Hi Mark,
I don't think so, it's say to send an email to the list hehehe
[image: 389.png]
Or at least it's not clear if others links can do that, so I assume that's
why everyone just sends an email.
Cheers,
Alberto Viana
On Tue, Oct 4, 2022 at 11:29 AM Mark Reynolds wrote:
> There have b
Ludwig,
Sorry,
After I read again, I understood what he meant, everything is working fine.
Thanks
On Mon, Sep 28, 2020 at 10:23 AM Ludwig Krispenz
wrote:
>
> On 28.09.20 14:56, Alberto Viana wrote:
>
> William,
>
> I don't think thatÅ› the way to do that:
>
> add
.viana and the attributes that acis allows
but if I do:
ldapsearch -b "dc=rnp,dc=local" -W -D "uid=myuser" objectclass=*
returns me nothing.
Thanks!!
Alberto Viana
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To
Mark,
One last doubt, what about TLS 1.3? 389 already supports it?
Thanks
Alberto Viana
On Wed, Apr 29, 2020 at 12:42 PM Mark Reynolds wrote:
> This is a known problem. We moved the default minimum to TLS 1.2 (from
> 1.0), but it's not working correctly and it will not allow you to s
Hi Guys,
One last doubt, I saw that was pushed into master branch, what about others
branches?
Thanks
Alberto Viana
On Mon, May 11, 2020 at 12:55 PM thierry bordaz wrote:
> Hi Alberto,
>
> The upstream ticket is https://pagure.io/389-ds-base/issue/51082 with a
> pending PR
Hi Thierry,
So I think this is good news. Once I'm waiting for a fix and affects my
production servers (high availability), can you post here the ticket so I
can follow up the fix?
I will check out and read about the asan.
Thanks a lot.
Alberto Viana
On Mon, May 11, 2020 at 10:21 AM thierry
William,
It's suppose to be production, but once it's not working (the replication)
I just left one 389 as main server, so I can do any test as I want.
I have no idea how to do that, can you point me in the right direction?
Thanks
Alberto Viana
On Thu, May 7, 2020 at 9:09 PM William Brown
um <
VALUESET_ARRAY_SORT_THRESHOLD) || ((vs->num >=
VALUESET_ARRAY_SORT_THRESHOLD) && (vs->sorted[0] < vs->num)));
(gdb) print vs->sorted@21
$1 = {0x7fffb0023ad0, 0x7fffb0022b50, 0x4, 0x6c7e80, 0x0, 0x0, 0x0, 0x0,
0x0, 0x7fffb0023c00, 0x7fffb00247c0, 0x0, 0x0, 0x0, 0x25,
0x664
William,
I'm just a little bit confused about pwadmin concept
vs nsslapd-allow-hashed-passwords. Once I turned on
nsslapd-allow-hashed-passwords, it's no supposed to only users in my
pwadmin(group/users) to be allowed to add pre-hashed password?
Thanks
Alberto Viana
On Wed, May 6, 2020 at 7:56
William,
Set nsslapd-allow-hashed-passwords and pwadmin in global policy works as
expected.
Thanks again.
Alberto Viana
On Tue, May 5, 2020 at 9:22 PM Alberto Viana wrote:
> William,
>
> I will try it tomorrow, but a reference about
> "nsslapd-allow-hashed-pass
vs->sorted[0] < vs->num)));
(gdb) print *vs->sorted@21
$1 = {18446744073709551615 }
Everything has been a quite chaotic to me too.
Thanks
Alberto Viana
On Tue, May 5, 2020 at 10:38 PM William Brown wrote:
> So reading these frames, it's likely that this is the as
William,
I will try it tomorrow, but a reference about
"nsslapd-allow-hashed-passwords" in
https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/password_administrators
make
senses to me.
Thanks anyway.
