[389-users] Re: Password Hashes in Audit Log

g result: 0 changetype: modify ... With the displays attribute feature it now adds whatever attribute from that entry you want (e.g. cn): time: 2024823487454875 dn: z=2738478343,ou=people,dc=org #cn: Mark Reynolds result: 0 changetype: modify ... So this has nothing to do with what updates are record

Question on $FileCreateMode for imjournal

s variable be set and what's the correct syntax? I also sent this to the rsyslog list but I thought I'd throw it out here as well. Thanks, -- *Mark C. Allman, PMP, CSM, SSM* -- ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe sen

[389-users] Re: 389 DS 2.3.6 on RHEL 9 replication between 2.3.6 and 1.3.9 389DS

On 4/2/24 6:09 PM, Alex Nazarenko wrote: Thank you, Mark, Is there a way to initialize an existing instance without rebuilding the consumer instance from scratch? I tried this: - remove all *db files from the consumer this is never needed ^^^ - remove existing agreement from the supplier

[389-users] Re: 389 DS 2.3.6 on RHEL 9 replication between 2.3.6 and 1.3.9 389DS

on updates will flow. HTH, Mark On 4/2/24 5:26 PM, Nazarenko, Alexander wrote: Hello colleagues, We plan to move our LDAP service from 389DS 1.3.9 on RHEL7 to 389 DS 2.3.6 on RHEL 9 platform. Question: is it possible to attach a 389 DS 2.3.6 consumer to 389DS 1.3.9 supplier for seamless

Re: star office

LibreOffice now.  "sudo dnf search libreoffice" -- Mark -- ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-

[389-users] Fwd: dscontainer as non root

Forwarding to the correct list Forwarded Message Subject:dscontainer as non root Date: Mon, 12 Feb 2024 20:01:09 +0530 From: Antony Jose To: 389-users-ow...@lists.fedoraproject.org Hi, Can we run dscontainer as non root process. I have deployed

Re: HP12C Emulator?

. The trouble is that I'm such a pack rat. It would help not to carry it too anytime I'm already carrying a perfectly serviceable Fedora machine. Don't know a 12c emulator, but Free42 (free42-3.1.2-1.fc39.x86_64) is a handy HP42s app. I also have Free42 on my AstroSlide Android phone. -- Mark

Re: 6.6.x kernels do not boot successfully

rives and run a nondestructive fsck?  I bet it isn't the drives themselves. Anything to get more information. -- Mark -- ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org

Re: 6.6.x kernels do not boot successfully

Mark C. Allman, PMP, CSM, SSM Sr. Project Manager/Scrum Master, Allman Professional Consulting, Inc., www.allmanpc.com <http://www.allmanpc.com> Founder, See How You Ski, www.seehowyouski.com <http://www.seehowyouski.com> Ultra Runner, www.bostonorbust.run <http://www.boston

[389-users] Re: Allow User to Change Expired Password

Hi Aaron, I'm not sure what version of 389 you are using but it works for me on the latest version if I enable grace logins.  Here are my settings: cn=config ... passwordChange: on passwordGraceLimit: 2 passwordExp: on passwordMaxAge: 30 $ ldapmodify -H ldap://localhost:389 -D "cn=ma

[389-users] Re: Setting "lock" time of an account in the future

On 10/2/23 4:13 AM, Cenk Y. wrote: Hi Mark, thanks for the response. We already use password lockout plugin, but what I need is the opposite. I want to * Create an account, activate it * Set an expiration date, so that after that date account is locked. Yeah there is no way to "

[389-users] Re: Setting "lock" time of an account in the future

ure     retryCountResetTime: 20230929193912Z   --> you must calculate this value (and use it for these two attributes)     accountUnlockTime: 20230929193912Z That works for me. HTH, Mark On 9/29/23 11:40 AM, Cenk Y. wrote: Hello, We are running 389-ds-base.2.2.7 . While creating ac

