[389-users] Reg aci field missing
Hi Team, We have implemented 389-ds in Ubuntu 12.04 LTS. Everything is working fine.we have created ou called groups such as ou=groups,dc=xxx,dc=com. same 389-ds (1.2.1-0ubuntu2)implemented in the Ubuntu linux 10.04 LTS and we can see the aci attributes in the groups OU. Same aci is not available in the 1.2.10.4-0ubuntu3.1. For example, if i connected my *older ldap server* through phpldapadmin and select any group from ou=groups,dc=xxx,dc=com , i can see the below fields from aci attribute, (targetattr=*) (target=ldap:///cn=*,ou=services,ou=groups,dc=xxx,dc=com;) (version 3.0;acl group name; allow (write)(userdn=ldap:///uid=user name,ou=people,dc=xxx,dc=com);) (targetattr=*) (target=ldap:///cn=*,ou=services,ou=groups,dc=xxx,dc=com;) (version 3.0;acl group name; allow (write)(userdn=ldap:///uid=user name,ou=people,dc=xxx,dc=com);) (targetattr=*) (target=ldap:///cn=*,ou=services,ou=groups,dc=xxx,dc=com;) (version 3.0;acl group name; allow (write)(userdn=ldap:///uid=user name,ou=people,dc=xxx,dc=com);) For getting the same details, if i connect to my new LDAP server through phpldapadmin, aci attribute itself not displayed. Is it the attribute is related to samba ? Refered some of the blogs through net, if i search through ldapsearch, ldapsearch -x -h localhost -p port no -s base -b cn=schema objectclass=* | grep -i samba - output is displayed in the old server with some values.same command if i apply in new server, no output. My question may be silly,pls don't mistake.what could be the reason ? Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] Req PPA link for Ubuntu
FYI Varad On Fri, Mar 16, 2012 at 4:06 PM, s.varadha rajan rajanvara...@gmail.comwrote: Hi, Thx for all the reply.Is there any other way right now ? Thanks Regards, Varad On Thu, Mar 15, 2012 at 1:29 PM, Timo Aaltonen tjaal...@ubuntu.comwrote: On 14.03.2012 07:33, s.varadha rajan wrote: Hi Team, We are trying to install 389 ds server in Ubuntu 10.04 x86-64 edition. we followed the doc from the site https://help.ubuntu.com/community/FedoraDirectoryServer; . In that site, they have specified the following url, deb http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic maindeb-src http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic main. Precise (12.04) already has a (mostly) complete set of 389 included in the official repository. The team repo once had packages for oneiric, maybe for karmic too at some point but those are long gone. -- t -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] Req PPA link for Ubuntu
Hi mjames, Thx for the reply.after adding to the system and after ran the apt-get update, if you type #apt-cache search 389-ds*, nothing will be displayed.why because in the specified there is no packages.if you open the link in browser and verify. Regards, Varad 2012/3/14 mja...@guesswho.com Is this what you’re looking for? http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/dists/karmic/main/ ** ** *From:* 389-users-boun...@lists.fedoraproject.org [mailto: 389-users-boun...@lists.fedoraproject.org] *On Behalf Of *s.varadha rajan *Sent:* Wednesday, March 14, 2012 1:34 AM *To:* General discussion list for the 389 Directory server project. *Subject:* [389-users] Req PPA link for Ubuntu ** ** Hi Team, We are trying to install 389 ds server in Ubuntu 10.04 x86-64 edition. we followed the doc from the site https://help.ubuntu.com/community/FedoraDirectoryServer; . In that site, they have specified the following url, deb http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic main deb-src http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic main. Once if added the above Url in the Sources list, we can easily install 389 ds entire server in the Ubuntu server edition.but now a days this link may be down and there is no alternative links. i have searched in google but, no luck.Please let me know alternative link for the URL's or is there any other way we can install complete 389 ds server,fedors-idm-console,etc. Please help me on this Regards, Varad ** ** ** ** -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] Req PPA link for Ubuntu