Alberto Viana
On Tue, May 5, 2020
Viana
On Tue, May 5, 2020 at 7:57 PM William Brown wrote:
>
>
> > On 6 May 2020, at 04:33, Alberto Viana wrote:
> >
> > additional info: invalid password syntax - passwords with storage scheme
> are not allowed
> >
>
>
> This line here is saying that y
Hi Guys,
389 1.4.2.8
pwadmin is not working as expected:
dsconf RNP pwpolicy set --pwdadmin
cn=GRP_SRV_PREHASHED_PASSWORD,dc=my,dc=domain
In an specific OU, this user has the following permissions:
dn: OU=POP-PA,dc=my,dc=domain
aci: (targetattr="brPersonCPF || schacDateOfBirth ||
nit2 - NSS adjusted SSL version range: min: TLS1.2, max: TLS1.2
This last try was setting to --tls-protocol-min="TLS1.1"
Thanks
Alberto Viana
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an e
William,
Here's:
Frame9:
https://gist.github.com/albertocrj/87bf4a010bf2f7e1f97ef3ee72ee44df
Frame7:
https://gist.github.com/albertocrj/840f15e5df10cad0e2977cd030abdba4
Frame6:
https://gist.github.com/albertocrj/befb7144b86bc4af86b9a2e0be0293a1
Thank you
Alberto Viana
On Wed, Apr 22, 2020
x7fff840247c0, a_mr_eq_plugin = 0x0, a_mr_ord_plugin =
0x0, a_mr_sub_plugin = 0x0}
(gdb) print *a->a_present_values
Structure has no component named operator*.
(gdb) print *a->a_present_values.va[0]
Thanks,
Alberto Viana
On Wed, Apr 22, 2020 at 4:57 PM Mark Reynolds wrote:
> Goto frame
?
Thanks
On Wed, Apr 22, 2020 at 4:34 PM Mark Reynolds wrote:
>
> On 4/22/20 3:27 PM, Alberto Viana wrote:
>
> Mark,
>
> Here's:
> (gdb) where
> #0 0x7455399f in raise () at /lib64/libc.so.6
> #1 0x7453dcf5 in abort () at /lib64/libc.so.6
> #2 0
dap/servers/slapd/connection.c:1767
#17 0x7544a568 in _pt_root () at /lib64/libnspr4.so
#18 0x74de52de in start_thread () at /lib64/libpthread.so.0
#19 0x746184b3 in clone () at /lib64/libc.so.6
(gdb) print *vs->sorted[0]
Cannot access memory at address 0xfff
vs->sorted[0] < vs->num)));
(gdb) print *vs
$1 = {num = 21, max = 32, sorted = 0x7fff8c023ad0, va = 0x7fff8c022b50}
Thanks,
Alberto Viana
On Sun, Apr 19, 2020 at 8:52 PM William Brown wrote:
>
>
> > On 18 Apr 2020, at 02:55, Alberto Viana wrote:
> >
> > Hi Guy
:
https://gist.github.com/albertocrj/4d74732e4e357fbc5a27296199127a62
https://gist.github.com/albertocrj/94fc3521024c7a508f1726923936e476
Do you guys need something else?
Thanks
Alberto Viana
On Tue, Mar 31, 2020 at 8:03 PM William Brown wrote:
>
>
> > On 1 Apr 2020, at
DB RUV needs to be updated
Even after restart the service the problem persists, I have to disable and
re-enable replication (and replication agr) on both sides, it works for
some time, and the problem comes back.
Any tips?
Thanks
Alberto Viana
___
389
wonder like
William if there's no "smart" way to check if already has 389 in the system.
Thanks anyway.
Alberto Viana
On Tue, Mar 3, 2020 at 9:32 PM William Brown wrote:
>
>
> > On 4 Mar 2020, at 04:07, Mark Reynolds wrote:
> >
> >
> >
&g
Hi Guys,
I'm testing some versions of 389 and I realise that in newer versions,
cockpit stopped to work to me:
*There is no 389-ds-base package installed on this system. Sorry there is
nothing to manage...*
In my case (due to internal reasons) we compile our version of 389.
Is this an expected
Mark,
Yes, it solves the problem. Can you explain what exactly that
config does? It's suppose to be on?
