[389-users] Combine entities from several replicated databases to one database

2014-11-10 Thread Андрей Черепанов
There are a dozen branches in which add and modify users in LDAP. There is central office in which will plan make joint addressbook with branch data. I know that replication works only with database. I can replicate all branch database to central office. But I don't find way to join entities to on

[389-users] add user aci problem

2014-11-10 Thread Alberto Viana
389-Directory/1.3.2.17 B2014.182.124 I'm trying to add an user (whitout using the manager, with a regular user): Without any aci: ldap_add: Insufficient access (50) additional info: Insufficient 'add' privilege to the 'userPassword' attribute My aci: dn: ou=test,dc=my,dc=domain changetype: m

[389-users] need info for replicate_now script

2014-11-10 Thread ghiureai
Hi List, I'm new to 389-ds, learning and cfg multimaster replication cfg for ds, reading the RH doc about having a script to trigger the updates to from one master to other one in < 10 min , the original script on RH will not work, is using ldapsearch -1 options seems does not exists in my

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Orion Poplawski
On 11/06/2014 10:35 AM, Orion Poplawski wrote: > On 11/06/2014 03:14 AM, Rich Megginson wrote: >> Try to reproduce the problem while using gdb to capture stack traces every >> few >> seconds as in http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-hangs >> Ideally, we can get some stack trac

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Rich Megginson
On 11/10/2014 11:59 AM, Orion Poplawski wrote: On 11/06/2014 10:35 AM, Orion Poplawski wrote: On 11/06/2014 03:14 AM, Rich Megginson wrote: Try to reproduce the problem while using gdb to capture stack traces every few seconds as in http://www.port389.org/docs/389ds/FAQ/faq.html#debugging-hangs

Re: [389-users] need info for replicate_now script

2014-11-10 Thread Rich Megginson
On 11/10/2014 10:27 AM, ghiureai wrote: Hi List, I'm new to 389-ds, learning and cfg multimaster replication cfg for ds, reading the RH doc about having a script to trigger the updates to from one master to other one in < 10 min , the original script on RH will not work, What original scr

Re: [389-users] add user aci problem

2014-11-10 Thread Mark Reynolds
On 11/10/2014 12:22 PM, Alberto Viana wrote: > 389-Directory/1.3.2.17 B2014.182.124 > > > I'm trying to add an user (whitout using the manager, with a regular > user): > > Without any aci: > > ldap_add: Insufficient access (50) > additional info: Insufficient 'add' privilege to t

[389-users] Account auto unlock

2014-11-10 Thread harry.devine
We are using 389-ds 1.2.2-1 on a RHEL 6.5 64-bit server. We have users who occasionally lock themselves out due to too many unsuccessful log in attempts. What we can't seem to find is a setting where that lock out could auto unlock after X minutes (like 30 or so). I thought that it used to wo

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Orion Poplawski
On 11/10/2014 12:07 PM, Rich Megginson wrote: > On 11/10/2014 11:59 AM, Orion Poplawski wrote: >> On 11/06/2014 10:35 AM, Orion Poplawski wrote: >>> On 11/06/2014 03:14 AM, Rich Megginson wrote: Try to reproduce the problem while using gdb to capture stack traces every few seconds as

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Orion Poplawski
On 11/06/2014 03:14 AM, Rich Megginson wrote: > On 11/06/2014 04:16 AM, Orion Poplawski wrote: >> Just recently we're seeing some very strange behavior on our system. >> Periodically we will see a sssd process start to have an ever greater number >> of connections to our ldap server until the serve

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Rich Megginson
On 11/10/2014 03:32 PM, Orion Poplawski wrote: On 11/06/2014 03:14 AM, Rich Megginson wrote: On 11/06/2014 04:16 AM, Orion Poplawski wrote: Just recently we're seeing some very strange behavior on our system. Periodically we will see a sssd process start to have an ever greater number of connec

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Paul Robert Marino
When did this start?The reason I ask is I've noticed a lot of problems with RHEV since the recent updates to nss and openssl to deal with the POODLE vulnerability.The workaround for a loot of them is to ensure minssf is set to a value higher than 0.I'm wondering if this might be something similar.

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Rich Megginson
On 11/10/2014 05:44 PM, Paul Robert Marino wrote: When did this start? The reason I ask is I've noticed a lot of problems with RHEV since the recent updates to nss and openssl to deal with the POODLE vulnerability. Like what? The workaround for a loot of them is to ensure minssf is set to a

Re: [389-users] Lots of abandoned connections from sssd

2014-11-10 Thread Paul Robert Marino
No that's not it.If RHEVM (manager) is using 389 server in In "RHDS" mode for authentication for its web portal that's where the issue pops up.When I get back to the office in the morning I'll spend a link to a bugzilla ticket about it which on ovirt 3.5 which I discover earlier tonight also applie