[389-users] Re: Setting "lock" time of an account in the future

/red_hat_directory_server/11/html/administration_guide/managing_the_password_policy-configuring_the_account_lockout_policy#configuring_the_account_lockout_policy_using_the_command_line HTH, Mark On 9/29/23 11:40 AM, Cenk Y. wrote: Hello, We are running 389-ds-base.2.2.7 . While creating accounts

[389-users] Re: Migration: importing an OU to a new instance

The other option is yo export the local database to LDIF, then import two ldifs at the same time.  Something like: # dsconf slapd-INSTANCE backend import userroot local_ldif other_ldif HTH, Mark On 9/14/23 1:50 PM, tda...@arizona.edu wrote: Thanks, this was my backup plan if I couldn't find

[389-users] Re: Migration: importing an OU to a new instance

ile.  What you want to do is to merge the data.  If there are not that many entries in the LDIF the easiest solution is to use ldapmodify to add each entry separately: For example: $ ldapmodify -D "cn=directory manager" -W -a -c -f HTH, Mark Thanks for the additional info on t

[389-users] Re: Internal Server Error

dirsrv-admin restart If that doesn't work, then I'm not sure what is wrong. HTH, Mark On 8/30/23 2:17 PM, Omar wrote: Hello Mark, Sorry for the late reply, I was sick and didn't get back to work until today.  Please find attached logs and configuration of my server.  Let me know if you see how

[389-users] Re: Internal Server Error

On 8/25/23 2:20 PM, Omar wrote: Hello Mark, I'm sorry, didn't know that the dsgw was no longer supported.  We are trying to create an LDAP service with a GUI so that our users can change their passwords. I have installed and configured the following: * 389-ds-base * openldap-clients

[389-users] Re: Internal Server Error

the admin server error log?  Not sure where this log is anymore(it's been so long since I looked at it), but its probably under /var/log/dirsrv/admin-serv/ ?  Something like that... HTH, Mark Internal Server Error The server encountered an internal error or misconfiguration and

[389-users] Re: 389-ds freezes with deadlock

Hi Julian, It would be helpful to get a pstack/stacktrace so we can see where DS is stuck: https://www.port389.org/docs/389ds/FAQ/faq.html#sts=Debugging%C2%A0Hangs Thanks, Mark On 8/24/23 4:13 AM, Julian Kippels wrote: Hi, I am using 389-ds Version 2.3.1 and have encountered the same

[389-users] Announcing 389 Directory Server 2.2.9

389 Directory Server 2.2.9 The 389 Directory Server team is proud to announce 389-ds-base version 2.2.9 Fedora packages are available on Fedora 37 https://koji.fedoraproject.org/koji/taskinfo?taskID=104325801

[389-users] Announcing 389 Directory Server 2.4.3

389 Directory Server 2.4.3 The 389 Directory Server team is proud to announce 389-ds-base version 2.4.3 Fedora packages are available on Rawhide (f39) Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=104323615

Re: wordpress problem

On 7/14/23 17:09, Mark C. Allman via users wrote: > ... https://localhost:9090 works fine for the server edition login.  Is there something listening on port 80 (check via netstat -antp)? The wp-admin request is trying port 80. You have something listening on port 9090. On 7/14/23

Re: wordpress problem

> ... https://localhost:9090 works fine for the server edition login.  Is there something listening on port 80 (check via netstat -antp)? The wp-admin request is trying port 80. You have something listening on port 9090. On 7/14/23 16:54, Bill Cunningham wrote: On 7/14/2023 4:09 PM,

[389-users] Re: Crash with SEGV after compacting

ed anymore so it is missing A LOT of fixes (probably including some CVE's).  I strongly suggest getting to 389-ds-base-2.x sooner than later. Mark Could you install the debugsource and collect a new backtrace ? regards thierry On 7/11/23 14:18, Mathieu Baudier wrote: Hello, thank you for

[389-users] Re: Access to 389-ds in Cockpit without sudo to root

Hi Brian, Unfortunately you can't because Cockpit calls the DS CLI tools (dsconf, dsctl, etc) which must be run as a privileged user in order to work correctly. Regards, Mark On 6/6/23 7:58 AM, Brian Mattey (UK) wrote: Hi, I would like to grant a non-privileged user (cannot sudo to root