Found some old CVE about it and just want to be sure about what I'm doing.
Thanks
Alberto Viana
On Fri, Feb 28, 2020 at 12:39 PM Mark Reynolds wrote:
> Alberto,
>
> We m
Mark
> On 2/19/20 8:01 AM, Alberto Viana wrote:
>
> WIlliam,
>
> Would be helpful if I provide to you guys a test environment? It's not
> hard for me to do that.
>
> I'm really interesting in find out what is going on and some other
> projects over here are depending on my
Hi Guys,
Setup another environment 389 1.4.1.14 + windows 2016, still not working,
exactly the same behavior.
:/
Cheers,
Alberto Viana
On Wed, Jan 29, 2020 at 8:19 PM Alberto Viana wrote:
> William,
>
> Yes, *other* attributes are replicated to AD normally (in all versions
> t
ing with same behavior, just the password is not sent
from 389 to AD. In all versions, attributes are replicated(except password)
from 389 to AD, and everything is working fine from AD to 389.
Please let me know if need some more info.
Thanks
Alberto Viana
On Wed, Jan 29, 2020 at 5:24 PM Mark Reyno
Reynolds wrote:
>
> On 1/29/20 12:17 PM, Alberto Viana wrote:
>
> Mark,
>
> Already did that twice hehehehe
>
> Do you think that's about config once all attributes except password are
> sync'ed to AD? If it's about config, the log does not suppose to show
> something?
> make sure you have everything setup correctly:
>
>
> https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/managing_the_password_policy-synchronizing_passwords
>
> HTH,
>
> Mark
> On 1/29/20 10:22 AM, Alberto Viana wrote:
>
king on event viewer. Another
thing that when I used to change the password, the passync always
intercepts the change and tries to send back the (same) password and it's
not happening.
Please let me know if you anything else.
On Tue, Jan 28, 2020 at 9:40 PM Alberto Viana wrote:
> Willia
, the passync always
intercepts the change and tries to send back the (same) password and it's
not happening.
Please let me know if you anything else.
Thanks
On Tue, Jan 28, 2020 at 9:31 PM William Brown wrote:
>
>
> > On 29 Jan 2020, at 10:15, Alberto Viana wrote:
> >
&g
, the passync always
intercepts the change and tries to send back the (same) password and it's
not happening.
Please let me know if you anything else.
Thanks
On Tue, Jan 28, 2020 at 9:31 PM William Brown wrote:
>
>
> > On 29 Jan 2020, at 10:15, Alberto Viana wrote:
> >
&g
ot;
Where should I do that? Do you need further information?
Thanks
Alberto Viana
On Tue, Jan 28, 2020 at 9:09 PM William Brown wrote:
>
>
> > On 29 Jan 2020, at 10:01, Alberto Viana wrote:
> >
> > WIlliam,
> >
> > Thanks, I put in my company's roadmap to t
wrote:
>
>
> > On 29 Jan 2020, at 09:24, Alberto Viana wrote:
> >
> > Hey Guys,
> >
> > Really lost here, don't know what else look or test, it's not working at
> all :/
>
> Hey there,
>
> Remember, the team is distributed around the world - I'm
Hey Guys,
Really lost here, don't know what else look or test, it's not working at
all :/
Any help is appreciated
Thanks
On Tue, Jan 28, 2020 at 3:48 PM Alberto Viana wrote:
> Hi Guys,
> 389-Directory/1.4.3.2
>
>
> The password sync from 389 to windows(2012) is not working:
&
2493302 -0300] - DEBUG - NSMMReplicationPlugin -
ruv_update_ruv - Successfully committed csn 5e3079ed00040064
[28/Jan/2020:15:14:05.394086821 -0300] - DEBUG - NSMMReplicationPlugin -
ruv_update_ruv - Rolled up to csn 5e3079ed00040064
[28/Jan/2020:15:14:05.395428297 -0300] - DEBUG - NSMMReplicationPlugin -
Mark,
# make -f rpm.mk rpms
# cd dist/rpms
Just like you (I think) hehehe
For me, not a big deal anyway.
