Re: Users Guide ACI question

Le 07/11/16 à 20:14, Strong, Emily a écrit : > Hi, > > In the Java API Users Guide, > the ACI and ACLs section says that it is coming soon but it has said that for > a while now. Is there a draft version available somewhere? No, sorry for that. O

Re: Users Guide ACI question

Le 08/11/16 à 15:59, Strong, Emily a écrit : > This is hopefully a basic question - how do you read the list of ACIs from an > OU? > In our groovy scripts for managing users we follow the pattern: > > ldap = LDAP.newInstance(,,) > > ldap.eachEntry(,, SearchScope.ONE) { } > > > Is there an equi

Re: Users Guide ACI question

Le 08/11/16 à 17:53, Strong, Emily a écrit : > We are trying to develop auditing scripts for our ACIs. So we want to get a > list of all the ACIs of an OU, similar to what is returned by: > > > $ ldapsearch -h host -p port -D cn=admin,cn=Administrators,cn=config -w > password -b entryDN -s base

Re: Issue creating Partitions on Apache DS (Standalone)

Le 22/11/16 à 11:49, Prashant Pasricha a écrit : > Dear Team, > > Hope you are doing well. > > We are using Apache Directory Studio (Standalone mode) for one of our > projects and the project has been working fine. > > We have a new requirement where we need to make Apache DS Tenant aware, > i.e.

Re: LDAP API - equivalent of Base DN?

Le 13/12/16 à 13:06, Greg Thomas a écrit : > I'm looking to use the LDAP API in preference to JDNI. > > One thing I'm struggling to find the equivalent of a base DN for the whole > connection. > > With JNDI, I can supply a connection string similar to ... > > ldap://my-host:389/*OU=sub-domain,OU=

Re: LDAP Connection Pooling

Le 13/12/16 à 10:09, Greg Thomas a écrit : > PS. I'd be happy to submit a pull request if it would help; if you let me > know some of the answers to the queries I raised I can sort something out, I'll come back to you with answers tonite... -- Emmanuel Lecharny Symas.com directory.apache.org

Re: Mapping hierarchical models

Le 13/12/16 à 18:26, Greg Thomas a écrit : > Firstly, apologies for all the recent questions. I recently started looking > at our LDAP code, and would like to migrate away from JNDI, The Apache LDAP > API seems like the way to go, but I'm having fun with the API. > > Secondly, can I say congratul

Re: [ApacheDS] Replication and Fault Tolerance with ApacheDS ldap servers

Kiran, can you have a look at the config ? Michael, you will need a way to detect that a server is down. Most of the time, this is done by a health-check in a load-balancer. The server itself will not be able to detect when it dies... Le 20/12/16 à 23:20, Pittman, Michael a écrit : > Hi, > > I

Re: How to add Users and Groups - the right way

Le 23/12/16 à 16:39, Gideon Ravenor a écrit : > I created a new partition, and copied Users and Groups from System into it, > the entire tree beneath those elements. > > > > I added a user (hboggart) by adding an inetOrgPerson entry to ou=users as > follows. > > > > cn=Henry+sn=Bogart+givenN

Re: How to configure pwdPolicySubentry

Hi, can you past the entry you are injecting ? You may be missing a needed ObjectClass beside the 'pwdPolicy', which is Auxiliary. A Structural ObjectClass is needed, 'subentry' in this case. Le 04/01/2017 à 08:07, Ike Ikonne a écrit : > Hi all, > > I am trying to configure a per user pwdPolicy

Re: How to configure pwdPolicySubentry

t; com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:279) > at > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:267) > at > javax.naming.directory.InitialDirContext.createSubcontext(InitialDirCo

Re: How to configure pwdPolicySubentry

Le 05/01/2017 à 02:57, Ike Ikonne a écrit : > Hi Emmanuel, > > Yes, in fact, the sshPublicKey is an attribute of ldapPublicKey. That was not my qestion. What is the schema you are importing that contains the ldapPublicKey ObjectClass and sshPublicKey attributeType ? Is that : # # LDAP Public Ke

Re: ACI Help

Hi ! comments inline... Le 05/01/2017 à 00:10, Lamar Hansford a écrit : > Hello, > I am having troubles with ACI. IN all cases the default admin account works. This is intended. > > I have created the following structure: > > * dc=domain,dc=dc (default using ApacheDS Studio) > -- * ou=users >

