[389-users] Re: Passwords migration from openldap to 389DS

2016-03-02 Thread William Brown 
On Thu, 2016-03-03 at 01:33 +0100, wodel youchi wrote:
> Hi,
> 
> We're planning the migration from openldap to 389DS,
> we did some tests, and we have some problems with users passwords migration.
> 
> We found this article in 389DS's website
> http://directory.fedoraproject.org/docs/389ds/design/password-migration-design.
> html
> 
> Is this implemented or not yet or completely abandoned?
> 
> the Pass through plugin worked, but we didn't find the "password migration
> mode option" to catch the passwords.
> 

If your users passwords are stored in a hash format that 389 can understand, you
should be able to take an ldif of the openldap directory and apply it directly 
to
389-ds

If you plan to run both in sync for some time, that may not be possible. 

I had a look at the pass through auth code, and it doesn't look like the code to
write back hashes is in there (unless I missed something)

I've created a ticket to develop this feature, but I can not guarantee a time
span on when it will be complete I am sorry.

https://fedorahosted.org/389/ticket/48753




-- 
Sincerely,

William Brown
Software Engineer
Red Hat, Brisbane



signature.asc
Description: This is a digitally signed message part
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Re: Installation of 389 DS

2016-03-02 Thread William Brown 
On Thu, 2016-03-03 at 01:26 +0100, wodel youchi wrote:
> Hi and thanks for your help,
> 
> This is the link of the documentation :
> 
> https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/
> Installation_Guide/Preparing_for_a_Directory_Server_Installation-
> Considerations.html
> 
> and it is the actual documentation of the RDS v10

https://bugzilla.redhat.com/show_bug.cgi?id=1314129

I have raised an issue about this documentation and hope it will be corrected
shortly.

Thanks for finding this!


-- 
Sincerely,

William Brown
Software Engineer
Red Hat, Brisbane



signature.asc
Description: This is a digitally signed message part
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Passwords migration from openldap to 389DS

2016-03-02 Thread wodel youchi 
Hi,

We're planning the migration from openldap to 389DS,
we did some tests, and we have some problems with users passwords migration.

We found this article in 389DS's website
http://directory.fedoraproject.org/docs/389ds/design/password-migration-design.html

Is this implemented or not yet or completely abandoned?

the Pass through plugin worked, but we didn't find the "password migration
mode option" to catch the passwords.

Regards.
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Re: Installation of 389 DS

2016-03-02 Thread wodel youchi 
Hi and thanks for your help,

This is the link of the documentation :

https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Installation_Guide/Preparing_for_a_Directory_Server_Installation-Considerations.html

and it is the actual documentation of the RDS v10

Regards.

2016-03-03 1:05 GMT+01:00 William Brown :