Thanks
Alberto Viana
On Thu, Jan 23, 2020 at 4:34 PM Mark Reynolds wrote:
>
> On 1/23/20 1:17 PM, Alberto Viana wrote:
>
> Mark,
>
> I using pyth
a ticket?
Thanks
Alberto Viana
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List
the
problem and maybe give you guys more logs (or trace it).
Thanks
Alberto Viana
On Sun, Jan 19, 2020 at 9:43 PM William Brown wrote:
> I'd like to confirm with you if you are able to check this machines memory
> or filesystem as clean. This kind of corruption concerns me, and could have
>
--. 2 dirsrv dirsrv 4.0K Jan 17 12:04 userroot
Thanks
On Fri, Jan 17, 2020 at 12:49 PM Mark Reynolds wrote:
>
> On 1/17/20 10:25 AM, Alberto Viana wrote:
>
> Mark,
>
> There's nothing else in the log.
>
> There's no file like /var/lib/dirsrv/slapd-YOUR_INSTANCE/
Mark,
There's nothing else in the log.
There's no file like /var/lib/dirsrv/slapd-YOUR_INSTANCE/db/__db.*
also tried a db_recover but without success.
Do you recommend to downgrade my version?
Thanks
On Fri, Jan 17, 2020 at 12:08 PM Mark Reynolds wrote:
>
> On 1/17/20 9:55 AM, A
Hi Guys,
389-Directory/1.4.3.1.20200116git4f9aafca9
Start to get this error:
[17/Jan/2020:11:49:56.436658541 -0300] - NOTICE - bdb_start - Detected
Disorderly Shutdown last time Directory Server was running, recovering
database.
And 389 do not start anymore.
Thanks
Mark,
I wait for the commits to build my package again.
Thanks!!
Alberto Viana
On Thu, Jan 16, 2020 at 4:44 PM Mark Reynolds wrote:
>
> On 1/16/20 2:25 PM, Alberto Viana wrote:
>
> Hi Guys,
>
> 389-Directory/1.4.3.1.20200116git4f9aafca9 B2020.016.1843
> p
Hi Guys,
389-Directory/1.4.3.1.20200116git4f9aafca9 B2020.016.1843
python3-lib389-1.4.3.1-20200116gita08202a5b.el8.noarch
*dsconf*:
If I try to create an instance got this error:
DEBUG: name 'ensure_list_str' is not defined
Traceback (most recent call last):
File "/usr/sbin/dscreate", line
Mark,
Thanks, I'm now building the packages as well.
Alberto Viana
On Mon, Jan 13, 2020 at 4:58 PM Mark Reynolds wrote:
>
> On 1/13/20 2:56 PM, Alberto Viana wrote:
>
> Mark,
>
> Just to let you know, I'm cloning pagure repo and in /src/lib389 the
> VERSION file poin
Mark,
Just to let you know, I'm cloning pagure repo and in /src/lib389 the
VERSION file points me to this version:
~# cat VERSION
1.0.4
Thanks
Alberto Viana
On Mon, Jan 13, 2020 at 4:48 PM Alberto Viana wrote:
> Mark,
>
> I'm installing it from source, to install lib389 I run:
>
Mark,
I'm installing it from source, to install lib389 I run:
make lib389-install
Am I missing something?
Thanks
Alberto Viana
On Mon, Jan 13, 2020 at 4:36 PM Mark Reynolds wrote:
>
> On 1/13/20 2:24 PM, Alberto Viana wrote:
>
> Mark,
>
> Here's:
>
> INFO: Chec
dError: [Errno 2] No such file or directory:
'/etc/dirsrv/slapd-{instance_name}/dse.ldif'
ERROR: Error: [Errno 2] No such file or directory:
'/etc/dirsrv/slapd-{instance_name}/dse.ldif'
Thanks.
Alberto Viana
On Mon, Jan 13, 2020 at 4:19 PM Mark Reynolds wrote:
>
> On 1/13/20 2:07
ReferentialIntegrityPlugin ...
