[389-users] Announcing 389 Directory Server 1.4.0.20

2018-12-14 Thread Mark Reynolds 


   389 Directory Server 1.4.0.20

The 389 Directory Server team is proud to announce 389-ds-base version 
1.4.0.20


Fedora packages are available on Fedora 28, 29, and rawhide.

Rawhide

https://koji.fedoraproject.org/koji/taskinfo?taskID=31464161 



Fedora 29

https://koji.fedoraproject.org/koji/taskinfo?taskID=31464159 



Fedora 28

https://koji.fedoraproject.org/koji/taskinfo?taskID=31464058 



Bodhi

F29 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0f3d7e9434 



F28 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cf250e9c09 



The new packages and versions are:

 * 389-ds-base-1.4.0.20-1

Source tarballs are available for download at Download 
389-ds-base Source 




 Highlights in 1.4.0.20

Bug fixes


 Installation and Upgrade

See Download  for 
information about setting up your yum repositories.


To install, use *dnf install 389-ds-base*, then run *dscreate*. For 
Cockput UI plugin use “dnf install cockpit-389-ds”


See Install_Guide 
 for 
more information about the initial installation, setup, and upgrade


See Source  
for information about source tarballs and SCM (git) access.



 Feedback

We are very interested in your feedback!

Please provide feedback and comments to the 389-users mailing list: 
https://lists.fedoraproject.org/admin/lists/389-users.lists.fedoraproject.org


If you find a bug, or would like to see a new feature, file it in our 
Pagure project: https://pagure.io/389-ds-base


 * Bump version to 1.4.0.20
 * Ticket 49994 - Add test for backend/suffix CLI functions
 * Ticket 50090 - refactor fetch_attr() to slapi_fetch_attr()
 * Ticket 50091 - shadowWarning is not generated if passwordWarning is
   lower than 86400 seconds (1 day)
 * Ticket 50056 - Fix CLI/UI bugs
 * Ticket 49864 - Revised replication status messages for transient errors
 * Ticket 50071 - Set ports in local_simple_allocate function
 * Ticket 50065 - lib389 aci parsing is too strict
 * Ticket 50061 - Improve schema loading in UI
 * Ticket 50063 - Crash after attempting to restore a single backend
 * Ticket 50062 - Replace error by warning in the state machine defined
   in repl5_inc_run
 * Ticket 50041 - Set the React dataflow foundation and add basic plugin UI
 * Ticket 50028 - Revise ds-replcheck usage
 * Ticket 50057 - Pass argument into hashtable_new
 * Ticket 50053 - improve testcase
 * Ticket 50053 - Subtree password policy overrides a user-defined
   password policy
 * Ticket 49974 - lib389 - List instances with initconfig_dir instead
   of sysconf_dir
 * Ticket 49984 - Add an empty domain creation to the dscreate
 * Ticket 49950 - PassSync not setting pwdLastSet attribute in Active
   Directory after Pw update from LDAP sync for normal user
 * Ticket 50046 - Remove irrelevant debug-log messages from CLI tools
 * Ticket 50022, 50012, 49956, and 49800: Various dsctl/dscreate fixes
 * Ticket 49927 - dsctl db2index does not work
 * Ticket 49814 - dscreate should handle selinux ports that are in a range
 * Ticket 49543 - fix certmap dn comparison
 * Ticket 49994 - comment out dev paths
 * Ticket 49994 - Add backend features to CLI
 * Ticket 48081 - Add new CI tests for password

___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

[389-users] Re: Allow filters through PTA Plugin

2018-12-14 Thread Olivier JUDITH 
Hi all,

Here is my doc on how to enable Pam-PassThrough + SSSD :
https://drive.google.com/open?id=0B_f1ipCCCREXd0RqN09CRFFzNWh1UUZjR0RNaElJREVIX0RJ

Regards
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

[389-users] Re: Force users to modify their passwords

2018-12-14 Thread Olivier JUDITH 
Hi,

I don't think that you can use this parameter to request your user to
change their password from Zimbra application .
I don't know how Zimbra manage user access but AFAIK Zimbra is php
application or something like this that query ldap through binding and
spécifique language ldap api.
To do what you requested, Zimbra ldap call must be able to check user
account expiration and request for change.

i used to set this option with Unix users with Pam that queries LDAP.