> On Wed, 2016-03-02 at 19:28 +0100, wodel youchi wrote:
> > Hi,
> >
> > I am a newbie on 389 DS, I was following the RDS install document from
> > RedHat Documentation.
> >
> > OS: Centos 7.2 x64 latest updates
> > 389 DS :
> > 389-admin-console-1.1.10-1.el7.noarch
> > 389-ds-base-libs-1.3.4.0-26.el7_2.x86_64
> > 389-ds-base-1.3.4.0-26.el7_2.x86_64
> > 389-console-1.1.9-1.el7.noarch
> > 389-ds-console-1.2.12-1.el7.noarch
> > 389-adminutil-1.1.22-1.el7.x86_64
> > 389-admin-1.1.42-1.el7.x86_64
> >
> > In the consideration before setting up DS, it's mentioned that we need to
> > add this line to
>
> Can you provide a link to the documentation you are looking at?
>
> >
> >
> >
> > */etc/pam.d/system-authsession required /lib/security/$ISA/pam_limits.so*
> >
> > After adding this line and rebooting the server, I am getting this error
> > when I try to login into it:
> > *Unknown module*
> >
> > in */var/log/secure* I have
> > *login: PAM unable to dlopen(/lib/security/$ISA/pam_limits.so):
> > /lib/security/../../lib64/security/pam_limits.so: cannot open shared
> object
> > file: No such file or directory*
> >
> > I did read the */etc/pam.d/system-auth* file again, and I found that
> there
> > is a line like this in it
> > *session required  pam_limits.so*
> >
> > My question is : do I need the
> > *session required /lib/security/$ISA/pam_limits.so*
> > for 389 to work properly ?
> > and if yes, how to avoid the above error?
> >
> > if no, does
> > *session required  pam_limits.so*
> > do the work?
>
> This looks like the old way (EL5 era) of modifying pam. These days you
> would just
> change the line to be:
>
> session required pam_limits.so
>
> But IIRC that's already part of the pam configuration as you have already
> noted, so you SHOULD NOT need to touch this.
>
> In other words, yes, pam_limits.so already does the work.
>
>
> To be honest, I think that it's irrelevant these days, as on el7 it would
> be the
> limits set by systemd that take effect, not the login shell limits, so you
> should
> set those. Look at:
>
> /etc/sysconfig/dirsrv.systemd
>
> This file is included by /usr/lib/systemd/system/dirsrv@.service
>
> Which is used to start / stop dirsrv on el7.
>
> I hope that helps you.
>
>
> --
> Sincerely,
>
> William Brown
> Software Engineer
> Red Hat, Brisbane
>
>
> --
> 389 users mailing list
> 389-users@%(host_name)s
>
> http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
>
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Re: Installation of 389 DS

2016-03-02 Thread William Brown 
On Wed, 2016-03-02 at 19:28 +0100, wodel youchi wrote:
> Hi,
> 
> I am a newbie on 389 DS, I was following the RDS install document from
> RedHat Documentation.
> 
> OS: Centos 7.2 x64 latest updates
> 389 DS :
> 389-admin-console-1.1.10-1.el7.noarch
> 389-ds-base-libs-1.3.4.0-26.el7_2.x86_64
> 389-ds-base-1.3.4.0-26.el7_2.x86_64
> 389-console-1.1.9-1.el7.noarch
> 389-ds-console-1.2.12-1.el7.noarch
> 389-adminutil-1.1.22-1.el7.x86_64
> 389-admin-1.1.42-1.el7.x86_64
> 
> In the consideration before setting up DS, it's mentioned that we need to
> add this line to

Can you provide a link to the documentation you are looking at? 

> 
> 
> 
> */etc/pam.d/system-authsession required /lib/security/$ISA/pam_limits.so*
> 
> After adding this line and rebooting the server, I am getting this error
> when I try to login into it:
> *Unknown module*
> 
> in */var/log/secure* I have
> *login: PAM unable to dlopen(/lib/security/$ISA/pam_limits.so):
> /lib/security/../../lib64/security/pam_limits.so: cannot open shared object
> file: No such file or directory*
> 
> I did read the */etc/pam.d/system-auth* file again, and I found that there
> is a line like this in it
> *session required  pam_limits.so*
> 
> My question is : do I need the
> *session required /lib/security/$ISA/pam_limits.so*
> for 389 to work properly ?
> and if yes, how to avoid the above error?
> 
> if no, does
> *session required  pam_limits.so*
> do the work?

This looks like the old way (EL5 era) of modifying pam. These days you would 
just
change the line to be:

session required pam_limits.so

But IIRC that's already part of the pam configuration as you have already 
noted, so you SHOULD NOT need to touch this.

In other words, yes, pam_limits.so already does the work.


To be honest, I think that it's irrelevant these days, as on el7 it would be the
limits set by systemd that take effect, not the login shell limits, so you 
should
set those. Look at:

/etc/sysconfig/dirsrv.systemd

This file is included by /usr/lib/systemd/system/dirsrv@.service

Which is used to start / stop dirsrv on el7.

I hope that helps you.