Checking MonitorDiskSpace ...
Checking Replica ...
Checking Changelog5 ...
Checking DSEldif ...
Error: [Errno 2] No such file or directory:
'/etc/dirsrv/slapd-{instance_name}/dse.ldif'
Is that a bug?
Thanks
Alberto Viana
___
389-users mailing
the installation)
the 389 starts to show this error in log.
Seems that 389 works fine even with this error in log and I didn't try
anything to correct it.
Cheers,
Alberto Viana
On Fri, Jan 10, 2020 at 8:55 PM Mark Reynolds wrote:
>
> On 1/10/20 6:48 PM, Iain Morgan wrote:
gt; On 9 Jan 2020, at 10:13, Alberto Viana wrote:
> >
> > William,
> >
> > Build 389 by myself. Also created and loaded an selinux module allowing
> the needed permissions. I Just wonder if is the right/best way to do that
> and if is an expected behavior.
>
> C
William,
Build 389 by myself. Also created and loaded an selinux module allowing the
needed permissions. I Just wonder if is the right/best way to do that and
if is an expected behavior.
Thanks
Alberto Viana
On Wed, Jan 8, 2020, 20:58 William Brown wrote:
>
>
> > On 9 Jan 20
with this?
Thanks
Alberto Viana
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List
William,
It's clear to me.
I will try centos8 :)
Thanks.
Alberto VIana
On Thu, Dec 19, 2019 at 2:50 AM William Brown wrote:
>
>
> > On 19 Dec 2019, at 08:09, Alberto Viana wrote:
> >
> > Mark,
> >
> > Seems that's not going to be so easy hehehe:
://bugzilla.redhat.com/show_bug.cgi?id=1756015
https://bugzilla.redhat.com/show_bug.cgi?id=1719978
Seems to me there's no solution at this point, Am I right?
Thanks
On Wed, Dec 18, 2019 at 6:20 PM Mark Reynolds wrote:
>
> On 12/18/19 4:05 PM, Alberto Viana wrote:
>
> Mark,
cense: MIT license
May be am I missing this lib(python3-libselinux)?
On Wed, Dec 18, 2019 at 5:39 PM Mark Reynolds wrote:
>
> On 12/18/19 3:21 PM, Alberto Viana wrote:
>
> Hi Guys,
>
> I compiled my 389 with selinux enabled (--with-selinux):
>
> configure:21564: check
on the system
~# getenforce
Enforcing
Centos7
# ns-slapd -v
389 Project
389-Directory/1.4.2.4 B2019.352.1557
What am I missing? Could not found any related doc at 389 or rhds pages.
Thanks.
Alberto Viana
___
389-users mailing list -- 389-users
Hi Mark,
No problems at all, the idea is to contribute to the project.
Thanks!!
Alberto Viana
On Mon, Dec 16, 2019 at 12:19 PM Mark Reynolds wrote:
>
> On 12/16/19 10:13 AM, Alberto Viana wrote:
>
> Hi Guys,
>
> I'm trying to config and enable uniqueness attribute plugin:
Hi Guys,
I'm trying to config and enable uniqueness attribute plugin:
~# dsconf RNP plugin attr-uniq add "uid-test" --attr-name uid
Successfully created the cn=uid-test,cn=plugins,cn=config
if I try to enable it:
~# dsconf RNP plugin attr-uniq enable uid-test
Error: 'Namespace' object has no
Hi Guys,
In the old 389-console was possible to manage remote instances
(installations in different machines) and what about in new UI? Should I
install a cockpit plugin to each 389 machine in my environment?
Any docs about it?
Thanks
Alberto Viana
This may allow attackers to
crash the application or execute Arbitrary Code in specific conditions.",
"recommendation": "Upgrade to version 4.5.3 or later.",
I had to update package-lock.json pointing to the latest version
of handlebars(4.5.3) in order to install it.
