[389-users] Re: Reminder - how to unsubscribe yourself

Hi Mark, I don't think so, it's say to send an email to the list hehehe [image: 389.png] Or at least it's not clear if others links can do that, so I assume that's why everyone just sends an email. Cheers, Alberto Viana On Tue, Oct 4, 2022 at 11:29 AM Mark Reynolds wrote: > There have b

[389-users] Re: aci doubt

Ludwig, Sorry, After I read again, I understood what he meant, everything is working fine. Thanks On Mon, Sep 28, 2020 at 10:23 AM Ludwig Krispenz wrote: > > On 28.09.20 14:56, Alberto Viana wrote: > > William, > > I don't think thatś the way to do that: > > add

[389-users] aci doubt

.viana and the attributes that acis allows but if I do: ldapsearch -b "dc=rnp,dc=local" -W -D "uid=myuser" objectclass=* returns me nothing. Thanks!! Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To

[389-users] Re: Change TLS protocol

Mark, One last doubt, what about TLS 1.3? 389 already supports it? Thanks Alberto Viana On Wed, Apr 29, 2020 at 12:42 PM Mark Reynolds wrote: > This is a known problem. We moved the default minimum to TLS 1.2 (from > 1.0), but it's not working correctly and it will not allow you to s

[389-users] Re: replication problems

Hi Guys, One last doubt, I saw that was pushed into master branch, what about others branches? Thanks Alberto Viana On Mon, May 11, 2020 at 12:55 PM thierry bordaz wrote: > Hi Alberto, > > The upstream ticket is https://pagure.io/389-ds-base/issue/51082 with a > pending PR

[389-users] Re: replication problems

Hi Thierry, So I think this is good news. Once I'm waiting for a fix and affects my production servers (high availability), can you post here the ticket so I can follow up the fix? I will check out and read about the asan. Thanks a lot. Alberto Viana On Mon, May 11, 2020 at 10:21 AM thierry

[389-users] Re: replication problems

William, It's suppose to be production, but once it's not working (the replication) I just left one 389 as main server, so I can do any test as I want. I have no idea how to do that, can you point me in the right direction? Thanks Alberto Viana On Thu, May 7, 2020 at 9:09 PM William Brown

[389-users] Re: replication problems

um < VALUESET_ARRAY_SORT_THRESHOLD) || ((vs->num >= VALUESET_ARRAY_SORT_THRESHOLD) && (vs->sorted[0] < vs->num))); (gdb) print vs->sorted@21 $1 = {0x7fffb0023ad0, 0x7fffb0022b50, 0x4, 0x6c7e80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffb0023c00, 0x7fffb00247c0, 0x0, 0x0, 0x0, 0x25, 0x664

[389-users] Re: pwadmin not working

William, I'm just a little bit confused about pwadmin concept vs nsslapd-allow-hashed-passwords. Once I turned on nsslapd-allow-hashed-passwords, it's no supposed to only users in my pwadmin(group/users) to be allowed to add pre-hashed password? Thanks Alberto Viana On Wed, May 6, 2020 at 7:56

[389-users] Re: pwadmin not working

William, Set nsslapd-allow-hashed-passwords and pwadmin in global policy works as expected. Thanks again. Alberto Viana On Tue, May 5, 2020 at 9:22 PM Alberto Viana wrote: > William, > > I will try it tomorrow, but a reference about > "nsslapd-allow-hashed-pass

[389-users] Re: replication problems

vs->sorted[0] < vs->num))); (gdb) print *vs->sorted@21 $1 = {18446744073709551615 } Everything has been a quite chaotic to me too. Thanks Alberto Viana On Tue, May 5, 2020 at 10:38 PM William Brown wrote: > So reading these frames, it's likely that this is the as

[389-users] Re: pwadmin not working

William, I will try it tomorrow, but a reference about "nsslapd-allow-hashed-passwords" in https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/password_administrators make senses to me. Thanks anyway. Alberto Viana On Tue, May 5, 2020

[389-users] Re: pwadmin not working

Viana On Tue, May 5, 2020 at 7:57 PM William Brown wrote: > > > > On 6 May 2020, at 04:33, Alberto Viana wrote: > > > > additional info: invalid password syntax - passwords with storage scheme > are not allowed > > > > > This line here is saying that y