Hope that could be help

Le ven. 14 déc. 2018 à 18:38, wodel youchi  a
écrit :

> Hi,
>
> We have 389DS as our main directory server, and we use it with many
> applications.
> recently we moved our mail application to Zimbra. Zimbra can use an
> external LDAP server for authentication, and we did configure that and it
> works.
>
> In 389DS, in password policy configuration, there is the check-box to
> force a user to change his password on the first login, we did try it but,
> without success.
>
> Could this parameter be used to force users to change their passwords?
>
> Regards.
>
>
> 
>  Garanti
> sans virus. www.avast.com
> 
> <#m_-1286929758944121391_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
> ___
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
>
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

[389-users] Re: Force users to modify their passwords

2018-12-14 Thread Mark Reynolds 


On 12/14/18 12:38 PM, wodel youchi wrote:

Hi,

We have 389DS as our main directory server, and we use it with many 
applications.
recently we moved our mail application to Zimbra. Zimbra can use an 
external LDAP server for authentication, and we did configure that and 
it works.


In 389DS, in password policy configuration, there is the check-box to 
force a user to change his password on the first login, we did try it 
but, without success.


Right, because after setting this you must reset all the passwords using 
directory manager(or some admin account).  Then the user is forced to 
change their password at next login. Basically a flag gets set in the 
entry after it is reset by an admin, but until its reset there is no 
flag to check - so users are not forced to reset their passwords.


HTH,
Mark



Could this parameter be used to force users to change their passwords?

Regards.

 
	Garanti sans virus. www.avast.com 
 




___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

[389-users] Re: How to install an external certificate

2018-12-14 Thread Olivier JUDITH 
Hi you can add your certificate by using certutil or via 389 console.
Look at these urls :

https://access.redhat.com/documentation/en-us/red_hat_directory_server/9.0/html/administration_guide/managing_ssl-using_certutil

https://directory.fedoraproject.org/docs/389ds/howto/howto-ssl-archive.html

Regards


Le ven. 14 déc. 2018 à 18:33, wodel youchi  a
écrit :

> Hi,
>
> Any suggestions?
>
> Regards.
>
>
> 
>  Garanti
> sans virus. www.avast.com
> 
> <#m_-488589242675131199_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
> Le lun. 10 déc. 2018 à 00:01, wodel youchi  a
> écrit :
>
>> Hi,
>>
>> I have an external certificate : the certificate file, the key file and
>> CA file.
>>
>> How can I install this certificate on 389DS? especially how can I specify
>> to the dirsrv my key file?
>>
>> Regards.
>>
> ___
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
>
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

[389-users] Force users to modify their passwords

2018-12-14 Thread wodel youchi 
Hi,

We have 389DS as our main directory server, and we use it with many
applications.
recently we moved our mail application to Zimbra. Zimbra can use an
external LDAP server for authentication, and we did configure that and it
works.

In 389DS, in password policy configuration, there is the check-box to force
a user to change his password on the first login, we did try it but,
without success.

Could this parameter be used to force users to change their passwords?

Regards.


Garanti
sans virus. www.avast.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org

[389-users] Re: How to install an external certificate

2018-12-14 Thread wodel youchi 
Hi,

Any suggestions?

Regards.


Garanti
sans virus. www.avast.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

Le lun. 10 déc. 2018 à 00:01, wodel youchi  a
écrit :

> Hi,
>
> I have an external certificate : the certificate file, the key file and CA
> file.
>
> How can I install this certificate on 389DS? especially how can I specify
> to the dirsrv my key file?
>
> Regards.
>
___
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org