Just
,
Alberto Viana
On Thu, Dec 12, 2019 at 1:29 PM Viktor Ashirov wrote:
> Hi,
>
>
> On Thu, Dec 12, 2019 at 5:18 PM Alberto Viana
> wrote:
>
>> Hi Guys,
>>
>> I have installed 389 from source (389-Directory/1.4.2.4 B2019.344.19)
>>
>> Installed
---. 2 dirsrv dirsrv 155 Dec 9 17:25 ssca
Also tried to disable selinux, but the behavior is the same.
What am I missing? How can I debug it?
Thanks
Alberto Viana
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send a
Hi Guys,
Recently I had the same issue and I copied the database backup from one
server to another and used ldif2db.pl to import it and worked fine. After
that, the replication works fine.
Hope that helps you.
On Wed, Mar 6, 2019 at 5:24 PM Jason Jenkins
wrote:
> Thanks. I'll give that a try.
I'm facing a very similar problem, my version:
389-Directory/1.3.7.4.20170912git26a9426
So, it's probably you right, maybe It's a 1.3.x problem.
In my case, I disabled the plugin until I can upgrade my 389 version.
On Fri, Feb 22, 2019 at 1:07 AM William Brown wrote:
> Okay, I did this with a
Hi Guys,
There's any way to log or track constraint violation reason?
Once We have 2 environments I need to track when an user could change
password on windows side but this password could not be replicated to 389
due to password policy .
I can see this on passsync log:
10/30/18 18:43:38:
, Sep 28, 2018 at 4:00 PM Kreuzenstein, Luke (OIT) <
luke.kreuzenst...@alaska.gov> wrote:
> >>> From: "Alberto Viana"
> >>> To: "General discussion list for the 389 Directory server project."
> <389-users@lists.fedoraproject.org>
>
I saw that in the Doc, it now working fine.
Thanks a lot.
On Thu, Sep 27, 2018 at 12:18 PM Mark Reynolds wrote:
>
>
> On 09/26/2018 04:15 PM, Mark Reynolds wrote:
>
>
>
> On 09/26/2018 03:51 PM, Alberto Viana wrote:
>
> Hi Mark,
>
> I already have this con
d_administrators
>
> HTH,
>
> Mark
>
> On 09/26/2018 02:31 PM, Alberto Viana wrote:
>
> I have a password applied globally like this:
>
> dn:
> cn=cn\3DnsPwPolicyEntry\2CDC\3Dmy\2CDC\3Ddomain,cn=nsPwPolicyContainer,dc=
> my,dc=domain
> passwordLockout: off
> p
I have a password applied globally like this:
dn:
cn=cn\3DnsPwPolicyEntry\2CDC\3Dmy\2CDC\3Ddomain,cn=nsPwPolicyContainer,dc=
my,dc=domain
passwordLockout: off
passwordGraceLimit: 50
passwordWarning: 86400
passwordInHistory: 3
passwordMinLength: 8
passwordMinCategories: 3
passwordStorageScheme:
Hi Guys,
I'm testing the password policy and want to debug it. Basically I'm trying
so set a valid password (based on my password policy) and 389 returns to me
"19: Constraint violation"
What should be nsslapd-errorlog-level to debug it?
Thanks
___
dn: cn=config
> changetype: modify
> replace: nsslapd-errorlog-level
> nsslapd-errorlog-level: 16385
> EOF
>
> Thanks,
> Simon
>
> - Original Message -
> > From: "Alberto Viana" <alberto...@gmail.com>
> > To: "General discussion list for
Anyone?
Any clues?
On Tue, Mar 20, 2018 at 2:15 PM, Alberto Viana <alberto...@gmail.com> wrote:
> Hey Guys,
>
> 389 version: 389-Directory/1.3.7.4.20170912git26a9426 B2017.255.1330
>
> I'm trying to move one of my users to another OU and I see this kind of
> error:
>
Hey Guys,
389 version: 389-Directory/1.3.7.4.20170912git26a9426 B2017.255.1330
I'm trying to move one of my users to another OU and I see this kind of
error:
Error while moving entry
- [LDAP: error code 1 - Operations Error]
java.lang.Exception: [LDAP: error code 1 - Operations Error]
at
In
Hi Guys,
Can I set multiple groups in passwordAdminDN?