[389-users] pwadmin not working

Hi Guys, 389 1.4.2.8 pwadmin is not working as expected: dsconf RNP pwpolicy set --pwdadmin cn=GRP_SRV_PREHASHED_PASSWORD,dc=my,dc=domain In an specific OU, this user has the following permissions: dn: OU=POP-PA,dc=my,dc=domain aci: (targetattr="brPersonCPF || schacDateOfBirth ||

[389-users] Change TLS protocol

nit2 - NSS adjusted SSL version range: min: TLS1.2, max: TLS1.2 This last try was setting to --tls-protocol-min="TLS1.1" Thanks Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an e

[389-users] Re: replication problems

William, Here's: Frame9: https://gist.github.com/albertocrj/87bf4a010bf2f7e1f97ef3ee72ee44df Frame7: https://gist.github.com/albertocrj/840f15e5df10cad0e2977cd030abdba4 Frame6: https://gist.github.com/albertocrj/befb7144b86bc4af86b9a2e0be0293a1 Thank you Alberto Viana On Wed, Apr 22, 2020

[389-users] Re: replication problems

x7fff840247c0, a_mr_eq_plugin = 0x0, a_mr_ord_plugin = 0x0, a_mr_sub_plugin = 0x0} (gdb) print *a->a_present_values Structure has no component named operator*. (gdb) print *a->a_present_values.va[0] Thanks, Alberto Viana On Wed, Apr 22, 2020 at 4:57 PM Mark Reynolds wrote: > Goto frame

[389-users] Re: replication problems

? Thanks On Wed, Apr 22, 2020 at 4:34 PM Mark Reynolds wrote: > > On 4/22/20 3:27 PM, Alberto Viana wrote: > > Mark, > > Here's: > (gdb) where > #0 0x7455399f in raise () at /lib64/libc.so.6 > #1 0x7453dcf5 in abort () at /lib64/libc.so.6 > #2 0

[389-users] Re: replication problems

dap/servers/slapd/connection.c:1767 #17 0x7544a568 in _pt_root () at /lib64/libnspr4.so #18 0x74de52de in start_thread () at /lib64/libpthread.so.0 #19 0x746184b3 in clone () at /lib64/libc.so.6 (gdb) print *vs->sorted[0] Cannot access memory at address 0xfff

[389-users] Re: replication problems

vs->sorted[0] < vs->num))); (gdb) print *vs $1 = {num = 21, max = 32, sorted = 0x7fff8c023ad0, va = 0x7fff8c022b50} Thanks, Alberto Viana On Sun, Apr 19, 2020 at 8:52 PM William Brown wrote: > > > > On 18 Apr 2020, at 02:55, Alberto Viana wrote: > > > > Hi Guy

[389-users] Re: replication problems

: https://gist.github.com/albertocrj/4d74732e4e357fbc5a27296199127a62 https://gist.github.com/albertocrj/94fc3521024c7a508f1726923936e476 Do you guys need something else? Thanks Alberto Viana On Tue, Mar 31, 2020 at 8:03 PM William Brown wrote: > > > > On 1 Apr 2020, at

[389-users] replication problems

DB RUV needs to be updated Even after restart the service the problem persists, I have to disable and re-enable replication (and replication agr) on both sides, it works for some time, and the problem comes back. Any tips? Thanks Alberto Viana ___ 389

[389-users] Re: cockpit doubt, or rebuild Cockpit plugin

wonder like William if there's no "smart" way to check if already has 389 in the system. Thanks anyway. Alberto Viana On Tue, Mar 3, 2020 at 9:32 PM William Brown wrote: > > > > On 4 Mar 2020, at 04:07, Mark Reynolds wrote: > > > > > > &g

[389-users] cockpit doubt

Hi Guys, I'm testing some versions of 389 and I realise that in newer versions, cockpit stopped to work to me: *There is no 389-ds-base package installed on this system. Sorry there is nothing to manage...* In my case (due to internal reasons) we compile our version of 389. Is this an expected

[389-users] Re: winsync password problems

Mark, Yes, it solves the problem. Can you explain what exactly that config does? It's suppose to be on? Found some old CVE about it and just want to be sure about what I'm doing. Thanks Alberto Viana On Fri, Feb 28, 2020 at 12:39 PM Mark Reynolds wrote: > Alberto, > > We m