Hi, thx for the updates and link.but one more concern, if we install through tarball(tgz,,), while updating the server it is difficult right. Anyway thx for this.. Regards, Varad 2012/3/14 mja...@guesswho.com Sorry, I see those directories are empty – but there are debs in http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/pool/main/3/that may work for you. ** ** *From:* 389-users-boun...@lists.fedoraproject.org [mailto: 389-users-boun...@lists.fedoraproject.org] *On Behalf Of *s.varadha rajan *Sent:* Wednesday, March 14, 2012 9:51 AM *To:* General discussion list for the 389 Directory server project. *Subject:* Re: [389-users] Req PPA link for Ubuntu ** ** Hi mjames, ** ** Thx for the reply.after adding to the system and after ran the apt-get update, if you type #apt-cache search 389-ds*, nothing will be displayed.why because in the specified there is no packages.if you open the link in browser and verify. ** ** Regards, Varad ** ** 2012/3/14 mja...@guesswho.com Is this what you’re looking for? http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/dists/karmic/main/ *From:* 389-users-boun...@lists.fedoraproject.org [mailto: 389-users-boun...@lists.fedoraproject.org] *On Behalf Of *s.varadha rajan *Sent:* Wednesday, March 14, 2012 1:34 AM *To:* General discussion list for the 389 Directory server project. *Subject:* [389-users] Req PPA link for Ubuntu Hi Team, We are trying to install 389 ds server in Ubuntu 10.04 x86-64 edition. we followed the doc from the site https://help.ubuntu.com/community/FedoraDirectoryServer; . In that site, they have specified the following url, deb http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic main deb-src http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic main. Once if added the above Url in the Sources list, we can easily install 389 ds entire server in the Ubuntu server edition.but now a days this link may be down and there is no alternative links. i have searched in google but, no luck.Please let me know alternative link for the URL's or is there any other way we can install complete 389 ds server,fedors-idm-console,etc. Please help me on this Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users ** ** -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] Req PPA link for Ubuntu
Hi Team, We are trying to install 389 ds server in Ubuntu 10.04 x86-64 edition. we followed the doc from the site https://help.ubuntu.com/community/FedoraDirectoryServer; . In that site, they have specified the following url, deb http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic maindeb-src http://ppa.launchpad.net/ubuntu-389-directory-server/ppa/ubuntu/ karmic main. Once if added the above Url in the Sources list, we can easily install 389 ds entire server in the Ubuntu server edition.but now a days this link may be down and there is no alternative links. i have searched in google but, no luck.Please let me know alternative link for the URL's or is there any other way we can install complete 389 ds server,fedors-idm-console,etc. Please help me on this Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] fedora-idm-console is not working after ssl enabled
Hi, Thanks for the reply for you and team. yesterday i fixed that issue.my system is having already jss4 installed and the problem is related to path.i created libjss4.so link in my lib path, i.e /usr/lib as like, root@varad:/usr/lib# ls -l libjss4.so lrwxrwxrwx 1 root root 23 2011-08-23 18:24 libjss4.so - /usr/lib/jni/libjss4.so After that, console asked for certificate acceptance and everything went fine. this is ok for me. *I have one more doubt*, same thing i accessed through browser such as https://localhost:9830 and can login inside.but after that, i can't do any activity inside.that mean, i cant manage anything like, how i manage from fedora-idm-console.Is there anything needs to be configured in Apache side or any other settings.if possible, kindly let me know the solution. Regards, Varad 2011/8/23 Chun Tat David Chu beyonddc.stor...@gmail.com Hi Varad, The issue probably just as stated in the JAVA exception you are seeing. The JSS library is missing. The JSS library is not part of standard JAVA, you will need to install it separately. You issue should be either 1) JSS is not install or 2) JSS is not in your classpath. Try execute rpm -qa | grep jss and check if JSS is installed. Here's the result when I run the above command. rpm -qa | grep jss jss-4.2.5-1 Good luck - dc 2011/8/23 s.varadha rajan rajanvara...