[389-users] groupOfURLS, groupOfUniqueNames, and memberURL issues
Hello Everyone, I've been banging my head against this one for a few hours and was hoping for some input. I have a group: dn: cn=mxadmins,cn=groups,cn=accounts,dc=int,dc= example,dc=com memberURL: ldap:///cn=users,cn=accounts,dc=int,dc= example,dc =com??sub?(ou=Supervisor) cn: mxadmins description: MX administrators group objectClass: top objectClass: groupOfUniqueNames objectClass: groupOfURLs From the documentation I've read, there shouldn't be much more I need to then query that group and pull all the unique members into the list, but unfortunately I'm not getting the results I /think/ I should. I'm running an older version of DS: 389 Project 389-Directory/1.2.5 B2010.012.2024 Perhaps that's part of the issue, but if anyone can help point me in the right direction it would be greatly appreciated. Nick Cappelletti n...@switchtower.com -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] Clients freezing during boot
Hi I have been running 389 dir server for around 8 months now, recently whenever I restart or setup a new machine and connect it to the 389 server using the same settings as the other servers it will freeze during startup at INIT, I am using an IP in my config files. Once I remove ldap from nsswitch.conf the servers all boot normally, I did restart the ldap server and I am sure it is not a firewall issue. Any input please ? Regards -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] ACI help
How you applied this rule in DS? I mean on what objects you applied it. Full dn will be good. You should put this on container nearest to objects that this rule should apply. Maybe simple ldif of trying edit description will be helpfull, also ldif showing that user you used is in this group. The best guide for me was red hat directory serve guide (there is chapter for ACIs with a lot of examples). You can find it on red hat docs. Greg. 17 wrz 2012 13:58, "Josh Ellsworth" napisaĆ(a): > I am trying to grant a specific group the ability to edit one attribute. > I have the following ACI in place with no success: > > ** ** > > (targetattr ="description")(version 3.0;acl "evolvadmins description > modify";allow(all) (groupdn = > "ldap:///cn=evolvadmins,ou=Groups,dc=evolv,dc=com";);) > > ** ** > > Any ideas what I need to do? Any good guides to troubleshooting and > writing ACIs? > > ** ** > > Josh > > ** ** > > -- > > Joshua Ellsworth > > Senior Systems Administrator, Primatics Financial > > Phone: 571.765.7528 > > jellswo...@primaticsfinancial.com > > ** ** > > -- > 389 users mailing list > 389-users@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] ACI help
I am trying to grant a specific group the ability to edit one attribute. I have the following ACI in place with no success: (targetattr ="description")(version 3.0;acl "evolvadmins description modify";allow(all) (groupdn = "ldap:///cn=evolvadmins,ou=Groups,dc=evolv,dc=com";);) Any ideas what I need to do? Any good guides to troubleshooting and writing ACIs? Josh -- Joshua Ellsworth Senior Systems Administrator, Primatics Financial Phone: 571.765.7528 jellswo...@primaticsfinancial.com -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users