[389-users] Re: winsync password problems

Mark > On 2/19/20 8:01 AM, Alberto Viana wrote: > > WIlliam, > > Would be helpful if I provide to you guys a test environment? It's not > hard for me to do that. > > I'm really interesting in find out what is going on and some other > projects over here are depending on my

[389-users] Re: winsync password problems

Hi Guys, Setup another environment 389 1.4.1.14 + windows 2016, still not working, exactly the same behavior. :/ Cheers, Alberto Viana On Wed, Jan 29, 2020 at 8:19 PM Alberto Viana wrote: > William, > > Yes, *other* attributes are replicated to AD normally (in all versions > t

[389-users] Re: winsync password problems

ing with same behavior, just the password is not sent from 389 to AD. In all versions, attributes are replicated(except password) from 389 to AD, and everything is working fine from AD to 389. Please let me know if need some more info. Thanks Alberto Viana On Wed, Jan 29, 2020 at 5:24 PM Mark Reyno

[389-users] Re: winsync password problems

Reynolds wrote: > > On 1/29/20 12:17 PM, Alberto Viana wrote: > > Mark, > > Already did that twice hehehehe > > Do you think that's about config once all attributes except password are > sync'ed to AD? If it's about config, the log does not suppose to show > something?

[389-users] Re: winsync password problems

> make sure you have everything setup correctly: > > > https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/managing_the_password_policy-synchronizing_passwords > > HTH, > > Mark > On 1/29/20 10:22 AM, Alberto Viana wrote: >

[389-users] Re: winsync password problems

king on event viewer. Another thing that when I used to change the password, the passync always intercepts the change and tries to send back the (same) password and it's not happening. Please let me know if you anything else. On Tue, Jan 28, 2020 at 9:40 PM Alberto Viana wrote: > Willia

[389-users] Re: winsync password problems

, the passync always intercepts the change and tries to send back the (same) password and it's not happening. Please let me know if you anything else. Thanks On Tue, Jan 28, 2020 at 9:31 PM William Brown wrote: > > > > On 29 Jan 2020, at 10:15, Alberto Viana wrote: > > &g

[389-users] Re: winsync password problems

, the passync always intercepts the change and tries to send back the (same) password and it's not happening. Please let me know if you anything else. Thanks On Tue, Jan 28, 2020 at 9:31 PM William Brown wrote: > > > > On 29 Jan 2020, at 10:15, Alberto Viana wrote: > > &g

[389-users] Re: winsync password problems

ot; Where should I do that? Do you need further information? Thanks Alberto Viana On Tue, Jan 28, 2020 at 9:09 PM William Brown wrote: > > > > On 29 Jan 2020, at 10:01, Alberto Viana wrote: > > > > WIlliam, > > > > Thanks, I put in my company's roadmap to t

[389-users] Re: winsync password problems

wrote: > > > > On 29 Jan 2020, at 09:24, Alberto Viana wrote: > > > > Hey Guys, > > > > Really lost here, don't know what else look or test, it's not working at > all :/ > > Hey there, > > Remember, the team is distributed around the world - I'm

[389-users] Re: winsync password problems

Hey Guys, Really lost here, don't know what else look or test, it's not working at all :/ Any help is appreciated Thanks On Tue, Jan 28, 2020 at 3:48 PM Alberto Viana wrote: > Hi Guys, > 389-Directory/1.4.3.2 > > > The password sync from 389 to windows(2012) is not working: &

[389-users] winsync password problems

2493302 -0300] - DEBUG - NSMMReplicationPlugin - ruv_update_ruv - Successfully committed csn 5e3079ed00040064 [28/Jan/2020:15:14:05.394086821 -0300] - DEBUG - NSMMReplicationPlugin - ruv_update_ruv - Rolled up to csn 5e3079ed00040064 [28/Jan/2020:15:14:05.395428297 -0300] - DEBUG - NSMMReplicationPlugin -

[389-users] Re: healthcheck problems

Mark, # make -f rpm.mk rpms # cd dist/rpms Just like you (I think) hehehe For me, not a big deal anyway. Thanks Alberto Viana On Thu, Jan 23, 2020 at 4:34 PM Mark Reynolds wrote: > > On 1/23/20 1:17 PM, Alberto Viana wrote: > > Mark, > > I using pyth