Re: ACI Help

Le 06/01/2017 à 06:38, Lamar Hansford a écrit : > Ok, > > I understand mostly what is going on now. protectedItems is an unfortunate > name as this field actually indicates the view-able items. All items seem to > be protected by default. Blame X.500 for the naming convention :-) OTOH, it's

Re: Failed to setup kerberos with Apache DS

Le 17/01/2017 à 10:19, Yu Wei a écrit : > I used openjdk-1.8.0 and installed jce. > > [dcos@mesos-ds security]$ pwd > /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.111-2.b15.el7_3.x86_64/jre/lib/security > [dcos@mesos-ds security]$ ls -al > total 64 > drwxr-xr-x. 2 root root 4096 1月 17 17:00 . > drwxr-

Re: user modification/deletion of operational attributes

Le 17/01/2017 à 15:36, Mike Davis a écrit : > I have set up a special user that has rights to modify details of another > user. This prevents the need for our applications to log in as the admin > user, while still allowing password resets and such. > > > > I'd like to give that user rights to

Re: Apache Directory Studio with Kerberos login

Le 25/01/2017 à 01:13, Lamar Hansford a écrit : > Ok, found this is related to the Server SASL settings in Studio. Is this > expected behavior? Isn't SASL an independent protocol? Two things : - first, the NPE is clarely a bug. We should have detected that the entry was missing, instead of

Re: Apache Directory Studio with Kerberos login

Le 25/01/2017 à 01:20, Lamar Hansford a écrit : > Will do thanks! > > Will work through the rest. Thanks A LOT for the JIRA ticket ! -- Emmanuel Lecharny Symas.com directory.apache.org

Re: [LDAP API 1.0.0-RC2] server side sorting control with DSMLv2

Le 27/01/2017 à 14:09, Kiran Ayyagari a écrit : > On Fri, Jan 27, 2017 at 5:46 PM, claud...@gmail.com > wrote: > >> Hi, >> >> I have an application running in an OSGi container that uses the LDAP API >> and DSML parser and I would like to use the server side sorting control. >> >> When I send th

Re: [LDAP API 1.0.0-RC2] server side sorting control with DSMLv2

I have committed a fix for this problem. Yu might want to rebuild the API and test it. Le 27/01/2017 à 13:16, claud...@gmail.com a écrit : > Hi, > > I have an application running in an OSGi container that uses the LDAP > API and DSML parser and I would like to use the server side sorting > contro

Re: [LDAP API 1.0.0-RC2] server side sorting control with DSMLv2

Le 27/01/2017 à 19:13, claud...@gmail.com a écrit : > Thanks for the fix. > > As I wrote initially I had already tried with registering the two > factories and got a ClassCastException. > I tried now with RC3 but as suspected I still get the same > ClassCastException: > > java.lang.ClassCastExcep

Re: [LDAP API 1.0.0-RC2] server side sorting control with DSMLv2

va:82) > at > org.apache.mina.filter.codec.ProtocolCodecFilter.filterWrite(ProtocolCodecFilter.java:299) > > I have the feeling that some link between DSML and codec is missing > for the (sort) control... > > On 27/01/17 15:38, Emmanuel Lécharny wrote: >> I have committ

Re: starting apacheDS embedded instance with SSL support

Le 27/01/2017 à 23:06, Sathyanarayan, Harish a écrit : > Hi, > > I am running an embedded ApacheDS instance with SSL using the below code but > am getting SSL handshake error, what am I missing? Pls advice.. thanks What is the handshake error you get ? have you tried runing the server using th

Re: [LDAP API 1.0.0-RC2] server side sorting control with DSMLv2

Le 30/01/2017 à 11:37, claud...@gmail.com a écrit : > We don't directly send DSML, we have a custom version of Dsmlv2Engine > that uses org.apache.directory.api.dsmlv2.Dsmlv2Parser. The issue only > occurs if we provide the sort control, the code we have is working > otherwise. Yeah, sorry for h

Re: [LDAP API 1.0.0-RC2] server side sorting control with DSMLv2

a small test to reproduce the issue. > > On 28/01/17 09:32, Emmanuel Lécharny wrote: >> >> Le 27/01/2017 à 19:13, claud...@gmail.com a écrit : >>> Thanks for the fix. >>> >>> As I wrote initially I had already tried with registering the two >>> fa