-- 
Sincerely,

William Brown
Software Engineer
Red Hat, Brisbane



signature.asc
Description: This is a digitally signed message part
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Re: ns-slapd memory usage

2016-03-02 Thread William Brown 
On Wed, 2016-03-02 at 15:19 +, Radu Pantiru wrote:
> Hi,
> 
> I am using 1.3.3 and the reserved memory usage it is going up on average 
> ~ 800MB per week and I have a cache hit rate of ~98% on both ldap 
> userRoot and db_stat
> Is this normal behavior or possibly I have a memory leak?
> 

I believe there is a fix for a memory leak between 1.3.3 and 1.3.4. I strongly
advise upgrading to 1.3.4.8 as it fixes a number of issues.

Once you have upgraded to 1.3.4.8, keep an eye on it, and see if the issue
continues.


-- 
Sincerely,

William Brown
Software Engineer
Red Hat, Brisbane



signature.asc
Description: This is a digitally signed message part
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Re: Unable to connect to Admin server via 389 windows console

2016-03-02 Thread Noriko Hosoi 
Could you please double check your Directory Server is configured with 
SSLv3 disabled?

http://www.port389.org/docs/389ds/howto/howto-disable-sslv3.html

On 03/02/2016 01:35 PM, Daniel Franciscus wrote:

OK, new error now after upgrading:

Unable to create ssl socket
org.mozilla.jss.ssl.SSLSocketException: SSL_ForceHandshake failed: 
(-12279) Peer using unsupported version of security protocol.

at org.mozilla.jss.ssl.SSLSocket.forceHandshake(Native Method)
at com.netscape.management.client.comm.HttpsChannel.open(Unknown Source)
at com.netscape.management.client.comm.CommManager.send(Unknown Source)
at com.netscape.management.client.comm.HttpManager.get(Unknown Source)
at com.netscape.management.client.console.Console.invoke_task(Unknown 
Source)
at 
com.netscape.management.client.console.Console.authenticate_user(Unknown 
Source)

at com.netscape.management.client.console.Console.(Unknown Source)
at com.netscape.management.client.console.Console.main(Unknown Source)
JButtonFactory: button width = 54
JButtonFactory: button height = 20
JButtonFactory: button width = 54
JButtonFactory: button height = 20
JButtonFactory: button width = 54
JButtonFactory: button height = 20
JButtonFactory: button width = 54
JButtonFactory: button height = 20



Dan Franciscus

Systems Administrator

Information Technology Group

Institute for Advanced Study

609-734-8138




*From: *"Mark Reynolds" 
*To: *"General discussion list for the 389 Directory server project." 
<389-users@lists.fedoraproject.org>, mreyno...@redhat.com

*Sent: *Wednesday, March 2, 2016 11:03:21 AM
*Subject: *[389-users] Re: Unable to connect to Admin server via 389 
windows console




On 03/02/2016 08:29 AM, Daniel Franciscus wrote:

C:\Program Files\389 Management Console>"java"
"-Djava.library.path=." -cp

"./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar"
-Djava.util.prefs.systemRo
ot=I:\/.389-console -Djava.util.prefs.userRoot=I:\/.389-console
-Djava.net.preferIPv4Stack=true
com.netscape.management.client.console.Console -D 9
java.util.prefs.userRoot=I:\/.389-console
java.runtime.name=Java(TM) SE Runtime Environment
sun.boot.library.path=C:\Program Files\Java\jre7\bin
java.vm.version=23.5-b02
java.vm.vendor=Oracle Corporation
java.vendor.url=http://java.oracle.com/
path.separator=;
java.vm.name=Java HotSpot(TM) 64-Bit Server VM
file.encoding.pkg=sun.io
user.country=US
user.script=
sun.java.launcher=SUN_STANDARD
sun.os.patch.level=
java.vm.specification.name=Java Virtual Machine Specification
user.dir=C:\Program Files\389 Management Console
java.runtime.version=1.7.0_09-b05
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment
java.endorsed.dirs=C:\Program Files\Java\jre7\lib\endorsed
os.arch=amd64
java.io.tmpdir=C:\Users\hermes\AppData\Local\Temp\
line.separator=