[389-users] cockpit ui problem

a ticket? Thanks Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List

[389-users] Re: DB problems

the problem and maybe give you guys more logs (or trace it). Thanks Alberto Viana On Sun, Jan 19, 2020 at 9:43 PM William Brown wrote: > I'd like to confirm with you if you are able to check this machines memory > or filesystem as clean. This kind of corruption concerns me, and could have >

[389-users] Re: DB problems

--. 2 dirsrv dirsrv 4.0K Jan 17 12:04 userroot Thanks On Fri, Jan 17, 2020 at 12:49 PM Mark Reynolds wrote: > > On 1/17/20 10:25 AM, Alberto Viana wrote: > > Mark, > > There's nothing else in the log. > > There's no file like /var/lib/dirsrv/slapd-YOUR_INSTANCE/

[389-users] Re: DB problems

Mark, There's nothing else in the log. There's no file like /var/lib/dirsrv/slapd-YOUR_INSTANCE/db/__db.* also tried a db_recover but without success. Do you recommend to downgrade my version? Thanks On Fri, Jan 17, 2020 at 12:08 PM Mark Reynolds wrote: > > On 1/17/20 9:55 AM, A

[389-users] DB problems

Hi Guys, 389-Directory/1.4.3.1.20200116git4f9aafca9 Start to get this error: [17/Jan/2020:11:49:56.436658541 -0300] - NOTICE - bdb_start - Detected Disorderly Shutdown last time Directory Server was running, recovering database. And 389 do not start anymore. Thanks

[389-users] Re: dsconf and dsctl bugs

Mark, I wait for the commits to build my package again. Thanks!! Alberto Viana On Thu, Jan 16, 2020 at 4:44 PM Mark Reynolds wrote: > > On 1/16/20 2:25 PM, Alberto Viana wrote: > > Hi Guys, > > 389-Directory/1.4.3.1.20200116git4f9aafca9 B2020.016.1843 > p

[389-users] dsconf and dsctl bugs

Hi Guys, 389-Directory/1.4.3.1.20200116git4f9aafca9 B2020.016.1843 python3-lib389-1.4.3.1-20200116gita08202a5b.el8.noarch *dsconf*: If I try to create an instance got this error: DEBUG: name 'ensure_list_str' is not defined Traceback (most recent call last): File "/usr/sbin/dscreate", line

[389-users] Re: healthcheck problems

Mark, Thanks, I'm now building the packages as well. Alberto Viana On Mon, Jan 13, 2020 at 4:58 PM Mark Reynolds wrote: > > On 1/13/20 2:56 PM, Alberto Viana wrote: > > Mark, > > Just to let you know, I'm cloning pagure repo and in /src/lib389 the > VERSION file poin

[389-users] Re: healthcheck problems

Mark, Just to let you know, I'm cloning pagure repo and in /src/lib389 the VERSION file points me to this version: ~# cat VERSION 1.0.4 Thanks Alberto Viana On Mon, Jan 13, 2020 at 4:48 PM Alberto Viana wrote: > Mark, > > I'm installing it from source, to install lib389 I run: >

[389-users] Re: healthcheck problems

Mark, I'm installing it from source, to install lib389 I run: make lib389-install Am I missing something? Thanks Alberto Viana On Mon, Jan 13, 2020 at 4:36 PM Mark Reynolds wrote: > > On 1/13/20 2:24 PM, Alberto Viana wrote: > > Mark, > > Here's: > > INFO: Chec

[389-users] Re: healthcheck problems

dError: [Errno 2] No such file or directory: '/etc/dirsrv/slapd-{instance_name}/dse.ldif' ERROR: Error: [Errno 2] No such file or directory: '/etc/dirsrv/slapd-{instance_name}/dse.ldif' Thanks. Alberto Viana On Mon, Jan 13, 2020 at 4:19 PM Mark Reynolds wrote: > > On 1/13/20 2:07

[389-users] healthcheck problems

ReferentialIntegrityPlugin ... Checking MonitorDiskSpace ... Checking Replica ... Checking Changelog5 ... Checking DSEldif ... Error: [Errno 2] No such file or directory: '/etc/dirsrv/slapd-{instance_name}/dse.ldif' Is that a bug? Thanks Alberto Viana ___ 389-users mailing