Re: Full list of supported protocols

Le 01/02/2017 à 17:15, Laurence Blake a écrit : > Hi there, > > We are interested in trying out Apache Directory Studio. Would you be able to > advise a full list of supported protocols by Apache Directory? I guess you mean Apache Director *server*. Currently, it supports LDAP and Kerberos. The

Re: [LDAP API 1.0.0-RC2] server side sorting control with DSMLv2

Le 30/01/2017 à 20:39, claud...@gmail.com a écrit : > Thx for the patch. (Btw is that an svn patch? Indeed... We probably wil migrate to Git after 2.0. > I was unable to apply it using "git apply" and using "patch -p0" I had > rejects for every file so I had to make most changes manually...) >

Re: ApacheDS 2.0.0-M23 non-gui adding a partition

Le 02/02/2017 à 10:04, Brian Burch a écrit : > I have a stable 1.5.4 production directory and felt it was time to > upgrade to 2.0.0. All of my 1.5.4 customisation is done with shell > scripts and ldif files, which I track through source management. > > I was dismayed when the server upgrade from

Re: ApacheDS 2.0.0-M23 non-gui adding a partition

Le 02/02/2017 à 15:44, Louis-Gabriel Thibault a écrit : > Hello Brian, > > On Thu, Feb 2, 2017 at 4:04 AM, Brian Burch wrote: > >> As I was using a development server, I decided to purge M23 and start >> again. Before I started the new server for the first time, I edited >> config.ldif and chang

Re: ApacheDS 2.0.0-M23 non-gui adding a partition

Le 02/02/2017 à 16:17, Louis-Gabriel Thibault a écrit : > Hello Emmanuel, > > On Thu, Feb 2, 2017 at 10:08 AM, Emmanuel Lécharny > wrote: > >> That is going to be fixed (don't have a date yet). And I wonder why a >> SIGKILL is sent instead of a SIGTERM... >

Re: Exploring triggers

Le 02/02/2017 à 17:04, Sathyanarayan, Harish a écrit : > Hi, > > Triggers in ApacheDS seems to be a fascinating topic from an LDAP server > pointof view, though I do not find any specific examples or usages around > that. Please suggest anything that would be worth looking at that is out > th

Re: Exploring triggers

Le 03/02/2017 à 09:14, Jim Willeke a écrit : > BTW: eDirectory has had LDAP Event Services which allows a client or a > server process to register for events and take an action. > > https://www.novell.com/documentation/developer/ldapover/ldap_enu/data/ag7bleo.html It's a slightly different syste

Re: ApacheDS 2.0.0-M23 non-gui adding a partition

Le 03/02/2017 à 14:58, Louis-Gabriel Thibault a écrit : > Hello Brian, > > On Thu, Feb 2, 2017 at 9:16 PM, Brian Burch wrote: > >> Just to be clear, did you mean you did not find a way to create a >> partition /after/ config.ldif has been "migrated"? > > I must admit I did not look very hard onc

Re: ApacheDS 2.0.0-M23 non-gui adding a partition

le, encoded in base64. So newlines and spaces are significant. Funny enough, if there is some secial chars in your entry, then they should be base64 encoded *before* the entry can be base64 encoded itself. For instance : dn: cn=lécharny,dc=com ObjectClass: person cn: lécharny sn: Emmanuel Léchar

Re: Failed to setup kerberos with ApacheDS [Client not found in Kerberos database]

Le 06/02/2017 à 08:45, Yu Wei a écrit : > Hi Guys, > > I tried to setup kerberos with ApacheDS Studio by following the instruction > https://directory.apache.org/apacheds/kerberos-ug/4.2-authenticate-studio.html. > > I got below errors indicating "Client not found in Kerberos database", This er

Re: Is it possible to use separate kerberos server with ApacheDS ldap server?