[389-users] Announcing 389 Directory Server 2.2.8

389 Directory Server 2.2.8 The 389 Directory Server team is proud to announce 389-ds-base version 2.2.8 Fedora packages are available on Fedora 37 https://koji.fedoraproject.org/koji/taskinfo?taskID=101293586

[389-users] Announcing 389 Directory Server 2.3.4

389 Directory Server 2.3.4 The 389 Directory Server team is proud to announce 389-ds-base version 2.3.4 Fedora packages are available on Fedora f38 Fedora 38: https://koji.fedoraproject.org/koji/taskinfo?taskID=101288860

[389-users] Announcing 389 Directory Server 2.4.1

389 Directory Server 2.4.1 The 389 Directory Server team is proud to announce 389-ds-base version 2.4.1 Fedora packages are available on Rawhide (f39) Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=101287079

Re: Emacs error in F38

] .. ___ I would use strace:  strace -o /tmp/emacs.log /usr/bin/emacs. Whatever happens should be captured at/near the bottom if /tmp/emacs.log -- Mark ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email

[389-users] Re: 389 Ldap Cleanallruv Replica Crash

It could be related to: https://github.com/389ds/389-ds-base/issues/5743 Can you please try and get a stack trace of the crash/core? https://www.port389.org/docs/389ds/FAQ/faq.html#sts=Debugging%C2%A0Crashes Thanks, Mark On 5/2/23 3:00 PM, Juan Quintanilla wrote: Hi, I recently

[389-users] Announcing 389 Directory Server 2.4.0

389 Directory Server 2.4.0 The 389 Directory Server team is proud to announce 389-ds-base version 2.4.0 Fedora packages are available on Rawhide (Fedora 39) Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=100388694

[389-users] Announcing 389 Directory Server 2.3.3

389 Directory Server 2.3.3 The 389 Directory Server team is proud to announce 389-ds-base version 2.3.3 Fedora packages are available on Fedora 38 Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=100387023

[389-users] Announcing 389 Directory Server 2.2.7

389 Directory Server 2.2.7 The 389 Directory Server team is proud to announce 389-ds-base version 2.2.7 Fedora packages are available on Fedora 37 https://koji.fedoraproject.org/koji/buildinfo?buildID=2192884

[389-users] Announcing 389 Directory Server 2.1.8

389 Directory Server 2.1.8 The 389 Directory Server team is proud to announce 389-ds-base version 2.1.8 Fedora packages are available on Fedora 36 https://koji.fedoraproject.org/koji/taskinfo?taskID=100382283

[389-users] Re: 389 DS memory growth

-1.3.11.1 $ git log --oneline HTH, Mark Thank you, - Alex *From: *Thierry Bordaz *Reply-To: *"General discussion list for the 389 Directory server project." <389-users@lists.fedoraproject.org> *Date: *Monday, April 17, 2023 at 3:36 AM *To: *"General discussion list

[389-users] Re: A more profound replication monitoring of 389-ds instance

On Fri, 2023-04-21 at 05:50 +, dweller dweller wrote: > Oops, I ment to post this diagram > https://pastebin.com/HZZjCtFJ > > The vision was, I guess, for each common-replica to have a connection with its > own downstream client's replica, in order to not exceed 4 replication > agreements

[389-users] Re: Migration from OpenLDAP to 389 Directory Server Failed

tation/en-us/red_hat_directory_server/11/html/administration_guide/managing_access_control HTH, Mark My environment server: * Ubuntu 22.04 in WSL 2. * OpenLDAP version 2.5.13 (run slapd -VV) * 389 Directory Server version 2.0.15-1 (https://packages.ubuntu.com/jammy/389-ds) Here's m

[389-users] Re: Problem with 389-ds authentication

On 3/7/23 2:23 PM, Mr Mysteron wrote: Hi Mark, Both servers are running the latest 2.2.x version from directory.fedoraproject.org <http://directory.fedoraproject.org>: python3-lib389-2.2.6-1.el9.noarch 389-ds-base-libs-2.2.6-1.el9.x86_64 389-ds-base-2.2.6-1.el9.x86_64 cockpit-389-ds-2