[389-users] Re: Attribute encryption issue

the installation) the 389 starts to show this error in log. Seems that 389 works fine even with this error in log and I didn't try anything to correct it. Cheers, Alberto Viana On Fri, Jan 10, 2020 at 8:55 PM Mark Reynolds wrote: > > On 1/10/20 6:48 PM, Iain Morgan wrote:

[389-users] Re: 389 centOS8 selinux issues

gt; On 9 Jan 2020, at 10:13, Alberto Viana wrote: > > > > William, > > > > Build 389 by myself. Also created and loaded an selinux module allowing > the needed permissions. I Just wonder if is the right/best way to do that > and if is an expected behavior. > > C

[389-users] Re: 389 centOS8 selinux issues

William, Build 389 by myself. Also created and loaded an selinux module allowing the needed permissions. I Just wonder if is the right/best way to do that and if is an expected behavior. Thanks Alberto Viana On Wed, Jan 8, 2020, 20:58 William Brown wrote: > > > > On 9 Jan 20

[389-users] 389 centOS8 selinux issues

with this? Thanks Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List

[389-users] Re: selinux doubts

William, It's clear to me. I will try centos8 :) Thanks. Alberto VIana On Thu, Dec 19, 2019 at 2:50 AM William Brown wrote: > > > > On 19 Dec 2019, at 08:09, Alberto Viana wrote: > > > > Mark, > > > > Seems that's not going to be so easy hehehe:

[389-users] Re: selinux doubts

://bugzilla.redhat.com/show_bug.cgi?id=1756015 https://bugzilla.redhat.com/show_bug.cgi?id=1719978 Seems to me there's no solution at this point, Am I right? Thanks On Wed, Dec 18, 2019 at 6:20 PM Mark Reynolds wrote: > > On 12/18/19 4:05 PM, Alberto Viana wrote: > > Mark,

[389-users] Re: selinux doubts

cense: MIT license May be am I missing this lib(python3-libselinux)? On Wed, Dec 18, 2019 at 5:39 PM Mark Reynolds wrote: > > On 12/18/19 3:21 PM, Alberto Viana wrote: > > Hi Guys, > > I compiled my 389 with selinux enabled (--with-selinux): > > configure:21564: check

[389-users] selinux doubts

on the system ~# getenforce Enforcing Centos7 # ns-slapd -v 389 Project 389-Directory/1.4.2.4 B2019.352.1557 What am I missing? Could not found any related doc at 389 or rhds pages. Thanks. Alberto Viana ___ 389-users mailing list -- 389-users

[389-users] Re: dsconf problems

Hi Mark, No problems at all, the idea is to contribute to the project. Thanks!! Alberto Viana On Mon, Dec 16, 2019 at 12:19 PM Mark Reynolds wrote: > > On 12/16/19 10:13 AM, Alberto Viana wrote: > > Hi Guys, > > I'm trying to config and enable uniqueness attribute plugin:

[389-users] dsconf problems

Hi Guys, I'm trying to config and enable uniqueness attribute plugin: ~# dsconf RNP plugin attr-uniq add "uid-test" --attr-name uid Successfully created the cn=uid-test,cn=plugins,cn=config if I try to enable it: ~# dsconf RNP plugin attr-uniq enable uid-test Error: 'Namespace' object has no

[389-users] cockpit plugin doubts

Hi Guys, In the old 389-console was possible to manage remote instances (installations in different machines) and what about in new UI? Should I install a cockpit plugin to each 389 machine in my environment? Any docs about it? Thanks Alberto Viana

[389-users] cockpit handlebars warning (npm)

This may allow attackers to crash the application or execute Arbitrary Code in specific conditions.", "recommendation": "Upgrade to version 4.5.3 or later.", I had to update package-lock.json pointing to the latest version of handlebars(4.5.3) in order to install it. Just

[389-users] Re: cockpit problems

, Alberto Viana On Thu, Dec 12, 2019 at 1:29 PM Viktor Ashirov wrote: > Hi, > > > On Thu, Dec 12, 2019 at 5:18 PM Alberto Viana > wrote: > >> Hi Guys, >> >> I have installed 389 from source (389-Directory/1.4.2.4 B2019.344.19) >> >> Installed