Le 07/02/2017 à 08:20, Yu Wei a écrit : > Hi, > > > I setup MIT kerberos server and verified that it worked well. > > Could I use my MIT kerberos server with apacheds ldap server? Why not ? People routinely use OpenLDAP in parallel of a MIT kerberos server. ApacheDS is *just* a plain LDAP server

Re: Exploring triggers

Le 07/02/2017 à 10:56, s_humbi a écrit : > I was playing around a little bit with triggers and stored procedures. > > For me (as beginner) almost everything worked fine, except this big problem > (don't know if it is a bug or if i did something wrong): > If you restart the server, the attribute

Re: AW: Exploring triggers

Le 07/02/2017 à 23:34, Humbi a écrit : > Hm. Sorry, I don't have a working trigger that actually alters things on the > LDAP server. What do you want to alter? Entries (with Apache DS LDAP API od > JNDI) ? The version that *was* working years ago was based on JNDI. We have switched to LDAP A

Re: Transferring an entire directory from one server to another

Le 09/02/2017 à 01:49, Steve Sobol - Lobos Studios a écrit : > Good afternoon > > I'm using Studio (on Windows 10) to create a directory tree and do some > local testing of a Java app I'm writing. I'm eventually going to want to > copy the tree over to an ApacheDS server which will run on Ubuntu

Re: Embedded ApacheDS

Le 09/02/2017 à 16:18, Cyril FILLON a écrit : > Hi all, > > > I am trying to setup an embedded ApacheDS 2.0.0-M23 server from my java code, > snippet is given below. > > I tried to create a new partition, but unfortunately it fails miserably since > I cannot see this partition from ApacheDS Stu

Re: Upgrading ApacheDS

Le 20/02/2017 à 16:20, Mike Davis a écrit : > We're currently running apacheds-2.0.0-M20 and would like to upgrade to > apacheds-2.0.0-M23. I'm not finding any specifics on an upgrade versus a > clean installation. Is there an upgrade process, or do we install the new > version and migrate data f

Re: Disabling SSLv3 Issues

Hi, what version are you using ? What Java version are you using ? Do you have any log on the server ? Le 21/02/2017 à 21:54, Lemp, Dustin a écrit : > Hey all, > I have a question and hope that someone here can help me out. I'm trying to > disable sslv3 on my openldap server. I'm adding "olcTLS

Re: Multiple ObjectClasses and attributes

Sure you can. Just select the import from OpenLDAP format, and pick the file containing your definitions. Note that the syntex is slightly different : each At and OC has to be prefixed by 'attributeType' and 'ObjectClass', like in : attributetype ( 1.2.826.0.1268.1.0.1 NAME 'TESTSCHEMAVERSION20'

Re: Register as listener for LDAP changes

Hi, Le 27/02/2017 à 13:23, Martin Hastrup Krogh a écrit : > Hi, > > I'm currently implementing a module for our system to connect to a LDAP > server and retrieve information about the currently logged on user. > As a part of the requirements, our system should act if data on the LDAP > server c

Apache Directory blogs available

Hi ! I'm glad to announce that we now have a dedicated Directory blog : https://blogs.apache.org/directory There are currently two blog posts on it : Apache Mavibot history : https://blogs.apache.org/directory/date/20170217 Let's meet B-trees : https://blogs.apache.org/directory/date/2017022

MIA for a bit...

Hi ! just for you to know, I may be MIA for a while, or at least way less responsive : My wife just gave birth to our wonderful daughter today, and I'm afraid it's going to be our priority number one in the next few weeks :-) Thanks ! -- Emmanuel Lecharny Symas.com directory.apache.org

Re: question on embedded apacheds with docker

Le 15/03/2017 à 19:29, Sathyanarayan, Harish a écrit : > Hello > > Am exploring the use of ApacheDS as an embedded service running in Docker > containers. I am using M23 Version and deploying the deployed instance (JAR > file) and running it in Docker. I am not able to Bind to port 10389 with u

Re: The length of controls must not be null

Hi Maxim, sorry, but the dump does not make a lot of sense. All that I can tell is that the end of this dump looks like some SearchResultEntry : 30 2B 04 0E msTSManagingLS 31 19 04 17 00455-001-9680336-84768 30 1E 04 12 msTSLicenseVersion 31 08 04 06 33 39 33

Re: The length of controls must not be null

Samba > > On Sat, Mar 25, 2017 at 12:18 AM, Maxim Solodovnik > wrote: >> Thanks for the quick answer >> I'll ask issue reported to capture request/response with whireshark and >> share it >> >> >> On Sat, Mar 25, 2017 at 12:14 AM, Emmanuel Lécharn

Re: The length of controls must not be null

Le 03/04/2017 à 14:22, Maxim Solodovnik a écrit : > Yes, > Search for the user from OM (via directory API) fails with > "DecoderException: The length of controls must not be null" > (The full stack trace is in the first message of this thread) Sorry that it took me so understand what was going