[389-users] Re: Problem with 389-ds authentication

or something like that. Mark On 3/7/23 8:22 AM, Mr Mysteron wrote: Hi. I'm running two 389-ds instances on Centos9 servers, one master and one readonly slave server. Global pwpolicy is PBKDF2_SHA256 and local pwpolicy is SSHA512. The mail-servers are querying the readonly slave server

[389-users] Re: 389-DS Cockpit

hine. If I switch to "copr" repository then I get 389-ds version 2.2.x which seems to be too new. We also have 2.3.x :-)   389-ds-base-2.2 is what we are using for RHDS 12.2 on RHEL 9.2.  I would not say 2.2 is "too" new or risky.  Now "2.3"

[389-users] Re: 389-DS Cockpit

Yes, you install cockpit bridge on your other systems then you can link them in the Cockpit console.  After installing cockpit bridge on all the hosts, then goto the "man" Cockpit console, top left, open the menu and you can "add hosts". HTH, Mark On 2/3/23 10:29 AM

[389-users] Announcing 389 Directory Server 2.1.7

389 Directory Server 2.1.7 The 389 Directory Server team is proud to announce 389-ds-base version 2.1.7 Fedora packages are available on Fedora 36 https://koji.fedoraproject.org/koji/taskinfo?taskID=96589528

[389-users] Announcing 389 Directory Server 2.2.6

389 Directory Server 2.2.6 The 389 Directory Server team is proud to announce 389-ds-base version 2.2.6 Fedora packages are available on Fedora 37 https://koji.fedoraproject.org/koji/taskinfo?taskID=9657

[389-users] Announcing 389 Directory Server 2.3.2

389 Directory Server 2.3.2 The 389 Directory Server team is proud to announce 389-ds-base version 2.3.2 Fedora packages are available on Rawhide (f38) Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=96566979

[389-users] Re: Use dsconf to set nsslapd-lookthroughlimit

You can use dsconf to set it: # dsconf slapd-instance backend config set --lookthroughlimit 10 HTH, Mark On 1/11/23 6:43 AM, Julian Kippels wrote: Hi, I am looking for a way to set nsslapd-lookthroughlimit from cn=config,cn=ldbm database,cn=plugins,cn=config using dsconf. So far I have

[389-users] Re: Wrong password hash algorithm returned

in can be configured to use a specific algorithm (upgrade or downgrade).  Might be worth considering it now... Mark thierry Julian Am 22.11.22 um 09:56 schrieb Thierry Bordaz: Hi Julian, This is likely the impact of https://github.com/389ds/389-ds-base/issues/2480 that was introduced

[389-users] Announcing 389 Directory Server 2.2.4

389 Directory Server 2.2.4 The 389 Directory Server team is proud to announce 389-ds-base version 2.2.4 Fedora packages are available on Fedora 37 https://koji.fedoraproject.org/koji/taskinfo?taskID=94297859

[389-users] Announcing 389 Directory Server 2.1.6

389 Directory Server 2.1.6 The 389 Directory Server team is proud to announce 389-ds-base version 2.1.6 Fedora packages are available on Fedora 36 https://koji.fedoraproject.org/koji/taskinfo?taskID=94299041

[389-users] Announcing 389 Directory Server 2.0.17

389 Directory Server 2.0.17 The 389 Directory Server team is proud to announce 389-ds-base version 2.0.17 Fedora packages are available on Fedora 35 Fedora 35: https://koji.fedoraproject.org/koji/taskinfo?taskID=94300237 - 

[389-users] Announcing 389 Directory Server 2.3.1

389 Directory Server 2.3.1 The 389 Directory Server team is proud to announce 389-ds-base version 2.3.1 Fedora packages are available on Rawhide (f38) Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=94296874

[389-users] Re: FileDescriptors exhausted

sly look into 389-ds-base-2.x series... HTH, Mark To avoid idle/stale connections we've set nslapd-ideltimeout and we see now a lower average number of open connections, so this is a first improvement. We also plan to look into nslapd-ioblocktimeout. Mit freundlichen Grüßen / Ki