@gmail.com Hi, I have configured ssl settings as per the redhat official doc( http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Managing_SSL.html#Managing_SSL-Using_certutil ). There is no issues with Directory server.after enabling ssl settings in the Admin server and after restarted the admin server, i tried to login with https://localhost:9830.it's not at all logging and in the Terminal throws the below error. Exception in thread main java.lang.UnsatisfiedLinkError: no jss4 in java.library.path at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1681) at java.lang.Runtime.loadLibrary0(Runtime.java:840) at java.lang.System.loadLibrary(System.java:1047) at org.mozilla.jss.CryptoManager.loadNativeLibraries(CryptoManager.java:1339) at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:827) at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:800) at com.netscape.management.client.util.UtilConsoleGlobals.initJSS(Unknown Source) at com.netscape.management.client.comm.HttpsChannel.clinit(Unknown Source) at com.netscape.management.client.comm.HttpManager.createChannel(Unknown Source) at com.netscape.management.client.comm.CommManager.send(Unknown Source) at com.netscape.management.client.comm.CommManager.send(Unknown Source) at com.netscape.management.client.comm.HttpManager.get(Unknown Source) at com.netscape.management.client.console.Console.invoke_task(Unknown Source) at com.netscape.management.client.console.Console.authenticate_user(Unknown Source) at com.netscape.management.client.console.Console.init(Unknown Source) at com.netscape.management.client.console.Console.main(Unknown Source) Please let me know the solution for this issue ? Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] fedora-idm-console is not working after ssl enabled
Hi, I have configured ssl settings as per the redhat official doc( http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Managing_SSL.html#Managing_SSL-Using_certutil ). There is no issues with Directory server.after enabling ssl settings in the Admin server and after restarted the admin server, i tried to login with https://localhost:9830.it's not at all logging and in the Terminal throws the below error. Exception in thread main java.lang.UnsatisfiedLinkError: no jss4 in java.library.path at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1681) at java.lang.Runtime.loadLibrary0(Runtime.java:840) at java.lang.System.loadLibrary(System.java:1047) at org.mozilla.jss.CryptoManager.loadNativeLibraries(CryptoManager.java:1339) at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:827) at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:800) at com.netscape.management.client.util.UtilConsoleGlobals.initJSS(Unknown Source) at com.netscape.management.client.comm.HttpsChannel.clinit(Unknown Source) at com.netscape.management.client.comm.HttpManager.createChannel(Unknown Source) at com.netscape.management.client.comm.CommManager.send(Unknown Source) at com.netscape.management.client.comm.CommManager.send(Unknown Source) at com.netscape.management.client.comm.HttpManager.get(Unknown Source) at com.netscape.management.client.console.Console.invoke_task(Unknown Source) at com.netscape.management.client.console.Console.authenticate_user(Unknown Source) at com.netscape.management.client.console.Console.init(Unknown Source) at com.netscape.management.client.console.Console.main(Unknown Source) Please let me know the solution for this issue ? Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] Existing certificate error
Hi, We are planning to configure ssl enabled Fedora directory server.we have a proper signed certificate.while importing, it is asking Enter the password to access the Token ? like that. even though we have given the exact password, while creating the certificate but it is not working. I referred wiki fedora doc also but getting this error. How to use existing certificate and enable secure ldap server. I have already posted the same question but nobody is reply Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] SSL certificate issue
Hi, Thanks for the reply.but i have a problem with my system for enabling ssl,then only i go for consumer and then replication e.t.c. my system name is varad.india.xxx.com and i have to use star_dot_india_xxx_cert.crt certificate, which is used for apache and other web related applications.so first i need to install certificate and enable secure 389-ds that is ldaps.then only i need to go for other system then i can proceed replication process In such a case, what is the solution Regards, Varad 2011/7/13 solarflow99 solarflo...@gmail.com I had this error, and it was the CA not being imported correctly as you mentioned. I used the certutil and pk12util commands to import and export all the certs: http://directory.fedoraproject.org/wiki/Howto:SSL#Create_and_Export_a_Replication_Consumer_cert 2011/7/13 s.varadha rajan rajanvara...