[389-users] cockpit problems

---. 2 dirsrv dirsrv 155 Dec 9 17:25 ssca Also tried to disable selinux, but the behavior is the same. What am I missing? How can I debug it? Thanks Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send a

[389-users] Re: import userRoot: Skipping entry "XXXXXXXXXXX" which has no parent, ending at line 0 of file "(bulk import)"

Hi Guys, Recently I had the same issue and I copied the database backup from one server to another and used ldif2db.pl to import it and worked fine. After that, the replication works fine. Hope that helps you. On Wed, Mar 6, 2019 at 5:24 PM Jason Jenkins wrote: > Thanks. I'll give that a try.

[389-users] Re: Referential Integrity and moving subtree to another parent fails

I'm facing a very similar problem, my version: 389-Directory/1.3.7.4.20170912git26a9426 So, it's probably you right, maybe It's a 1.3.x problem. In my case, I disabled the plugin until I can upgrade my 389 version. On Fri, Feb 22, 2019 at 1:07 AM William Brown wrote: > Okay, I did this with a

[389-users] Track constraint violation due password policy

Hi Guys, There's any way to log or track constraint violation reason? Once We have 2 environments I need to track when an user could change password on windows side but this password could not be replicated to 389 due to password policy . I can see this on passsync log: 10/30/18 18:43:38:

[389-users] Re: error moving an user

, Sep 28, 2018 at 4:00 PM Kreuzenstein, Luke (OIT) < luke.kreuzenst...@alaska.gov> wrote: > >>> From: "Alberto Viana" > >>> To: "General discussion list for the 389 Directory server project." > <389-users@lists.fedoraproject.org> >

[389-users] Re: password policy

I saw that in the Doc, it now working fine. Thanks a lot. On Thu, Sep 27, 2018 at 12:18 PM Mark Reynolds wrote: > > > On 09/26/2018 04:15 PM, Mark Reynolds wrote: > > > > On 09/26/2018 03:51 PM, Alberto Viana wrote: > > Hi Mark, > > I already have this con

[389-users] Re: password policy

d_administrators > > HTH, > > Mark > > On 09/26/2018 02:31 PM, Alberto Viana wrote: > > I have a password applied globally like this: > > dn: > cn=cn\3DnsPwPolicyEntry\2CDC\3Dmy\2CDC\3Ddomain,cn=nsPwPolicyContainer,dc= > my,dc=domain > passwordLockout: off > p

[389-users] password policy

I have a password applied globally like this: dn: cn=cn\3DnsPwPolicyEntry\2CDC\3Dmy\2CDC\3Ddomain,cn=nsPwPolicyContainer,dc= my,dc=domain passwordLockout: off passwordGraceLimit: 50 passwordWarning: 86400 passwordInHistory: 3 passwordMinLength: 8 passwordMinCategories: 3 passwordStorageScheme:

[389-users] Debug password check syntax

Hi Guys, I'm testing the password policy and want to debug it. Basically I'm trying so set a valid password (based on my password policy) and 389 returns to me "19: Constraint violation" What should be nsslapd-errorlog-level to debug it? Thanks ___

[389-users] Re: error moving an user

dn: cn=config > changetype: modify > replace: nsslapd-errorlog-level > nsslapd-errorlog-level: 16385 > EOF > > Thanks, > Simon > > - Original Message - > > From: "Alberto Viana" <alberto...@gmail.com> > > To: "General discussion list for

[389-users] Re: error moving an user

Anyone? Any clues? On Tue, Mar 20, 2018 at 2:15 PM, Alberto Viana <alberto...@gmail.com> wrote: > Hey Guys, > > 389 version: 389-Directory/1.3.7.4.20170912git26a9426 B2017.255.1330 > > I'm trying to move one of my users to another OU and I see this kind of > error: >

[389-users] error moving an user

Hey Guys, 389 version: 389-Directory/1.3.7.4.20170912git26a9426 B2017.255.1330 I'm trying to move one of my users to another OU and I see this kind of error: Error while moving entry - [LDAP: error code 1 - Operations Error] java.lang.Exception: [LDAP: error code 1 - Operations Error] at In

[389-users] password administrator

Hi Guys, Can I set multiple groups in passwordAdminDN? I know that I can set per policy (subtree or user), but there is any other way to specify more than one group globally? Thanks ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To