[389-users] Re: FileDescriptors exhausted

clients, then look into tuning nsslapd-ioblocktimeout (e.g. 1 => 10 seconds), and maybe nslapd-idletimeout. Mark On 11/11/22 9:25 AM, Tobias Ernstberger wrote: Hello, we're observing the following error message: "ERR - accept_and_configure - PR_Accept() failed, Netscape Portable

[389-users] Re: Upgrading from 1.2.2 to 1.4.4

On 11/9/22 3:41 AM, Julian Kippels wrote: Hi, Am Tue, 8 Nov 2022 16:39:20 -0500 schrieb Mark Reynolds : How did you generate these ldifs?  Did you use db2ldif, or ldapsearch? If you used ldapsearch, then stop.  Please use db2ldif/db2ldif.pl I created the ldifs using the Java 389-console

[389-users] Re: Upgrading from 1.2.2 to 1.4.4

On 11/8/22 4:12 PM, Christian, Mark wrote: On Tue, 2022-11-08 at 21:24 +0100, Julian Kippels wrote: Hi, I am currently in the process of moving our LDAP-Servers from old CentOS 7 Servers to new Debian 11 Servers. In the process I am exporting all databases from the old server to ldif files

[389-users] Re: Upgrading from 1.2.2 to 1.4.4

d this attribute in any schema-file on either the old or > the new servers. Where does this come from a custom schema on the 1.2.2 box? > , and how do I solve this > issue? I'm curious what objectclasses are found under the cn=219058,ou=accounts,o=demo object, and whether entrylevelrights is list

[389-users] Re: Reminder - how to unsubscribe yourself

On 10/4/22 10:50, Alberto Viana wrote: Hi Mark, I don't think so, it's say to send an email to the list hehehe :-) 389.png Or at least it's not clear if others links can do that, so I assume that's why everyone just sends an email. Hmm I have no control over the wording, but that is how

[389-users] Reminder - how to unsubscribe yourself

There have been a lot of people just sending "unsubscribe" messages to the list.   At the bottom of every email from this list there is a link to unsubscribe yourself.  I don't mind doing it, but it's very easy to do it yourself.  Just a reminder... -- Directory Server Development Team

[389-users] Re: Fwd: 389 DS stop reponding

nunc-stans" can be turned off with a setting under cn=config (nsslapd-enable-nunc-stans: off).  Anyway, the next time it happens I suggest getting pstacks to see what the server is doing. Regards, Mark Regards, ___ 389-users mail

[389-users] Re: 389 DS sync issue with Active Directory

AD server.   Perhaps your winsync agreement is not configured correctly.  Please provide the agreement entry from 389 DS. Thanks, Mark I'm able to do ldapsearch on Active directory but repl-winsync-agmt init-status command is giving the network error. ldapseach command: ldapsearch -x -h 192.168

[389-users] Re: Procedure to change the AD used to sync users

On 9/17/22 2:59 AM, Ludwig Krispenz wrote: Hi Mark, I was late in the thread and missed that it is about winsync where things are different, sorry. No worries, your comments and input are always welcome!! Regards, Ludwig On 16.09.22 22:11, Ludwig Krispenz wrote: On 16.09.22 20:12

[389-users] Re: Procedure to change the AD used to sync users

On 9/16/22 1:40 PM, Ludwig Krispenz wrote: On 16.09.22 19:16, Mark Reynolds wrote: On 9/12/22 3:38 PM, Mihai Carabas wrote: On Mon, Sep 12, 2022 at 6:35 PM Mark Reynolds wrote: On 9/12/22 10:58 AM, Mihai Carabas wrote: On Fri, Sep 9, 2022 at 10:31 PM Mihai Carabas

[389-users] Re: Procedure to change the AD used to sync users

On 9/12/22 3:38 PM, Mihai Carabas wrote: On Mon, Sep 12, 2022 at 6:35 PM Mark Reynolds wrote: On 9/12/22 10:58 AM, Mihai Carabas wrote: On Fri, Sep 9, 2022 at 10:31 PM Mihai Carabas wrote: On Wed, Aug 31, 2022 at 8:25 PM Mark Reynolds wrote