java.vm.specification.vendor=Oracle Corporation
user.variant=
os.name=Windows Server 2012
sun.jnu.encoding=Cp1252
java.library.path=.
java.specification.name=Java Platform API Specification
java.class.version=51.0
java.net.preferIPv4Stack=true
sun.management.compiler=HotSpot 64-Bit Tiered Compilers
os.version=6.2
user.home=C:\Users\hermes
user.timezone=America/New_York
java.awt.printerjob=sun.awt.windows.WPrinterJob
file.encoding=Cp1252
java.specification.version=1.7

java.class.path=./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar
user.name=hermes
java.vm.specification.version=1.7
sun.java.command=com.netscape.management.client.console.Console -D 9
java.home=C:\Program Files\Java\jre7
sun.arch.data.model=64
java.util.prefs.systemRoot=I:\/.389-console
user.language=en
java.specification.vendor=Oracle Corporation
awt.toolkit=sun.awt.windows.WToolkit
java.vm.info=mixed mode
java.version=1.7.0_09
java.ext.dirs=C:\Program
Files\Java\jre7\lib\ext;C:\Windows\Sun\Java\lib\ext
sun.boot.class.path=C:\Program
Files\Java\jre7\lib\resources.jar;C:\Program
Files\Java\jre7\lib\rt.jar;C:\Program
Files\Java\jre7\lib\sunrsasign.jar;C:\Program
Files\Java\jre7\lib\jsse.jar;C:\Program
Files\Java\jre7\lib\jce.jar;C:\Program Files\Java\jre7\lib\charsets.ja
r;C:\Program Files\Java\jre7\lib\jfr.jar;C:\Program
Files\Java\jre7\classes
java.vendor=Oracle Corporation
file.separator=\
java.vendor.url.bug=http://bugreport.sun.com/bugreport/
sun.io.unicode.encoding=UnicodeLittle
sun.cpu.endian=little
sun.desktop=windows
sun.cpu.isalist=amd64
*389-Management-Console/1.1.14 B2015.147.2124*


You are not on the latest software.  The

[389-users] Re: Unable to connect to Admin server via 389 windows console

2016-03-02 Thread Daniel Franciscus 
OK, new error now after upgrading: 

Unable to create ssl socket 
org.mozilla.jss.ssl.SSLSocketException: SSL_ForceHandshake failed: (-12279) 
Peer using unsupported version of security protocol. 
at org.mozilla.jss.ssl.SSLSocket.forceHandshake(Native Method) 
at com.netscape.management.client.comm.HttpsChannel.open(Unknown Source) 
at com.netscape.management.client.comm.CommManager.send(Unknown Source) 
at com.netscape.management.client.comm.HttpManager.get(Unknown Source) 
at com.netscape.management.client.console.Console.invoke_task(Unknown Source) 
at com.netscape.management.client.console.Console.authenticate_user(Unknown 
Source) 
at com.netscape.management.client.console.Console.(Unknown Source) 
at com.netscape.management.client.console.Console.main(Unknown Source) 
JButtonFactory: button width = 54 
JButtonFactory: button height = 20 
JButtonFactory: button width = 54 
JButtonFactory: button height = 20 
JButtonFactory: button width = 54 
JButtonFactory: button height = 20 
JButtonFactory: button width = 54 
JButtonFactory: button height = 20 







Dan Franciscus 

Systems Administrator 

Information Technology Group 

Institute for Advanced Study 

609-734-8138 




From: "Mark Reynolds"  
To: "General discussion list for the 389 Directory server project." 
<389-users@lists.fedoraproject.org>, mreyno...@redhat.com 
Sent: Wednesday, March 2, 2016 11:03:21 AM 
Subject: [389-users] Re: Unable to connect to Admin server via 389 windows 
console 



On 03/02/2016 08:29 AM, Daniel Franciscus wrote: 