Re: Wiki source code location

Le 08/04/2017 à 06:45, Brian Burch a écrit : > Hi, > > I haven't subscribed to the developers mailing list, so I hope this > question is appropriate on the users list. > > I have received helpful answers to two questions recently and intended > to update the apacheds wiki so that it includes the

Re: [ApacheDS] SSSD Integration with ApacheDS

Le 11/04/2017 à 05:06, Kashif Khan a écrit : > Hi team, Hi, I'm pretty sure SSSD should work pristine with ApacheDS, as soon as it' properly configured. However, as much as such a project is doing good to linux based system, compared to the ain it is to configure pam ldap and other nscd, I'm a

Re: [Studio] Subsequent input of connection password

Le 04/05/2017 à 09:59, Stefan Düring a écrit : > I'm using Apache Directory Studio Version: 2.0.0.v20161101-M12 in > Ubuntu 16.04 LTS. > I changed language to german. > > I save connection password in a keystore with master password. > In a connection I select "Simple authentication" and "Save pa

Re: [Studio] Subsequent input of connection password

Le 04/05/2017 à 14:45, Black, Douglas a écrit : > I have the same issue, and it only started happening when I switched to the > latest release of Apache Directory Studio. When I was on version > 2.0.0.v20150606-M9, I was able to enter the master password once and it never > asked for addition

Re: [Studio] Subsequent input of connection password

Le 04/05/2017 à 16:20, Black, Douglas a écrit : > I use Directory Studio to authenticate to an eDirectory (v8.8) tree and an > Active Directory (2008R2) domain forest. > > 1. I create a new LDAP connection, providing my user name and password. I > check the 'save password' box. > 2. Under

Re: [Studio] Subsequent input of connection password

Le 04/05/2017 à 16:20, Black, Douglas a écrit : > I use Directory Studio to authenticate to an eDirectory (v8.8) tree and an > Active Directory (2008R2) domain forest. > > 1. I create a new LDAP connection, providing my user name and password. I > check the 'save password' box. > 2. Under

Re: [Studio] Subsequent input of connection password

Le 04/05/2017 à 16:20, Black, Douglas a écrit : > I use Directory Studio to authenticate to an eDirectory (v8.8) tree and an > Active Directory (2008R2) domain forest. > > 1. I create a new LDAP connection, providing my user name and password. I > check the 'save password' box. > 2. Under

Re: Database Repair issues (M20 and M23)

Hi Ezra, there were some bug in the command line which has been fixed in trunk. We don't have nightly build for ApacheDS, but you can easily build the project : k-just run 'mvn clean install' at the root of checked out soure (svn co http://svn.apache.org/repos/asf/directory/apacheds/trunk), then m

Re: Database Repair issues (M20 and M23)

18, 2017 at 11:12 AM, Ezsra McDonald >> wrote: >>> Emmanuel,Thank you for your response, >>> >>> It cannot find a dependency `Could not resolve dependencies for project >>> org.apache.directory.server:apacheds-interceptors-admin:bund >>> le

Re: [ApacheDS] Problem storing directory info in new partition

I'm afraid you have to stop the server ad start it back just after having added the partition : it's not added dynamically to the server when you inject the partition config. As soon as the server is started, you'll see the partition. Le 13/07/2017 à 00:04, David Ing a écrit : > Please help. I

Re: cascading deletes question

Le 13/07/2017 à 17:57, Sathyanarayan, Harish a écrit : > Hi All: > > Am looking to perform cascading deletes(delete the entire tree). Is there a > specific control/OID that needs to be used for this. 1.3.6.1.4.1.18060.0.0.1 > I did not see a deleteTree() method in the newer client API jar tha

Re: [ApacheDS] Cannot establish TLS connection between spring-ldap client and apacheds

Le 26/07/2017 à 18:57, John Lee a écrit : > Thanks for your support guys. > > I was able to connect via LDAPS connection with Studio which presumably > uses the Apache LDAP API? Yes. > Under : DN: > ads-transportid=ldaps,ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=def

Re: ApacheDS as pgp-keyserver

Thanks to avoid cross-posting... Le 27/07/2017 à 11:54, frans van laarhoven a écrit : > Hello, > > > is anything known of how to configure ApacheDS as a pgp key server. Well, the best you can do is to look at how you should configure a LDAP server to be a valid keyserver for teh enigmail module

Re: How to change font & icon size of the UI?