[389-users] Re: Procedure to change the AD used to sync users

On 9/12/22 10:58 AM, Mihai Carabas wrote: On Fri, Sep 9, 2022 at 10:31 PM Mihai Carabas wrote: On Wed, Aug 31, 2022 at 8:25 PM Mark Reynolds wrote: Mihai, Start with the docs: https://access.redhat.com/documentation/en-us/red_hat_directory_server/11

[389-users] Re: Limiting Direcory Manager access

Yes there is an access control plugin for the Root DN where you can define this limitation: https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/rootdn-acl https://www.port389.org/docs/389ds/design/rootdn-access-control.html HTH, Mark On 9/5/22

[389-users] Announcing 389 Directory Server 2.2.3

389 Directory Server 2.2.3 The 389 Directory Server team is proud to announce 389-ds-base version 2.2.3 Fedora packages are available on Fedora 37 https://koji.fedoraproject.org/koji/taskinfo?taskID=91505211

[389-users] Announcing 389 Directory Server 2.3.0

389 Directory Server 2.3.0 The 389 Directory Server team is proud to announce 389-ds-base version 2.3.0 Fedora packages are available on Rawhide (f38) Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=91503550

[389-users] Re: 389DS on K8s - dirserv won't start

Either remove that instance or use a different instance name in your install setup. HTH, Mark Cheers, Ronald ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedo

[389-users] Re: Procedure to change the AD used to sync users

#configuring_the_database_for_synchronization_and_creating_the_synchronization_agreement_using_the_command_line # dsconf slapd-INSTANCE repl-winsync-agmt list # dsconf slapd-INSTANCE repl-winsync-agmt set --help # dsconf slapd-INSTANCE repl-winsync-agmt set --host= # dsconf slapd-INSTANCE repl-winsync-agmt init HTH, Mark On 8/31/22 4:22 AM, Mihai Carabas wrote: Hello, We

[389-users] Re: 389 server logging format

There is no way to customize the logging.  What format are you looking for? python-lib389 that ships with DS has some logging classes.  See https://github.com/389ds/389-ds-base/blob/main/src/lib389/lib389/dirsrv_log.py HTH, Mark On 8/26/22 4:08 PM, tda...@arizona.edu wrote: Is there a way

[389-users] Announcing 389 Directory Server 2.1.5

389 Directory Server 2.1.5 The 389 Directory Server team is proud to announce 389-ds-base version 2.1.5 Fedora packages are available on Fedora 36 https://koji.fedoraproject.org/koji/taskinfo?taskID=91179741

[389-users] Re: NOTICE - Rust will be mandatory starting in 389-ds-base-2.2

(not NSS), so we don't have these issues anymore. FYI we were able to get the NSS PBKDF2 version working in FIPS (in very recent versions), but the Rust version is much better and more secure. Thanks, Mark Thanks, Trevor On Tue, Aug 23, 2022 at 9:53 AM Mark Reynolds wrote: Hello

[389-users] NOTICE - Rust will be mandatory starting in 389-ds-base-2.2

Hello, For many years now we have been offering Rust plugins, and for those that build the server themselves it was possible to disable Rust if it was not wanted.  This is no longer going to be an option starting in the next release of 389-ds-base-2.2 (On Fedora 37).  We are upgrading the

[389-users] Re: 389-ds-base/cockpit-389-ds on EL9

L cert via cockpit, where it would keep reverting to the self-signed “Server-Cert” . What exactly were you trying to do?  Were you trying to change the server certificate name to a different one? Thanks, Mark On reflection, it could have been because I was trying to use an expired cert,

[389-users] Re: DNA Plugin creating duplicates

present on the other supplier replica? Can you please provide the DNA config from both replicas, and the shared config entries? Thanks, Mark I've cranked the error log level up, but I don't get anything in the logs that is helpful in determining why that validation is not working correctly