I know that I can set per policy (subtree or user), but there is any other
way to specify more than one group globally?
Thanks
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To
Hi,
Did you try change the log level?
HKEY_LOCAL_MACHINE\SOFTWARE\PasswordSync
Change LogLevel to 1 (If Im not wrong, the default is 0).
Restart the service and check de log again.
Hope that helps.
On Wed, Dec 20, 2017 at 6:28 PM, Geoff Hardin
wrote:
> We are
Thanks a lot for you both.
Cheers,
Alberto Viana
On Thu, Sep 7, 2017 at 5:30 AM, Ludwig Krispenz <lkris...@redhat.com> wrote:
>
> On 09/07/2017 02:25 AM, William Brown wrote:
>
> On Wed, 2017-09-06 at 16:55 -0300, Alberto Viana wrote:
>
> Hi Folks,
>
> 389-Directory/
Hi Kirk
I think that in newer versions of 389 you need a special permission to
adding already hashed passwords or change user password scheme:
http://www.port389.org/docs/389ds/design/password-administrator.html
Hope that helps you.
Cheers,
Alberto Viana
On Tue, Aug 29, 2017 at 4:48 PM, Kirk
Hi,
I'm testing version 1.3.7.1:
~# ns-slapd -v
389 Project
389-Directory/1.3.7.1.20170714gitecd2588 B2017.195.1935
And using 389 console there is no NetscapeRoot option under Replication
(ony userRoot), is it an expected behavior?
Thanks
___
Anyone else that could point me why is this happening?
On Tue, Jul 11, 2017 at 9:08 PM, William Brown <wibr...@redhat.com> wrote:
> On Mon, 2017-07-10 at 16:39 -0300, Alberto Viana wrote:
> > William,
> >
> > Yes, there's a flag on AD that forces users to reset the
(-levent), my workaround was to add it
manually:
LIBS=-levent ./configure
I'm not sure if is an expected behavior, but anyway I just want to share my
workaround.
Cheers,
Alberto Viana
___
389-users mailing list -- 389-users@lists.fedoraproject.org
nk that is the same behavior of 389 plugin, am I right?)
On Tue, Jul 4, 2017 at 9:10 PM, William Brown <wibr...@redhat.com> wrote:
> On Mon, 2017-07-03 at 11:21 -0300, Alberto Viana wrote:
> > I have a replication setup (389 and AD):
> >
> >
> > 389-Directory/1.3
I have a replication setup (389 and AD):
389-Directory/1.3.2.19 B2014.201.1231
We are implementing password police on both side (and password expiration).
When the account has expired on AD side (It means that on AD side I have
the flag "user must change password" set on an user) , when I try
at 10:33 PM, William Brown <wibr...@redhat.com> wrote:
> On Fri, 2017-06-02 at 10:36 -0300, Alberto Viana wrote:
> > William,
> >
> > I do nothing hehehehe, what I mean that I just ignore the errors :)
> >
> > Here's my agreement:
> >
>
I have been using 389 for a while and so far my replication strategy is:
389 <=> AD
Replicating whole domain
dc=my,dc=domain
- OU=user
-user1
-user2
- OU=people
-user1
-user2
- OU=apps
-user1
-user2
- OU=externos
-user1
-user2
...
But this specific "OU=externos"
-console, everything works fine.
Analysing the nsPwPolicyContainer and nsPwTemplateEntry created by both
methods I could not find any difference.
The exactly same thing happens on 1.3.4.11, so is that a script problem?
Should I file a ticket anyway?
Thanks
Alberto Viana
On Wed, Nov 16, 2016 at 10
Hi,
Anyone? I really need some help on this.
Thanks
On Fri, Nov 4, 2016 at 1:01 PM, Alberto Viana <alberto...@gmail.com> wrote:
> Hi,
>
> Just to explain better what I need:
>
> Enforce a global password policy with password expiration but disable for
> some spe
Hi,
Just to explain better what I need:
Enforce a global password policy with password expiration but disable for
some specifics OUs (just disable the password expiration).