@gmail.com Hi, I am trying to implement, two 389-ds with ssl replication.Replication is working without ssl. when i try to configure ssl enabled 389-ds, i am getting the error as, [13/Jul/2011:17:38:37 +051800] - SSL alert: CERT_VerifyCertificateNow: verify certificate failed for cert Server-Cert of family cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime error -8179 - Peer's Certificate issuer is not recognized.) [13/Jul/2011:17:38:37 +051800] - SSL failure: None of the cipher are valid *I did the following as per my environment;* * * 1.my system name is varad.india.xxx.com. we have a certificate star.india.xxx.com and .pem files,which is used commonly for Apache and other related services.so i am planning to import that certificate to my fedora-ds system, A).openssl pkcs12 -export -inkey star_dot_india_xxx_key.pem -in star_dot_india_xxx_cert.crt -out crt.p12 -nodes -name 'Server-Cert' == command went fine B).pk12util -i location/crt.p12 -d . == command went fine C).As per the fedora doc, they specified as certutil -d /etc/dirsrv/slapd-INSTANCE -A -n My Local CA -t CT,, -a -i /path/to/ca.pem.so tried this option as , #root@varad:/home/sslforldap# certutil -d /etc/dirsrv/slapd-varad -A -n Server-Cert -t u,u,u -a -i star_dot_india_xxx_cert.crt got an error ==certutil: function failed: security library: bad database. and then tried as #certutil -d /etc/dirsrv/slapd-varad -A -n Server-Cert -t u,u,u -a -i star_dot_india_xxx_cert.crt == went fine D).Added the relevant details in the dse.ldif and restarted the dirsrv.but i got the above error. E).For your information, root@varad:/home/sslforldap# certutil -L -d . Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI XXX XXX CA u,u,u How can i proceed further ? Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] SSL certificate issue
Hi, I am trying to implement, two 389-ds with ssl replication.Replication is working without ssl. when i try to configure ssl enabled 389-ds, i am getting the error as, [13/Jul/2011:17:38:37 +051800] - SSL alert: CERT_VerifyCertificateNow: verify certificate failed for cert Server-Cert of family cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime error -8179 - Peer's Certificate issuer is not recognized.) [13/Jul/2011:17:38:37 +051800] - SSL failure: None of the cipher are valid *I did the following as per my environment;* * * 1.my system name is varad.india.xxx.com. we have a certificate star.india.xxx.com and .pem files,which is used commonly for Apache and other related services.so i am planning to import that certificate to my fedora-ds system, A).openssl pkcs12 -export -inkey star_dot_india_xxx_key.pem -in star_dot_india_xxx_cert.crt -out crt.p12 -nodes -name 'Server-Cert' == command went fine B).pk12util -i location/crt.p12 -d . == command went fine C).As per the fedora doc, they specified as certutil -d /etc/dirsrv/slapd-INSTANCE -A -n My Local CA -t CT,, -a -i /path/to/ca.pem.so tried this option as , #root@varad:/home/sslforldap# certutil -d /etc/dirsrv/slapd-varad -A -n Server-Cert -t u,u,u -a -i star_dot_india_xxx_cert.crt got an error ==certutil: function failed: security library: bad database. and then tried as #certutil -d /etc/dirsrv/slapd-varad -A -n Server-Cert -t u,u,u -a -i star_dot_india_xxx_cert.crt == went fine D).Added the relevant details in the dse.ldif and restarted the dirsrv.but i got the above error. E).For your information, root@varad:/home/sslforldap# certutil -L -d . Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI XXX XXX CA u,u,u How can i proceed further ? Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] Req : Multimaster replication query
Hi, It's ok.as per my request, how can i proceed further ? Shall i go ahed as per the Redhat site ? or any other method to implementation ? Note: more then 2500 users are, right now accessing web applications through single 389-ds on my Ubuntu LTS. I am planning to go for one more server, if main server will go down,another one will automatically provide auth service. I am struck for multimaster replication and pls guide me further... Regards, Varad On Wed, Jun 22, 2011 at 7:52 PM, Rich Megginson rmegg...@redhat.com wrote: ** On 06/22/2011 03:10 AM, s.varadha rajan wrote: Hi Sigid, Thanks for the reply.fedora-team,finally didn't update anything my query.hopefully, they will reply back soon.Meantime, will try your suggestions. What information are you waiting for? mmr.pl has no maintainer. Regards, Varad On Wed, Jun 22, 2011 at 1:44 PM, sigid@JINLab sigi...