[389-users] Re: in docker-compose.yaml use "dsconf localhost***" error

So your instance is probably not named "localhost".  Check /etc/dirsrv/ and use whatever name you have chosen for your instance:  "slapd-" # dsconf slapd-YOUR_INSTANCE backend create ... HTH, Mark ___ 389-users mailing list --

[389-users] Re: Crash with SEGV after compacting

ay the server should never crash, so please provide the requested information and we will take a look at it. Thanks, Mark Thanks ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedo

[389-users] Re: Disable Anonymous Bind

I thought I sent this earlier but the docs tell you how to properly do this: https://access.redhat.com/documentation/en-us/red_hat_directory_server/12/html/user_management_and_authentication/assembly_disabling-anonymous-binds_user-management-and-authentication On 7/29/22 3:33 PM, Christian

[389-users] Announcing 389 Directory Server 2.1.4

389 Directory Server 2.1.4 The 389 Directory Server team is proud to announce 389-ds-base version 2.1.4 Fedora packages are available on Fedora 36 http://koji.fedoraproject.org/koji/buildinfo?buildID=2038470

[389-users] Re: Disable Anonymous Bind

HTH, Mark On 7/28/22 10:29 AM, Christian Palacios wrote: Hi there, We have an instance of 389 and I have been asked to disable anonymous bind on it because our current security policies don't allow it.  Can you please suggest ways to fix this? Unfortunately, I don't have the admin account

[389-users] Re: Retro Changelog trimming causes deadlock

Hi Kees, Can you provide the entire/complete stack trace? Looks like it's the schema-compat plugin from Freeipa that is the issue.  We have a lot of problems with this plugin :-(  But without the full stack trace we can not confirm anything. Thanks, Mark On 7/20/22 9:59 AM, Kees Bakker

Re: Virtualization Recommendations?

. Check out https://medium.com/@allmanpc/vmware-workstation-player-16-2-and-linux-kernels-5-18-5cdc10a4d32a. It doesn't fix the larger problem but it would help to get around the immediate issue. *Mark C. Allman, PMP, CSM, SSM* Sr. Project Manager/Scrum Master, Allman Professional Consulting, Inc

[389-users] Announcing 389 Directory Server 2.0.16

389 Directory Server 2.0.16 The 389 Directory Server team is proud to announce 389-ds-base version 2.0.16 Fedora packages are available on Fedora 35 Fedora 35: https://koji.fedoraproject.org/koji/taskinfo?taskID=89131293 - 

[389-users] Announcing 389 Directory Server 2.1.3

389 Directory Server 2.1.3 The 389 Directory Server team is proud to announce 389-ds-base version 2.1.3 Fedora packages are available on Fedora 36 https://koji.fedoraproject.org/koji/taskinfo?taskID=89124762

[389-users] Announcing 389 Directory Server 2.2.2

389 Directory Server 2.2.2 The 389 Directory Server team is proud to announce 389-ds-base version 2.2.2 Fedora packages are available on Rawhide (f37) Rawhide: https://koji.fedoraproject.org/koji/buildinfo?buildID=1996683

Re: Anyone use spf and dmarc and dkim?

happens when I post to the list, so I'll reply now and see. I'll follow up here if I also get failure notifications. It doesn't sound familiar. -- Mark ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le

[389-users] Re: 389-ds opensuse container questions

our LDAP clients use the correct search base when trying to find users, etc. HTH, Mark On 6/13/22 2:12 PM, tda...@email.arizona.edu wrote: Ok, so I think what you're saying is that each domain (dc=arizona,dc=edu and dc=eds,dc=arizona,dc=edu) requires its own database? Maybe I will rethink this plan

[389-users] Re: 389-ds opensuse container questions

,dc=edu" and move all the entries under it?  Otherwise yes you need two databases and then you can make dc=eds,dc=arizona,dc=edu a subsuffix of the other.  But if you don't need two databases then I would just merge the content under a single suffix (much much easier to maintain). Mark

[389-users] Re: another question: searches running into administrative limits

everything regardless of this setting.  So making that config change will work right away, but really I think you need to set the lookthroughlimit like David suggested: # dsconf instanceName backend config set --lookthroughlimit 5000 Mark FYI: Browsing (or VLV) index does not help unless you

[389-users] Re: dsidm not work with imported openldap accounts

ration tool" we provide to be compatible with the CLI tools we ship. This should be a simple change to lib389 to get this working. Regards, Mark # john, people, example.com dn: uid=john,ou=people,dc=example,dc=com objectClass: top objectClass: nsPerson objectClass: nsAccount obje

Re: systemd timers and amavis quarantine

Nice ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:

How To Use Visual Hierarchy To Improve Website Usability And UX?