C:\Program Files\389 Management Console>"java" "-Djava.library.path=." -cp 
"./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar"
 -Djava.util.prefs.systemRo 
ot=I:\/.389-console -Djava.util.prefs.userRoot=I:\/.389-console 
-Djava.net.preferIPv4Stack=true com.netscape.management.client.console.Console 
-D 9 
java.util.prefs.userRoot=I:\/.389-console 
java.runtime.name=Java(TM) SE Runtime Environment 
sun.boot.library.path=C:\Program Files\Java\jre7\bin 
java.vm.version=23.5-b02 
java.vm.vendor=Oracle Corporation 
java.vendor.url= http://java.oracle.com/ 
path.separator=; 
java.vm.name=Java HotSpot(TM) 64-Bit Server VM 
file.encoding.pkg=sun.io 
user.country=US 
user.script= 
sun.java.launcher=SUN_STANDARD 
sun.os.patch.level= 
java.vm.specification.name=Java Virtual Machine Specification 
user.dir=C:\Program Files\389 Management Console 
java.runtime.version=1.7.0_09-b05 
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment 
java.endorsed.dirs=C:\Program Files\Java\jre7\lib\endorsed 
os.arch=amd64 
java.io.tmpdir=C:\Users\hermes\AppData\Local\Temp\ 
line.separator= 

java.vm.specification.vendor=Oracle Corporation 
user.variant= 
os.name=Windows Server 2012 
sun.jnu.encoding=Cp1252 
java.library.path=. 
java.specification.name=Java Platform API Specification 
java.class.version=51.0 
java.net.preferIPv4Stack=true 
sun.management.compiler=HotSpot 64-Bit Tiered Compilers 
os.version=6.2 
user.home=C:\Users\hermes 
user.timezone=America/New_York 
java.awt.printerjob=sun.awt.windows.WPrinterJob 
file.encoding=Cp1252 
java.specification.version=1.7 
java.class.path=./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar
 
user.name=hermes 
java.vm.specification.version=1.7 
sun.java.command=com.netscape.management.client.console.Console -D 9 
java.home=C:\Program Files\Java\jre7 
sun.arch.data.model=64 
java.util.prefs.systemRoot=I:\/.389-console 
user.language=en 
java.specification.vendor=Oracle Corporation 
awt.toolkit=sun.awt.windows.WToolkit 
java.vm.info=mixed mode 
java.version=1.7.0_09 
java.ext.dirs=C:\Program Files\Java\jre7\lib\ext;C:\Windows\Sun\Java\lib\ext 
sun.boot.class.path=C:\Program Files\Java\jre7\lib\resources.jar;C:\Program 
Files\Java\jre7\lib\rt.jar;C:\Program 
Files\Java\jre7\lib\sunrsasign.jar;C:\Program 
Files\Java\jre7\lib\jsse.jar;C:\Program Files\Java\jre7\lib\jce.jar;C:\Program 
Files\Java\jre7\lib\charsets.ja 
r;C:\Program Files\Java\jre7\lib\jfr.jar;C:\Program Files\Java\jre7\classes 
java.vendor=Oracle Corporation 
file.separator=\ 
java.vendor.url.bug= http://bugreport.sun.com/bugreport/ 
sun.io.unicode.encoding=UnicodeLittle 
sun.cpu.endian=little 
sun.desktop=windows 
sun.cpu.isalist=amd64 
389-Management-Console/1.1.14 B2015.147.2124 



You are not on the latest software. The latest is 1.1.15 which fixes the ssl 
connection issues: 

389 Windows Console 1.1.15 


The 389 Directory Server team is proud to announce 389-console-win version 
1.1.15. 

Windows installers are available to download from Download 389 Windows Console 
(32-bit) and Download 389 Windows Console (64-bit) . Highlights in 
389-console-win- 1.1.15 


* Windows Console now has the same bug fixes and enhancements made for the 
Fedora 389-console. 
* A connection failure p

[389-users] Installation of 389 DS

2016-03-02 Thread wodel youchi 
Hi,

I am a newbie on 389 DS, I was following the RDS install document from
RedHat Documentation.

