[389-users] Re: LDAP group to provide 389-console access?

2018-08-16 Thread Mark Reynolds
On 08/16/2018 08:12 PM, Nick W. Harrison wrote: Hello – I am wanting to provide some GUI-based management console for my coworkers. To that end, I’m trying to make it so members of a certain LDAP-based group can login to 389-console as themselves, register LDAP instances, and start managin

[389-users] LDAP group to provide 389-console access?

2018-08-16 Thread Nick W. Harrison
Hello - I am wanting to provide some GUI-based management console for my coworkers. To that end, I'm trying to make it so members of a certain LDAP-based group can login to 389-console as themselves, register LDAP instances, and start managing those LDAP instances with "directory administrator"

[389-users] Announcing 389 Directory Server 1.4.0.15

2018-08-16 Thread Mark Reynolds
389 Directory Server 1.4.0.15 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.15 Fedora packages are available on Fedora 28, 29, and rawhide. Rawhide https://koji.fedoraproject.org/koji/taskinfo?taskID=29119556

[389-users] Using dbmon.sh

2018-08-16 Thread Paul Whitney
Hi, I am using the dbmon.sh program to see how my database cache is performing. I am puzzled with the results: dbcachefree: -1639628800 free% -10006900 hit% 90 Do the negative values reflect me needing to increase the LDBM cache? Paul M. Whitney __

[389-users] Password Policies and lastLoginTime

2018-08-16 Thread Harvey, Robert
Is it possible to turn on recording of users Last Login times in selected OUs without turning on alwaysRecordLogin in cn=config,cn=Account Policy Plugin,cn=plugins,cn=config? I'm using ds389 to service SSSD Centos and RHEL (6 and 7) clients and some some Solaris 10 and 11 clients. Currently wit

[389-users] Re: Importing users from open-ds

2018-08-16 Thread Mark Reynolds
On 08/16/2018 10:09 AM, rai...@ultra-secure.de wrote: Am 2018-08-16 15:58, schrieb Mark Reynolds: On 08/16/2018 09:51 AM, rai...@ultra-secure.de wrote: How can I switch it to sha512 - and how can I store encrypted passwords with different algorithms? You have to reset/change the passwords

[389-users] Re: Importing users from open-ds

2018-08-16 Thread rainer
Am 2018-08-16 15:58, schrieb Mark Reynolds: On 08/16/2018 09:51 AM, rai...@ultra-secure.de wrote: How can I switch it to sha512 - and how can I store encrypted passwords with different algorithms? You have to reset/change the passwords for them to get rehashed. There is no way to just conver

[389-users] Re: Importing users from open-ds

2018-08-16 Thread Mark Reynolds
On 08/16/2018 09:51 AM, rai...@ultra-secure.de wrote: Am 2018-08-16 15:33, schrieb Mark Reynolds: I created a user in 389-ds and exported it and it did not contain any such hint. How did you "export" the user?  Did you use db2ldif tool? I used the gui ;-) I also used the gui (389 managem

[389-users] Re: Importing users from open-ds

2018-08-16 Thread rainer
Am 2018-08-16 15:33, schrieb Mark Reynolds: I created a user in 389-ds and exported it and it did not contain any such hint. How did you "export" the user?  Did you use db2ldif tool? I used the gui ;-) I also used the gui (389 management console) to import the export from the old system.

[389-users] Re: Importing users from open-ds

2018-08-16 Thread Mark Reynolds
On 08/16/2018 09:20 AM, rai...@ultra-secure.de wrote: Hi, I have a very old installation of open-ds sitting around and recently we got the "go" for upgrading it. I installed ds389 on CentOS7 64bit, from EPEL. The first obstacle I hit when simply trying to import users from and export of th

[389-users] Importing users from open-ds

2018-08-16 Thread rainer
Hi, I have a very old installation of open-ds sitting around and recently we got the "go" for upgrading it. I installed ds389 on CentOS7 64bit, from EPEL. The first obstacle I hit when simply trying to import users from and export of the old server is that the ldif-export has the passwords in