The visual hierarchy of a website design plays a crucial role in enhancing the website user experience (UX) and user interface (UI). Today the online marketplace is becoming highly competitive and every website design craves attention. The visual hierarchy you create and offer can decide

[389-users] Re: 389DS + Ubuntu

mand would be: # dsconf slapd-instance backend config set --db_lib mdb Then you need to import your LDIF file after making this change. HTH, Mark On 3/31/22 7:33 AM, iyagomailru Alexander Yakovlev wrote: Hi, It's a problem: no option config in script, Only 'list', 'get', 'get_dn', 'create

[389-users] Announcing 389 Directory Server 2.1.1

389 Directory Server 2.1.1 The 389 Directory Server team is proud to announce 389-ds-base version 2.1.1 Fedora packages are available on Fedora 36 and Rawhide (f37) Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=84602886

[389-users] Announcing 389 Directory Server 2.0.15

389 Directory Server 2.0.15 The 389 Directory Server team is proud to announce 389-ds-base version 2.0.15 Fedora packages are available on Fedora 34, and 35 Fedora 35: https://koji.fedoraproject.org/koji/taskinfo?taskID=84608760

[389-users] Re: unconventional replication, alma 8 master to centos 7 slave: Unable to acquire replica: error: no such replica

Yup, you are using two different suffixes/backends between the suppliers and consumers.  The consumers are only accepting replication updates for "dc=test,dc=co,dc=uk", but the supplier is trying to replicate "dc=conscious,dc=co,dc=uk".  They have to be the same ;-) Mark

[389-users] Re: unconventional replication, alma 8 master to centos 7 slave: Unable to acquire replica: error: no such replica

On 3/24/22 10:34 AM, Lewis Robson wrote: Thanks Mark, please see responses below Couple things here, are the RHEL 7 servers set up as replication consumers? that is correct, in the 389 console under configuration > replication > userRoot, dedicated consumer Yes you need the repli

[389-users] Re: unconventional replication, alma 8 master to centos 7 slave: Unable to acquire replica: error: no such replica

CE repl-agmt list --suffix dc=example,dc=com If nothing sticks out try turning on replication logging (nsslapd-erorrlog-level: 8192) - you can do this from the Cockpit UI as well. Thanks, Mark Does anyone know anything that I could check for the error

[389-users] Re: passwordExpirationTime vs password admin

trying updating your polices as I mentioned above and see if it helps.  Is there a newer version of 389-ds-base you can upgrade to (at least to test this)? Mark On 3/16/22 3:20 PM, Mike Wohlgemuth wrote: Here is the dsconf output: # dsconf slapd-neuTestMain pwpolicy get Global Passwo

[389-users] Re: passwordExpirationTime vs password admin

commands? # dsconf slapd-YOUR_INSTANCE pwpolicy get # dsconf slapd-YOUR_INSTANCE localpwp list Then for each DN (if any) run: # dsconf slapd-YOUR_INSTANCE localpwp get Thanks, Mark Thanks! ___ 389-users mailing list -- 389-users@lists.fedoraproject.org

[389-users] Re: passwordExpirationTime vs password admin

. Anyway this all works for me.  Here I show the audit log as I make changes and I see passwordExpirationtime being updated: dn: cn=mark,ou=people,dc=example,dc=com result: 0 changetype: add objectClass: top objectClass: nsPerson objectClass: nsAccount objectClass: nsOrgPerson cn: mark display

  1   2   3   4   5   6   7   8   9   10   >