OS: Centos 7.2 x64 latest updates
389 DS :
389-admin-console-1.1.10-1.el7.noarch
389-ds-base-libs-1.3.4.0-26.el7_2.x86_64
389-ds-base-1.3.4.0-26.el7_2.x86_64
389-console-1.1.9-1.el7.noarch
389-ds-console-1.2.12-1.el7.noarch
389-adminutil-1.1.22-1.el7.x86_64
389-admin-1.1.42-1.el7.x86_64

In the consideration before setting up DS, it's mentioned that we need to
add this line to



*/etc/pam.d/system-authsession required /lib/security/$ISA/pam_limits.so*

After adding this line and rebooting the server, I am getting this error
when I try to login into it:
*Unknown module*

in */var/log/secure* I have
*login: PAM unable to dlopen(/lib/security/$ISA/pam_limits.so):
/lib/security/../../lib64/security/pam_limits.so: cannot open shared object
file: No such file or directory*

I did read the */etc/pam.d/system-auth* file again, and I found that there
is a line like this in it
*session required  pam_limits.so*

My question is : do I need the
*session required /lib/security/$ISA/pam_limits.so*
for 389 to work properly ?
and if yes, how to avoid the above error?

if no, does
*session required  pam_limits.so*
do the work?

Regards.
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Re: Unable to connect to Admin server via 389 windows console

2016-03-02 Thread Mark Reynolds 



On 03/02/2016 08:29 AM, Daniel Franciscus wrote:
C:\Program Files\389 Management Console>"java" "-Djava.library.path=." 
-cp 
"./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar" 
-Djava.util.prefs.systemRo
ot=I:\/.389-console -Djava.util.prefs.userRoot=I:\/.389-console 
-Djava.net.preferIPv4Stack=true 
com.netscape.management.client.console.Console -D 9

java.util.prefs.userRoot=I:\/.389-console
java.runtime.name=Java(TM) SE Runtime Environment
sun.boot.library.path=C:\Program Files\Java\jre7\bin
java.vm.version=23.5-b02
java.vm.vendor=Oracle Corporation
java.vendor.url=http://java.oracle.com/
path.separator=;
java.vm.name=Java HotSpot(TM) 64-Bit Server VM
file.encoding.pkg=sun.io
user.country=US
user.script=
sun.java.launcher=SUN_STANDARD
sun.os.patch.level=
java.vm.specification.name=Java Virtual Machine Specification
user.dir=C:\Program Files\389 Management Console
java.runtime.version=1.7.0_09-b05
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment
java.endorsed.dirs=C:\Program Files\Java\jre7\lib\endorsed
os.arch=amd64
java.io.tmpdir=C:\Users\hermes\AppData\Local\Temp\
line.separator=

java.vm.specification.vendor=Oracle Corporation
user.variant=
os.name=Windows Server 2012
sun.jnu.encoding=Cp1252
java.library.path=.
java.specification.name=Java Platform API Specification
java.class.version=51.0
java.net.preferIPv4Stack=true
sun.management.compiler=HotSpot 64-Bit Tiered Compilers
os.version=6.2
user.home=C:\Users\hermes
user.timezone=America/New_York
java.awt.printerjob=sun.awt.windows.WPrinterJob
file.encoding=Cp1252
java.specification.version=1.7
java.class.path=./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar
user.name=hermes
java.vm.specification.version=1.7
sun.java.command=com.netscape.management.client.console.Console -D 9
java.home=C:\Program Files\Java\jre7
sun.arch.data.model=64
java.util.prefs.systemRoot=I:\/.389-console
user.language=en
java.specification.vendor=Oracle Corporation
awt.toolkit=sun.awt.windows.WToolkit
java.vm.info=mixed mode
java.version=1.7.0_09
java.ext.dirs=C:\Program 
Files\Java\jre7\lib\ext;C:\Windows\Sun\Java\lib\ext
sun.boot.class.path=C:\Program 
Files\Java\jre7\lib\resources.jar;C:\Program 
Files\Java\jre7\lib\rt.jar;C:\Program 
Files\Java\jre7\lib\sunrsasign.jar;C:\Program 
Files\Java\jre7\lib\jsse.jar;C:\Program 
Files\Java\jre7\lib\jce.jar;C:\Program Files\Java\jre7\lib\charsets.ja
r;C:\Program Files\Java\jre7\lib\jfr.jar;C:\Program 
Files\Java\jre7\classes

java.vendor=Oracle Corporation
file.separator=\
java.vendor.url.bug=http://bugreport.sun.com/bugreport/
sun.io.unicode.encoding=UnicodeLittle
sun.cpu.endian=little
sun.desktop=windows
sun.cpu.isalist=amd64
*389-Management-Console/1.1.14 B2015.147.2124*


