated products. In RHEL we stopped accepting bugs well over a year ago. We would accept contributions upstream, but that would be the extent of it. > >> Sorry, >> >> Mark

[389-users] Re: FIPS 140-2 and dirsrv-admin

. <389-users@lists.fedoraproject.org>; Paul Whitney Subject: Re: [389-users] Re: FIPS 140-2 and dirsrv-admin On 9/11/19 7:14 PM, Paul Whitney wrote: > Hi Mark, > > Does that mean there will no longer be a dirsrv-admin process running? In RHEL 8, CentOS 8, and SUSE 15 there will n

[389-users] slapd start up problem

Hello, We have discovered that one of out test LDAPS servers has been down for sometime and we are not seeing anything that indicate why. However, when we start the slapd-config instance up, it kicks off then dies with error "memory violation" sig=7. I tried to remedy by upgrading to the late

[389-users] Re: Weird bug in 389 DS : no spaces in admin console under CentOS 7

Hi Nicolas, I am having the exact same issue. However, I chose to ignore it. Despite not “seeing” the space, when you enter the information (assuming it is entered correctly with a space) the space is there. I get the thing when I try to login to the Console: CN=InstanceMaster although I am

[389-users] Issue Configuring admin-serv on CentOS 7

Hi, I am running into an issue where I am trying to set up a DS master on CentOS 7. When I run setup-ds-admin.pl, I am able to successfully create the slapd-config instance.  But the admin-serv fails to bind to the config.  The error is  like this "Sat Jan 02 21:32:12.629960 2016] [:warn] [p

[389-users] Re: Issue Configuring admin-serv on CentOS 7

FYI this is occurring in AWS. Paul Whitney email: paul.whit...@mac.com cell: 410.493.9448 Sent from my iPhone > On Sep 3, 2020, at 10:48, Paul Whitney wrote: > >  > Hi, > I am running into an issue where I am trying to set up a DS master on CentOS > 7. > > When I

[389-users] Re: Issue Configuring admin-serv on CentOS 7

admin serv trying to connect via LDAPS/LDAP+StartTLS or is it trying to use LDAPI? That's probably the first thing that will hint where we need to look, Thanks, On 4 Sep 2020, at 00:49, Paul Whitney wrote: Hi, I am running into an issue where I am trying to set up a DS master on CentOS

[389-users] 389 DS on CentOS 8

Hi guys, I am just now looking into our 389-ds migration strategy from CentOS 7 to 8. I successfully created my first master 389 instance on 8. It took some getting used to doing it on the cockpit plugin. But what I am missing is how do I merge a view where I can manage all of my DS from one

[389-users] Re: 389 DS on CentOS 8

o you mean? A place that can view > all your instances at once? Or do you mean to manage the data in the > directory? > > Thanks, > >> On 30 Sep 2020, at 07:51, Paul Whitney wrote: >> >> Hi guys, >> >> I am just now looking into our 389-ds migra

[389-users] Re: Limits for Multi Master Replication?

Hi Eugen, I think that is what was tested by Red Hat and not necessarily a hard limit. Regards, Paul M. Whitney paul.whit...@mac.com Sent from my Mac Book Pro > On Sep 30, 2020, at 9:56 AM, Eugen Lamers > wrote: > > Hi, > We use the 389 Directory Server version 1.4.2.15. > In the documen

[389-users] Re: 389 DS on CentOS 8

on CentOS 8 Sadly I don't think that's possible given the architecture of cockpit :( There may be something in the CLI under dsconf instance replication but I'm not too familar with that branch of options. Sorry about that :( :( > On 30 Sep 2020, at 21:17, Paul Whitney wrote:

[389-users] Log4j patch/update for 1.3.x

Will there be a patch release for 1.3.x to address these Log4j vulnerabilities? Paul M. Whitney, RHCSA, CISSP Chesapeake IT Consulting, Inc. 2680 Tobacco Rd Chesapeake Beach, MD 20732 Work: 443-492-2872 Cell: 410.493.9448 Email: paul.whit...@chesapeake-it.com

[389-users] Importing Indexes via LDIF

Greetings, been a while. I am looking to migrate to RHEL 9 and 389-DS. In lab stood up a "supplier" and a "consumer". I have index files for userRoot and groupRoot. However, indexes appeared to be stored in dse.ldif. Is there a way using the dsconf command to import an ldif of indexes? Th

[389-users] Re: Importing Indexes via LDIF

ssion list for the 389 Directory server project. <389-users@lists.fedoraproject.org> Subject: [389-users] Re: Importing Indexes via LDIF Hi Paul, Not using dsconf. But you could easily do it with ldapsearch and ldapadd Regards Pierre On Fri, Feb 3, 2023 at 3:34 PM Paul Whitney mailto:pa

[389-users] 389-DS Cockpit

Is it possible to manage more than one 389-ds HOST through the Cockpit if I import the host descriptions into the slapd-config instance? In older version with the Java Console, there was a way to merger all of the LDAPS instances into a single view, and could manage them from a single console.