[389-users] Re: 389 PassSync 1.1.7 and WIndows Server 2012R2

Hi, Did you try change the log level? HKEY_LOCAL_MACHINE\SOFTWARE\PasswordSync Change LogLevel to 1 (If Im not wrong, the default is 0). Restart the service and check de log again. Hope that helps. On Wed, Dec 20, 2017 at 6:28 PM, Geoff Hardin wrote: > We are

[389-users] Re: ACI help

Thanks a lot for you both. Cheers, Alberto Viana On Thu, Sep 7, 2017 at 5:30 AM, Ludwig Krispenz <lkris...@redhat.com> wrote: > > On 09/07/2017 02:25 AM, William Brown wrote: > > On Wed, 2017-09-06 at 16:55 -0300, Alberto Viana wrote: > > Hi Folks, > > 389-Directory/

[389-users] Re: LDAP: error code 19 - invalid password syntax - passwords with storage scheme are not allowed

Hi Kirk I think that in newer versions of 389 you need a special permission to adding already hashed passwords or change user password scheme: http://www.port389.org/docs/389ds/design/password-administrator.html Hope that helps you. Cheers, Alberto Viana On Tue, Aug 29, 2017 at 4:48 PM, Kirk

[389-users] No NetscapeRoot under Replication

Hi, I'm testing version 1.3.7.1: ~# ns-slapd -v 389 Project 389-Directory/1.3.7.1.20170714gitecd2588 B2017.195.1935 And using 389 console there is no NetscapeRoot option under Replication (ony userRoot), is it an expected behavior? Thanks ___

[389-users] Re: password replication

Anyone else that could point me why is this happening? On Tue, Jul 11, 2017 at 9:08 PM, William Brown <wibr...@redhat.com> wrote: > On Mon, 2017-07-10 at 16:39 -0300, Alberto Viana wrote: > > William, > > > > Yes, there's a flag on AD that forces users to reset the

[389-users] compiling 389-ds 3.6(or newer) on ubuntu 16.04

(-levent), my workaround was to add it manually: LIBS=-levent ./configure I'm not sure if is an expected behavior, but anyway I just want to share my workaround. Cheers, Alberto Viana ___ 389-users mailing list -- 389-users@lists.fedoraproject.org

[389-users] Re: password replication

nk that is the same behavior of 389 plugin, am I right?) On Tue, Jul 4, 2017 at 9:10 PM, William Brown <wibr...@redhat.com> wrote: > On Mon, 2017-07-03 at 11:21 -0300, Alberto Viana wrote: > > I have a replication setup (389 and AD): > > > > > > 389-Directory/1.3

[389-users] password replication

I have a replication setup (389 and AD): 389-Directory/1.3.2.19 B2014.201.1231 We are implementing password police on both side (and password expiration). When the account has expired on AD side (It means that on AD side I have the flag "user must change password" set on an user) , when I try

[389-users] Re: Replication strategy

at 10:33 PM, William Brown <wibr...@redhat.com> wrote: > On Fri, 2017-06-02 at 10:36 -0300, Alberto Viana wrote: > > William, > > > > I do nothing hehehehe, what I mean that I just ignore the errors :) > > > > Here's my agreement: > > >

[389-users] Replication strategy

I have been using 389 for a while and so far my replication strategy is: 389 <=> AD Replicating whole domain dc=my,dc=domain - OU=user -user1 -user2 - OU=people -user1 -user2 - OU=apps -user1 -user2 - OU=externos -user1 -user2 ... But this specific "OU=externos"

[389-users] Re: subtree password policy problems

-console, everything works fine. Analysing the nsPwPolicyContainer and nsPwTemplateEntry created by both methods I could not find any difference. The exactly same thing happens on 1.3.4.11, so is that a script problem? Should I file a ticket anyway? Thanks Alberto Viana On Wed, Nov 16, 2016 at 10

[389-users] Re: subtree password policy problems

Hi, Anyone? I really need some help on this. Thanks On Fri, Nov 4, 2016 at 1:01 PM, Alberto Viana <alberto...@gmail.com> wrote: > Hi, > > Just to explain better what I need: > > Enforce a global password policy with password expiration but disable for > some spe

[389-users] Re: subtree password policy problems

Hi, Just to explain better what I need: Enforce a global password policy with password expiration but disable for some specifics OUs (just disable the password expiration). On Fri, Nov 4, 2016 at 12:54 PM, Alberto Viana <alberto...@gmail.com> wrote: > Hi, > > 389-ds: 1.3.