Le 31/07/2017 à 10:09, Lothar Haeger a écrit : > Stefan Seelmann wrote: > >> In Studio itself there aren't any settings available to change the font size. > I beg to differ. It might be unintended, but if you open "LDIF Editor" prefs, > there's link to "Text Editor" prefs at the top of the page.

Re: How to change font & icon size of the UI?

Le 31/07/2017 à 11:33, Lothar Haeger a écrit : > Emmanuel Lécharny wrote: > >> AFAICT, it's just related to teh LDIF editor, which extends the eclipse >> TextEditor class. In other words, the preferences you are talking about >> are for this specific control, but d

Re: SASL PlAIN not possible?

Hi, Le 02/08/2017 à 12:39, Claus-Justus Heine a écrit : > Hi, > > it seems that the LDAP browser cannot authenticate with SASL/Plain? Of > course, I > could use simple authentication and specify the dn, using SASL/PLAIN (over > SSL, > of course) has the slight advantage that I could just specif

Re: SASL PlAIN not possible?

Hi, So it may even be faster to implement. We need to add the constant in the method enum, then implement the bind in teh DirectoryApiConnectionWrapper.doBind method, and add a new input box in the Authentication tab for authcid. Nothing really difficult. Le 02/08/2017 à 12:39, Claus-Justus Hei

Re: SASL PlAIN not possible?

Le 03/08/2017 à 15:56, Claus-Justus Heine a écrit : > Hi, > > thank you for your answer and for looking into it. I would rather not start to > dig in to the Studio source code even though theoretically I would have the > programming skills for doing so. If it happens to be implement anyway for so

Re: [ApacheDS] Password Policy not being enforced

Many thanks Mike for having replied to this question, it totally slipped under my view :/ And yes, I conform that the admin user will bypass any passwordPolicy controls, simply because this is the only user able to rectify a bad passwordPolicy configuration (well, there are workarounds, but not o

Re: [ApacheDS | LDAP API] changing expired passwords

word > ads-pwdMaxFailure: 5 > ads-pwdLockout: TRUE > ads-pwdMustChange: FALSE > ads-pwdLockoutDuration: 0 // lock indefinitely. > ads-pwdMinLength: 6 > ads-pwdInHistory: 5 > ads-pwdExpireWarning: 345600 // 4 days > ads-pwdMinAge: 0 > ads-pwdAllowUserChange: TRUE >

Re: suggested amendment to documentation

Hi, I have added a warning at the beginning of this page, just let me know if you think that would be enough, and I'll push the page to the public : http://directory.staging.apache.org/apacheds/advanced-ug/4.2.7.1-enable-authenticated-users-to-browse-and-read-entries.html Thanks ! Le 12/08/

Re: Need help on LDAP API - Active Directory

Le 16/08/2017 à 11:53, rohit shekhar a écrit : > Hi, > Could you please provide some link/information on how we can communicate > to Active Directory using LDAP API. Active Directory, up to a point, is a compliant LDAP server (I mean you are unlikely to see any difference with any other LDAP s

Re: [ApacheDS] ACI / FilterMatch not being considered

Yes, this is a known issue (and quite an old one...) : https://issues.apache.org/jira/browse/DIRSERVER-955 Le 17/08/2017 à 11:29, Sebastian Roland a écrit : > Hi, > > I am about to setup an ACI that allows anonymous users only to filter for the > mail attribute (with any value) > and retrieve th

Re: Need help in Apache DS

First thing : DON'T CROSS POST !!! It's a user problem, not a dev problem. Le 24/08/2017 à 00:23, kedar sirshikar a écrit : > Hi Teams, > I am working to run 1 python script explained at > https://github.com/whitlockjc/sync-ldap-groups-to-svn-authz >

Re: How to use LDAP command line

Le 08/09/2017 à 10:40, Cokue a écrit : > Hello! I have a quesetion when reading user guide, can you give me some > suggestions? Thanks a lot! The question is that， I can not find > ldapadd/ldapmodify... command line in my linux system, and I did not find > which tools should be installed i

Re: [ANNOUNCE] Apache Directory Studio 2.0-0-M13 released

Le 10/09/2017 à 23:15, Lothar Haeger a écrit : > Stefan Seelmann wrote: > >> * [DIRSTUDIO-1140] - Apple Sierra shows corrupted app when launching Studio > Seems like this one has not been fixed completely: I got the described error > after copying M13 over the previous version on MacOS Sierra. De

