[389-users] group issues
I have 2 389 DS with multimaster replicaton and one of them replicating (multimaster) with my AD server 389DS2 -- 389DS1 -- ADServer 389-Directory/1.2.10.12 AD Server 2008 R2 With 2 specific groups, for some reason that could not identify in my logs, all members are deleted (i'm not sure if the root cause is the 389DS or my AD). Can someone take a look on my log file and point me what is going on? I dont want to send my log to the list because that a lot of information of my users. Can I send direct to someone? Thanks a lot -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] group issues
I found the root cause, it's happens when I change a user from one OU to another on my windows side. Is that an expected behavior? On Thu, Dec 12, 2013 at 3:47 PM, Alberto Viana alberto...@gmail.com wrote: I have 2 389 DS with multimaster replicaton and one of them replicating (multimaster) with my AD server 389DS2 -- 389DS1 -- ADServer 389-Directory/1.2.10.12 AD Server 2008 R2 With 2 specific groups, for some reason that could not identify in my logs, all members are deleted (i'm not sure if the root cause is the 389DS or my AD). Can someone take a look on my log file and point me what is going on? I dont want to send my log to the list because that a lot of information of my users. Can I send direct to someone? Thanks a lot -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] group issues
On 12/12/2013 11:55 AM, Alberto Viana wrote: I found the root cause, it's happens when I change a user from one OU to another on my windows side. Is that an expected behavior? sounds like https://fedorahosted.org/389/ticket/355 On Thu, Dec 12, 2013 at 3:47 PM, Alberto Viana alberto...@gmail.com mailto:alberto...@gmail.com wrote: I have 2 389 DS with multimaster replicaton and one of them replicating (multimaster) with my AD server 389DS2 -- 389DS1 -- ADServer 389-Directory/1.2.10.12 http://1.2.10.12 AD Server 2008 R2 With 2 specific groups, for some reason that could not identify in my logs, all members are deleted (i'm not sure if the root cause is the 389DS or my AD). Can someone take a look on my log file and point me what is going on? I dont want to send my log to the list because that a lot of information of my users. Can I send direct to someone? Thanks a lot -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] group issues
On 12/12/2013 12:15 PM, Alberto Viana wrote: Rich, but in my case, the new OU is not ou of my scope. The sync deleted all of my users from my group (I think that I didnt make myself clear enough and you thought that users were deleted from 389DS) on both sides and just keep the user that I changed from windows side. So just make sure that you can undestand my problem. I Have a group named GRP_TEST and in this group i have a lot of users. When I change the OU of one of theses users, the sync delete all users from this group oh both sides (windows and 389DS) and just keep the user that I modified the OU. Am I clear enough? Yes. If you can reproduce the issue with 1.2.11, please file a ticket. Thanks On Thu, Dec 12, 2013 at 5:02 PM, Rich Megginson rmegg...@redhat.com mailto:rmegg...@redhat.com wrote: On 12/12/2013 11:55 AM, Alberto Viana wrote: I found the root cause, it's happens when I change a user from one OU to another on my windows side. Is that an expected behavior? sounds like https://fedorahosted.org/389/ticket/355 On Thu, Dec 12, 2013 at 3:47 PM, Alberto Viana alberto...@gmail.com mailto:alberto...@gmail.com wrote: I have 2 389 DS with multimaster replicaton and one of them replicating (multimaster) with my AD server 389DS2 -- 389DS1 -- ADServer 389-Directory/1.2.10.12 http://1.2.10.12 AD Server 2008 R2 With 2 specific groups, for some reason that could not identify in my logs, all members are deleted (i'm not sure if the root cause is the 389DS or my AD). Can someone take a look on my log file and point me what is going on? I dont want to send my log to the list because that a lot of information of my users. Can I send direct to someone? Thanks a lot -- 389 users mailing list 389-users@lists.fedoraproject.org mailto:389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org mailto:389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] Disable password change prompt
Hey everyone, I have setup the directory server with version 1.2.11. I am running a subtree password policy and was wondering if it's possible to disabled the feature that requests a password changed once the user's password has expired. If a user let's their password expire I just want them to get an access denied or password expired message and not let them in. Is this possible? There is a flow chart on the Redhat website [https://access.redhat.com/site/documentation/resources/docs/en-US/Red_Hat_Directory_Server/8.1/html/Deployment_Guide/images/pwdpolicy.png] that shows what is happening. In the bottom right if you follow Grace Logins? No Prompt: Password Change Thanks, Darcy -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users