[389-users] subtree password policy problems

Hi, 389-ds: 1.3.4.11 What I Need: Enforce a global password policy but disable for some specifics OUs. Doc: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html-single/Administration_Guide/index.html#User_Account_Management-Managing_the_Password_Policy Everything was

[389-users] Re: Get user password expiration date

Todor, Off course, but I started it today, so maybe I will finish in next week, please send a email directly to me so I can remember :) Cheers, Alberto Viana On Thu, Nov 3, 2016 at 10:16 AM, Todor Petkov <petkovpto...@gmail.com> wrote: > On Thu, Nov 3, 2016 at 2:13 PM, Alberto Viana

[389-users] Re: Get user password expiration date

I'm also working on it right now and using perl to do that, so I used filter (objectclass=ntUser) and requesting the passwordExpirationTime attribute like this: filter => "objectclass=ntUser", attrs => ["entrydn","mail","passwordExpirationTime"], ); In my case, I prefer rather than write

[389-users] Re: Password expiration doubts

I already tested it, and works as expected, Thanks. On Tue, Oct 25, 2016 at 2:24 PM, Alberto Viana <alberto...@gmail.com> wrote: > Mark, > > Thanks, I will try on it. > > One more question, and what about changing password through winsync plugin? > > On Tue, Oc

[389-users] Re: Password expiration doubts

Mark, Thanks, I will try on it. One more question, and what about changing password through winsync plugin? On Tue, Oct 25, 2016 at 1:21 PM, Mark Reynolds <marey...@redhat.com> wrote: > > > On 10/25/2016 11:10 AM, Mark Reynolds wrote: > > > > On 10/25/2016 10

[389-users] Re: Sync problems with AD 2012 R2

just in AD side with users: Full sync ok* *If you need any other info, please let me know.* On Tue, May 17, 2016 at 2:54 PM, Noriko Hosoi <nho...@redhat.com> wrote: > Thank you for your input, Alberto. > > On 05/17/2016 07:38 AM, Alberto Viana wrote: > > Rich, > &

[389-users] Re: Sync problems with AD 2012 R2

Megginson <rmegg...@redhat.com> wrote: > On 05/17/2016 08:01 AM, Alberto Viana wrote: > > Noriko, > > Just to let you know, after I replicated/created the exactly same OU > structure on both side, the replication seems to works fine. I'm still not > sure that is the e

[389-users] Re: Sync problems with AD 2012 R2

logdb/169ce382-1b9011e6-91ddc5b4-dc63c95a_55c88d9900c8.db On Tue, May 17, 2016 at 10:08 AM, Alberto Viana <alberto...@gmail.com> wrote: > Noriko, > > *Did you use the same version of 389-ds-base against AD on 2008 R2 and > 2012 R2?* > *389-Directory/1.3.4.8 <

[389-users] Re: Sync problems with AD 2012 R2

n my production environment I have:* *389-ds-base 1.3.2.19 + Windows 2008 r2* On Mon, May 16, 2016 at 6:02 PM, Noriko Hosoi <nho...@redhat.com> wrote: > On 05/16/2016 01:01 PM, Alberto Viana wrote: > > I'm trying to setup a new scenario with 389 and AD 2012 R2 (So far I'm > usi

[389-users] Sync problems with AD 2012 R2

I'm trying to setup a new scenario with 389 and AD 2012 R2 (So far I'm using with AD 2008 R2 and everything works fine). 389-Directory/1.3.4.8 B2016.063.1654 Windows 2012 R2 64bits After configure the AD replication and Initiate a full sync, it starts to do some entries and I got the

[389-users] nsSSL3 warnings

: on and confirmed that my server is only accepting TLS connections Also tried to delete nsssl3ciphers: dn: cn=encryption,cn=config changetype: modify delete: nsssl3ciphers But it comes back. Why I'm still getting these warnings even after to disable nsSSL2 and nsSSL3? Thanks Alberto Viana -- 389 users

  1   2   >