@gmail.com wrote: On 06/22/2011 01:16 PM, s.varadha rajan wrote: Hi, Anyone can help me, regarding my below query ? Regards, Varad On Tue, Jun 21, 2011 at 7:26 PM, Rich Megginson rmegg...@redhat.commailto: rmegg...@redhat.com wrote: __ On 06/20/2011 11:42 PM, s.varadha rajan wrote: Hi Rich, Please let me know, where can i get modified mmr.pl http://mmr.pl as per my below requirement. I don't know. Afaik, mmr.pl script (that i was download) is design to run on FDS 1.0.4. I already try to use it on FDS 1.1 and with my own modified mmr.pl the result was a headache. Years ago on 2008 i'm posting to fedora-directory-users asking for multimaster replication guidance. Thanks to Mr. Luke Bigum for responding my post with below url: http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replication_Scenarios.html#Replication_Scenarios-Multi_Master_Replication Currently above url wasn't available but i found another page with similar content. http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Managing_Replication-Configuring_Multi_Master_Replication.html So..since FDS 1.1 until now using 389DS i'm using the graphical management console to setup the multimaster replication. I hope its helps. -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] Multimaster replication query
Hi, i ran the below command in supplier side and the output is, # extended LDIF # # LDAPv3 # base cn=config with scope subtree # filter: (objectclass=nsds5replicationagreement) # requesting: ALL # # Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.com po rt 389, replica, o\3Dnetscaperoot, mapping tree, config dn: cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.c om port 389,cn=replica,cn=o=netscaperoot,cn=mapping tree,cn=config objectClass: top objectClass: nsDS5ReplicationAgreement cn: Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.com port 389 nsDS5ReplicaHost: sam.xxx.xxx.com nsDS5ReplicaRoot: o=netscaperoot nsDS5ReplicaPort: 389 nsDS5ReplicaBindDN: cn=repman,cn=config nsDS5ReplicaBindMethod: simple nsds5replicaTimeout: 120 nsDS5ReplicaCredentials: {DES}VdEnvxoUkmw1TpV1QyVPtg== nsds5replicareapactive: 0 nsds5replicaLastUpdateStart: 20110616123147Z nsds5replicaLastUpdateEnd: 20110616123147Z nsds5replicaChangesSentSinceStartup:: MToxNC8wIA== nsds5replicaLastUpdateStatus: 0 Incremental update succeeded nsds5replicaUpdateInProgress: FALSE nsds5replicaLastInitStart: 20110616104148Z nsds5replicaLastInitEnd: 20110616104153Z nsds5replicaLastInitStatus: 0 Total update succeeded # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Regards, Varad On Thu, Jun 16, 2011 at 8:47 PM, Rich Megginson rmegg...@redhat.com wrote: ** On 06/16/2011 07:33 AM, s.varadha rajan wrote: Hi, For me no issues to recive the logs.anyway, i have performed the following steps again, 1.Stop the dirsrv on both sides. 2.Enabled nsslapd-errorlog-level: 8192 on both servers in dse.ldif file. 3.Started the dirsrv on both servers. 4.Export the datas in .ldif and imported to sam system 4.From varad.xxx.xxx.com,Remove the agreement again (./mmr.pl --host1 varad.xxx.xxx.com --host2 sam.xxx.xxx.com --host1_id 1 --host2_id 2 --bindpw password --repmanpw password --remove) 5.From varad.xxx.xxx.com,Created agreement again (./mmr.pl --host1 varad.xxx.xxx.com --host2 sam.xxx.xxx.com --host1_id 1 --host2_id 2 --bindpw password --repmanpw password --create) 6.Then created one user under ou=people , as a uid=TT in supplier side ( varad.xxx.xxx.com) 7.but not replicated in other system... Supplier system (/var/log/dirsrv/slapd-varad/errors): (varad.xxx.xxx.com ): [16/Jun/2011:18:36:48 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): Disconnected from the consumer [16/Jun/2011:18:36:48 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): State: start - ready_to_acquire_replica [16/Jun/2011:18:36:48 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): State: ready_to_acquire_replica - wait_for_changes [16/Jun/2011:18:41:49 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): State: wait_for_changes - wait_for_changes [16/Jun/2011:18:41:49 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): State: wait_for_changes - start [16/Jun/2011:18:41:49 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): No linger to cancel on the connection [16/Jun/2011:18:41:49 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): Disconnected from the consumer [16/Jun/2011:18:41:49 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): State: start - ready_to_acquire_replica [16/Jun/2011:18:41:49 +051800] NSMMReplicationPlugin - agmt=cn=Replication from varad.xxx.xxx.com port 389 to sam.xxx.xxx.comport 389 (sam:389): State: ready_to_acquire_replica - wait_for_changes Consumer system: (sam.xxx.xxx.xom): [16/Jun/2011:18:46:15 +051800] NSMMReplicationPlugin - agmt=cn=Replication from sam.xxx.xxx.com port 389 to varad.xxx.xxx.comport 389 (varad:389): Disconnected from the consumer [16/Jun/2011:18:46:15 +051800] NSMMReplicationPlugin - agmt=cn=Replication from sam.xxx.xxx.com port 389 to varad.xxx.xxx.comport 389 (varad:389): State: start - ready_to_acquire_replica [16/Jun/2011:18:46:15 +051800] NSMMReplicationPlugin - agmt=cn=Replication from sam.xxx.xxx.com port 389 to varad.xxx.xxx.comport 389 (varad:389): State: ready_to_acquire_replica - wait_for_changes [16/Jun/2011:18:51:15 +051800] NSMMReplicationPlugin - agmt=cn=Replication from sam.xxx.xxx.com port 389 to varad.xxx.xxx.comport 389 (varad:389): State: wait_for_changes - wait_for_changes [16/Jun/2011:18:51:15 +051800] NSMMReplicationPlugin - agmt=cn=Replication from sam.xxx.xxx.com port 389 to varad.xxx.xxx.comport
Re: [389-users] Reg ldif file import/export and ldap replication over ldaps
Hi, Thanks for the reply.I will try and update you further. Regards, Varad On Fri, May 27, 2011 at 8:30 PM, Rich Megginson rmegg...@redhat.com wrote: On 05/27/2011 12:11 AM, s.varadha rajan wrote: Hi, Can i get any update on my below query ? Regards, Varad On Tue, May 24, 2011 at 6:17 PM, s.varadha rajan rajanvara...@gmail.comwrote: Hi, We are using Ubuntu 10.04 server OS and all the web applications are running on that.We have already implemented fedora-ds for ldap auth.now we are planning to go some up-gradation.kindly let me know the following, 1.How to migrate running fedora-ds server to another server ? 2.i have taken all the user/group+etc in ldif format.is it enough for migration or any other db (/var/lib/dirsrv/slapd-instance) also need to bacup ? LDIF should be fine. if any procedure please share with me ? how to import/export .ldif file /usr/lib[64]/dirsrv/slapd-INSTNAME/db2ldif - export database to ldif /usr/lib[64]/dirsrv/slapd-INSTNAME/ldif2db - import database from ldif 3.in our setup,one server is in public network.so i am planning to do replication through ldaps, i.e local server to public server replication through highly secure how to ? Not exactly, but there is plenty of documentation - see http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Managing_Replication-Replication_Overview Please help me on the above topics. Regards, Varad -- 389 users mailing list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Re: [389-users] Reg ldif file import/export and ldap replication over ldaps
Hi, Can i get any update on my below query ? Regards, Varad On Tue, May 24, 2011 at 6:17 PM, s.varadha rajan rajanvara...@gmail.comwrote: Hi, We are using Ubuntu 10.04 server OS and all the web applications are running on that.We have already implemented fedora-ds for ldap auth.now we are planning to go some up-gradation.kindly let me know the following, 1.How to migrate running fedora-ds server to another server ? 2.i have taken all the user/group+etc in ldif format.is it enough for migration or any other db (/var/lib/dirsrv/slapd-instance) also need to bacup ? if any procedure please share with me ? how to import/export .ldif file 3.in our setup,one server is in public network.so i am planning to do replication through ldaps, i.e local server to public server replication through highly secure how to ? Please help me on the above topics. Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
[389-users] Reg ldif file import/export and ldap replication over ldaps
Hi, We are using Ubuntu 10.04 server OS and all the web applications are running on that.We have already implemented fedora-ds for ldap auth.now we are planning to go some up-gradation.kindly let me know the following, 1.How to migrate running fedora-ds server to another server ? 2.i have taken all the user/group+etc in ldif format.is it enough for migration or any other db (/var/lib/dirsrv/slapd-instance) also need to bacup ? if any procedure please share with me ? how to import/export .ldif file 3.in our setup,one server is in public network.so i am planning to do replication through ldaps, i.e local server to public server replication through highly secure how to ? Please help me on the above topics. Regards, Varad -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users