You are _not_ on the latest software.  The latest is 1.1.15 which fixes 
the ssl connection issues:



   389 Windows Console 1.1.15

The 389 Directory Server team is proud to announce 389-console-win 
version 1.1.15.


Windows installers are available to download from Download 389 Windows 
Console (32-bit) 
 and 
Download 389 Windows Console (64-bit) 
.



 Highlights in 389-console-win-1.1.15

 * Windows Console now has the same bug fixes and enhancements made for
   the Fedora 389-console.
 * *A connection failure problem over **SSL**/start**TLS**was fixed.*



Please download it.


RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Error.gif

RemoteImage: Create RemoteImage cache for loader447561888
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Inform.gif
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Warn.gif
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Question.gif
ResourceSet: NOT found in cache 
loader447561888:com.netscape.management.client.components.components
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/client/theme/images/logo16.gif
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/client/theme/images/login.gif
ResourceSet: NOT found in cache 
loader447561888:com.netscape.management.client.util.default
ResourceSet: found in cache 
loader447561888:com.netscape.management.client.util.default

JButtonFactory: button width = 54
JButtonFactory: button height = 20
JButtonFactory: button width = 54
JButtonFactory: button height = 20
JButtonFactory: button width = 72
JButtonFactory: button height = 20
JButtonFactory: button width = 72
JButtonFactory: button height = 20
JButtonFactory: button width = 72
JButtonFactory: button height = 20
JButtonFactory: button width = 72
JButtonFactory: button h

[389-users] ns-slapd memory usage

2016-03-02 Thread Radu Pantiru 

Hi,

I am using 1.3.3 and the reserved memory usage it is going up on average 
~ 800MB per week and I have a cache hit rate of ~98% on both ldap 
userRoot and db_stat

Is this normal behavior or possibly I have a memory leak?

Regards,
Radu
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org

[389-users] Re: Unable to connect to Admin server via 389 windows console

2016-03-02 Thread Daniel Franciscus 
C:\Program Files\389 Management Console>"java" "-Djava.library.path=." -cp 
"./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar"
 -Djava.util.prefs.systemRo 
ot=I:\/.389-console -Djava.util.prefs.userRoot=I:\/.389-console 
-Djava.net.preferIPv4Stack=true com.netscape.management.client.console.Console 
-D 9 
java.util.prefs.userRoot=I:\/.389-console 
java.runtime.name=Java(TM) SE Runtime Environment 
sun.boot.library.path=C:\Program Files\Java\jre7\bin 
java.vm.version=23.5-b02 
java.vm.vendor=Oracle Corporation 
java.vendor.url=http://java.oracle.com/ 
path.separator=; 
java.vm.name=Java HotSpot(TM) 64-Bit Server VM 
file.encoding.pkg=sun.io 
user.country=US 
user.script= 
sun.java.launcher=SUN_STANDARD 
sun.os.patch.level= 
java.vm.specification.name=Java Virtual Machine Specification 
user.dir=C:\Program Files\389 Management Console 
java.runtime.version=1.7.0_09-b05 
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment 
java.endorsed.dirs=C:\Program Files\Java\jre7\lib\endorsed 
os.arch=amd64 
java.io.tmpdir=C:\Users\hermes\AppData\Local\Temp\ 
line.separator= 