Re: Issue with password keystore in M13

Hi Doug, I suggest you fill a JIRA with your findings. IMO, this is a bug. In any case, thanks for your report ! Le 14/09/2017 à 19:16, Black, Douglas a écrit : > Hello, > > I upgraded from M12 to M13 yesterday on a Windows 8.1 system, and > DIRSTUDIO-1130 ("password from keystore not used")

Re: DefaultAttribute NPE

Yes, this is not very user friendly. You should not define an AttributeType if you don't define teh associated syntax - and we should check that teh attributeType is valid in the DefaultAttribute constructor -. do something like : Attribute attribute = new DefaultAttribute( "mail", "t...@test

Re: DefaultAttribute NPE

Le 05/10/2017 à 17:19, Matthew Broadhead a écrit : > thanks Emmanuel that worked fine.  if the error was down to me > misusing the API then there is no need to fill a JIRA? I do think that providing a feedback other than a NPE is better. To me, it's a kind of a improvement we should bring to the

Re: How do I change the default admin private/public key through ApacheDS Studio

Hi, Le 07/10/2017 à 07:08, Ike Ikonne a écrit : > Hi all, > > I have been trying to generate and install a new private/public key > for Apache DS listening on port 636. I generated a private key > in PKCS8 format and with associated public key signed by the CA, but it > appears > that the way th

Re: How do I change the default admin private/public key through ApacheDS Studio

ware Foundation - All right reserved. > Visit http://directory.apache.org/studio > > This product is licensed under the terms of the Apache License 2.0. > > Some icons from FAMFAMFAM http://www.famfamfam.com/lab/icons/silk > > > > > From: Emmanuel Lécharny > T

Re: apache DS + thunderbird : issue with TLS, while clear is functional

Le 03/11/2017 à 21:22, Lohr, Donald a écrit : > Can you packet capture from one end or the other and verify that the > secure handshake is successful or failing when you have TLS enabled? Anoher thing to do is to start ApacheDS with -Djavax.net.debug=all (beware  this is going to be verbose). I

Re: apache DS + thunderbird : issue with TLS, while clear is functional

Le 03/11/2017 à 23:50, Serge Pouliquen a écrit : > Hi, > > > Can you packet capture from one end or the other and verify that the > secure handshake is successful or failing when you have TLS enabled? > > I'm not sure to well understand the request, but I will try to answer. > > from one end or t

Re: apache DS + thunderbird : issue with TLS, while clear is functional

Le 04/11/2017 à 19:57, Jason a écrit : > If you are using the auto generated self signed certificates try a version > 1.7 jvm or generate your own certs. I think the DS selfsigned certs are not > created correctly in a 1.8 Jvm due to changes in supported crypto > algorithms. You can change the s

Re: apache DS + thunderbird : issue with TLS, while clear is functional

Le 06/11/2017 à 19:19, Serge Pouliquen a écrit : > Hi, > > I reply on my own message. > > I made additionnal tests. > I generated a new certificate to server called 'testldap' and place an > exception in thunderbird in order to have it valid in thuderbird. > > steps to reproduce : start computer,

Re: apache DS + thunderbird : issue with TLS, while clear is functional

Le 07/11/2017 à 09:55, Lothar Haeger a écrit : > Serge Pouliquen wrote: > >> Using thunderbird to connect localhost service > Why use TLS in the first place if nothing ever goes over the wire? Is there > anything running on your workstation you do not trust so you need to > specifically protect y

Re: install on macos

Mac OS version ? Java version ? ApacheDS version ? What failure do you get ? Le 08/11/2017 à 14:43, Meissa Sakho a écrit : > Hi everyone, > I'm trying to install ApacheDS on macOS but it fails. > I've used the procedure described here: > http://directory.apache.org/apacheds/download/download-maco

Re: install on macos

alled */     private static final String USR_BIN = "usr/bin"; ... ) Le 08/11/2017 à 16:22, Meissa Sakho a écrit : > MacOS Sierra. ApacheDS 2.0 java 8. > The same issue described below: > https://issues.apache.org/jira/browse/DIRSERVER-2154 > > > > 2017-11-08 15:05 GMT+0