On Fri, Nov 4, 2016 at 12:54 PM, Alberto Viana <alberto...@gmail.com> wrote:
> Hi,
>
> 389-ds: 1.3.
Hi,
389-ds: 1.3.4.11
What I Need:
Enforce a global password policy but disable for some specifics OUs.
Doc:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html-single/Administration_Guide/index.html#User_Account_Management-Managing_the_Password_Policy
Everything was
Todor,
Off course, but I started it today, so maybe I will finish in next week,
please send a email directly to me so I can remember :)
Cheers,
Alberto Viana
On Thu, Nov 3, 2016 at 10:16 AM, Todor Petkov <petkovpto...@gmail.com>
wrote:
> On Thu, Nov 3, 2016 at 2:13 PM, Alberto Viana
I'm also working on it right now and using perl to do that, so I used
filter (objectclass=ntUser) and requesting the passwordExpirationTime
attribute like this:
filter => "objectclass=ntUser",
attrs => ["entrydn","mail","passwordExpirationTime"],
);
In my case, I prefer rather than write
I already tested it, and works as expected,
Thanks.
On Tue, Oct 25, 2016 at 2:24 PM, Alberto Viana <alberto...@gmail.com> wrote:
> Mark,
>
> Thanks, I will try on it.
>
> One more question, and what about changing password through winsync plugin?
>
> On Tue, Oc
Mark,
Thanks, I will try on it.
One more question, and what about changing password through winsync plugin?
On Tue, Oct 25, 2016 at 1:21 PM, Mark Reynolds <marey...@redhat.com> wrote:
>
>
> On 10/25/2016 11:10 AM, Mark Reynolds wrote:
>
>
>
> On 10/25/2016 10
just in AD side with users: Full sync ok*
*If you need any other info, please let me know.*
On Tue, May 17, 2016 at 2:54 PM, Noriko Hosoi <nho...@redhat.com> wrote:
> Thank you for your input, Alberto.
>
> On 05/17/2016 07:38 AM, Alberto Viana wrote:
>
> Rich,
>
&
Megginson <rmegg...@redhat.com>
wrote:
> On 05/17/2016 08:01 AM, Alberto Viana wrote:
>
> Noriko,
>
> Just to let you know, after I replicated/created the exactly same OU
> structure on both side, the replication seems to works fine. I'm still not
> sure that is the e
logdb/169ce382-1b9011e6-91ddc5b4-dc63c95a_55c88d9900c8.db
On Tue, May 17, 2016 at 10:08 AM, Alberto Viana <alberto...@gmail.com>
wrote:
> Noriko,
>
> *Did you use the same version of 389-ds-base against AD on 2008 R2 and
> 2012 R2?*
> *389-Directory/1.3.4.8 <
n my production environment I have:*
*389-ds-base 1.3.2.19 + Windows 2008 r2*
On Mon, May 16, 2016 at 6:02 PM, Noriko Hosoi <nho...@redhat.com> wrote:
> On 05/16/2016 01:01 PM, Alberto Viana wrote:
>
> I'm trying to setup a new scenario with 389 and AD 2012 R2 (So far I'm
> usi
I'm trying to setup a new scenario with 389 and AD 2012 R2 (So far I'm
using with AD 2008 R2 and everything works fine).
389-Directory/1.3.4.8 B2016.063.1654
Windows 2012 R2 64bits
After configure the AD replication and Initiate a full sync, it starts to
do some entries and I got the
: on
and confirmed that my server is only accepting TLS connections
Also tried to delete nsssl3ciphers:
dn: cn=encryption,cn=config
changetype: modify
delete: nsssl3ciphers
But it comes back.
Why I'm still getting these warnings even after to disable nsSSL2 and
nsSSL3?
Thanks
Alberto Viana
--
389 users
1 - 100 of 140 matches
Mail list logo