java.vm.specification.vendor=Oracle Corporation 
user.variant= 
os.name=Windows Server 2012 
sun.jnu.encoding=Cp1252 
java.library.path=. 
java.specification.name=Java Platform API Specification 
java.class.version=51.0 
java.net.preferIPv4Stack=true 
sun.management.compiler=HotSpot 64-Bit Tiered Compilers 
os.version=6.2 
user.home=C:\Users\hermes 
user.timezone=America/New_York 
java.awt.printerjob=sun.awt.windows.WPrinterJob 
file.encoding=Cp1252 
java.specification.version=1.7 
java.class.path=./jss4.jar;./ldapjdk.jar;./idm-console-base.jar;./idm-console-mcc.jar;./idm-console-mcc_en.jar;./idm-console-nmclf.jar;./idm-console-nmclf_en.jar;./389-console_en.jar
 
user.name=hermes 
java.vm.specification.version=1.7 
sun.java.command=com.netscape.management.client.console.Console -D 9 
java.home=C:\Program Files\Java\jre7 
sun.arch.data.model=64 
java.util.prefs.systemRoot=I:\/.389-console 
user.language=en 
java.specification.vendor=Oracle Corporation 
awt.toolkit=sun.awt.windows.WToolkit 
java.vm.info=mixed mode 
java.version=1.7.0_09 
java.ext.dirs=C:\Program Files\Java\jre7\lib\ext;C:\Windows\Sun\Java\lib\ext 
sun.boot.class.path=C:\Program Files\Java\jre7\lib\resources.jar;C:\Program 
Files\Java\jre7\lib\rt.jar;C:\Program 
Files\Java\jre7\lib\sunrsasign.jar;C:\Program 
Files\Java\jre7\lib\jsse.jar;C:\Program Files\Java\jre7\lib\jce.jar;C:\Program 
Files\Java\jre7\lib\charsets.ja 
r;C:\Program Files\Java\jre7\lib\jfr.jar;C:\Program Files\Java\jre7\classes 
java.vendor=Oracle Corporation 
file.separator=\ 
java.vendor.url.bug=http://bugreport.sun.com/bugreport/ 
sun.io.unicode.encoding=UnicodeLittle 
sun.cpu.endian=little 
sun.desktop=windows 
sun.cpu.isalist=amd64 
389-Management-Console/1.1.14 B2015.147.2124 
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Error.gif 
RemoteImage: Create RemoteImage cache for loader447561888 
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Inform.gif 
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Warn.gif 
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/nmclf/icons/Question.gif 
ResourceSet: NOT found in cache 
loader447561888:com.netscape.management.client.components.components 
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/client/theme/images/logo16.gif 
RemoteImage: NOT found in cache 
loader447561888:com/netscape/management/client/theme/images/login.gif 
ResourceSet: NOT found in cache 
loader447561888:com.netscape.management.client.util.default 
ResourceSet: found in cache 
loader447561888:com.netscape.management.client.util.default 
JButtonFactory: button width = 54 
JButtonFactory: button height = 20 
JButtonFactory: button width = 54 
JButtonFactory: button height = 20 
JButtonFactory: button width = 72 
JButtonFactory: button height = 20 
JButtonFactory: button width = 72 
JButtonFactory: button height = 20 
JButtonFactory: button width = 72 
JButtonFactory: button height = 20 
JButtonFactory: button width = 72 
JButtonFactory: button height = 20 
JButtonFactory: button width = 54 
JButtonFactory: button height = 20 
JButtonFactory: button width = 72 
JButtonFactory: button width = 72 
CommManager> New CommRecord (https://server:9830/admin-serv/authenticate) 
ResourceSet: found in cache 
loader447561888:com.netscape.management.client.theme.theme 
ResourceSet: NOT found in cache 
loader447561888:com.netscape.management.client.comm.HttpsChannel 
CREATE JSS SSLSocket 
Exception in thread "main" java.lang.UnsatisfiedLinkError: 
org.mozilla.jss.ssl.SSLSocket.setSSLVersionRangeDefault(III)V 
at org.mozilla.jss.ssl.SSLSocket.setSSLVersionRangeDefault(Native Method) 
at org.mozilla.jss.ssl.SSLSocket.setSSLVersionRangeDefault(SSLSock