Re: ApacheDS Configuration : Bind Error Messages

Le 09/11/2017 à 03:40, Sunil Kalahasti a écrit : > Hello every one, > > > I am trying to provide user friendly authentication error messages. > > > It seems like for all authentication issues, ApacheDS throws common error > code with 49, Invalid Credentials. > > > Could anyone please let me know

Re: Schedule backups WS2012

Le 13/11/2017 à 13:46, Vicente Montaño Mena a écrit : > Hi! > > I'm interesting in How to schedule LDAP backup's if my Apache Directory > Studio and LDAP is runnig in Windows Server 2012 On Linux, I would say 'use cron', there must be the same tool (something like https://technet.microsoft.com/e

Re: install on macos

Le 13/11/2017 à 11:49, Meissa Sakho a écrit : > Emmanuel, > Do we have a date for the next release with this feature (fix)? No. There is a workaround, though. As soon as we have completed the SVN -S Git migratio (on going work), I will apply teh patch and test it, then there will be an availabl

Re: Users guide feedback

Le 06/12/2017 à 01:46, Krzysztof Szymko a écrit : > Hi, > > I've been reading the guide (http://directory.apache.org/api/user-guide.html) > and I've found the following errors: > > 1) 2.5 - Deleting entries >     Simple entry deletion (listing for testDeleteLeafNode()) >     DeleteResponse res

Re: [ApacheDS] How to clear cached authentication on change of custom attribute

Le 06/12/2017 à 14:16, Isenhour, Justin a écrit : > We have a use case where we need to have a custom status attribute for user > identities. We also have created a custom authentication interceptor that > will check the status attribute on bind, depending on the status we will > throw a Ldap

Re: [Ext] Re: [ApacheDS] How to clear cached authentication on change of custom attribute

Le 06/12/2017 à 16:53, Isenhour, Justin a écrit : > My desire was to keep all standard features of the default authenticator, > allow it to run first to perform the standard validations then run my custom > validation after. To do this I created my custom authentication interceptor > which ex

Re: [Ext] Re: [ApacheDS] How to clear cached authentication on change of custom attribute

Le 07/12/2017 à 22:34, Isenhour, Justin a écrit : > A couple of things I have noticed. I am not able to access the > authenticator, my custom interceptor extends AuthenticationInterceptor which > has a collection of authenticators but that collection is private. The other > thing I have noti

Re: [Ext] Re: [ApacheDS] How to clear cached authentication on change of custom attribute

core.api.interceptor.context.FilteringOperationContext] > - Requested attribute pwdLastSet does not exist in the schema, it will be > ignored > > > Thanks, > Justin Isenhour | Lead Developer, Systems and Technology Group | Compass > Group USA |  2400 Yorkmont Road |

Re: [Ext] Re: [ApacheDS] How to clear cached authentication on change of custom attribute

or uid=admin,ou=system >> INFO | jvm 1| 2017/12/10 08:56:47 | [08:56:47] INFO >> [com.cga.aaims.ldap.apacheds.interceptor.AAIMSAuthenticationIntercepto >> r] - Executing parent level bind events first >> INFO | jvm 1| 2017/12/10 08:56:47 | [08:56:47] INFO >&g

Re: [Ext] Re: [ApacheDS] How to clear cached authentication on change of custom attribute

ps://www.dropbox.com/sh/74r8m4yog5zti6i/AACZM3iOfVXAwtReBPYtdjeia?dl=0 > > Justin Isenhour | Lead Developer, Systems and Technology Group | Compass > Group USA |  2400 Yorkmont Road | Charlotte, NC 28217 | 704.328.5804 |  > justin.isenh...@compass-usa.com > > > > > -

Re: [Ext] Re: [ApacheDS] How to clear cached authentication on change of custom attribute

Le 20/12/2017 à 15:36, Isenhour, Justin a écrit : > Emmanuel, > > I can now confirm that this issue was related to the SSO engine that is > expected to make the bind calls to validate credentials and the caching was > taking place there. The root of the issue there is related to how Spring >

Re: ldap api

Sorry, but what you ask does not make a lot of sense... Unless you provide more accurate information, you are going to deal with your 'emergency' - which is none of our concern - on your own. Le 12/01/2018 à 14:07, dqcer a écrit : > > Hello, I want to get Base DN according to IP, port and LDAP

<    3   4   5   6   7   8   9   10   >