[389-users] Re: repl-monitor

; 00:00:00”. I’ve verified that that’s how it comes from the search > query. What’s that an indication of? > > Thank you >   Sergei > > >> On Oct 29, 2017, at 4:59 PM, Mark Reynolds <marey...@redhat.com >> <mailto:marey...@redhat.com>> wrote: >&g

[389-users] Re: repl-monitor

On 10/29/2017 03:20 PM, Sergei Gerasenko wrote: > My question now is: what’s the difference between the maxcsn of the > agreement and the maxcsn in the RUV? The maxcsn in the RUV is where the database is at, the agreement maxcsn is what the repl agreement has processed.

[389-users] Re: 1.3.6 dirsrv crash: ERR - valueset_value_syntax_cmp - slapi_attr_values2keys_sv failed for type lastUpdated

On 10/20/2017 07:58 PM, tda...@email.arizona.edu wrote: >> On 10/20/2017 12:32 PM, tdarby(a)email.arizona.edu wrote: >> Is there a core file you get a stack trace from?  > Not sure how to set up to get a core dump in a docker container. Me neither, but once the server is up and running can you

[389-users] Re: 1.3.6 dirsrv crash: ERR - valueset_value_syntax_cmp - slapi_attr_values2keys_sv failed for type lastUpdated

On 10/20/2017 12:32 PM, tda...@email.arizona.edu wrote: >> I spent a lot of time yesterday trying different ideas for reproducing the >> crash and >> haven't found the right sequence of events yet. I did discover that I was >> able to >> bring back a failed server instance by deleting a

[389-users] Re: support for rfc2307bis

On 10/18/2017 02:18 PM, Winstanley, Anthony wrote: > > After reading Trevor's thread on schema, there's a core issue here: > >   > > How does one go about choosing between RFC2307 and RFC2307bis? (They > are incompatible: You can't have both.) > > Is it RedHat's position to mandate the use of

[389-users] Re: 1.3.6 dirsrv crash: ERR - valueset_value_syntax_cmp - slapi_attr_values2keys_sv failed for type lastUpdated

On 10/11/2017 10:45 AM, tda...@email.arizona.edu wrote: >> you can always get the latest (upstream) version.  If you could at least >> test this on Fedora with the latest version of 389 so we can rule out if >> its a known issue or a new one. >> This is now fixed upstream on Fedora (26 and >>

[389-users] Re: New Install Missing Schema Files

On 10/10/2017 02:19 PM, Mark Reynolds wrote: > > > On 10/10/2017 01:12 PM, Trevor Fong wrote: >> Oh - I get it now; core schema is now immutably maintained in >> /usr/share/dirsrv/schema/ and is referenced by each slapd instance.   >> >> How do I go about o

[389-users] Re: New Install Missing Schema Files

ms? > > Trev  > > On 10 October 2017 at 08:19, Mark Reynolds <marey...@redhat.com > <mailto:marey...@redhat.com>> wrote: > > > > On 10/10/2017 11:13 AM, Trevor Fong wrote: > > Hi Everyone, > > > > I just did a new inst

[389-users] Re: 1.3.6 dirsrv crash: ERR - valueset_value_syntax_cmp - slapi_attr_values2keys_sv failed for type lastUpdated

On 10/10/2017 10:27 AM, tda...@email.arizona.edu wrote: >> When the server crashes do you get a core dump or similar? That would >> really help. > Where do I find a core dump? First you need to make sure cores are allowed to be generated:

[389-users] Re: 1.3.6 dirsrv crash: ERR - valueset_value_syntax_cmp - slapi_attr_values2keys_sv failed for type lastUpdated

On 10/10/2017 09:56 AM, tda...@email.arizona.edu wrote: >> On 10/09/2017 05:33 PM, tdarby(a)email.arizona.edu wrote: >> Okay the version you have has a few >> known crashes.  They have been fixed >> in 1.3.6.1-20 and up.  This fix will also be part of RHEL's 7.4 batch >> update 2. > Thanks, I

[389-users] Re: 1.3.6 dirsrv crash: ERR - valueset_value_syntax_cmp - slapi_attr_values2keys_sv failed for type lastUpdated

On 10/09/2017 05:33 PM, tda...@email.arizona.edu wrote: >> On 10/09/2017 05:20 PM, tdarby(a)email.arizona.edu wrote: >> This >> might be fixed in a newer version of 1.3.6, what version are you >> using now?   rpm -qa | grep 389-ds-base Okay the version you have has a few known crashes.  They

[389-users] Re: 1.3.6 dirsrv crash: ERR - valueset_value_syntax_cmp - slapi_attr_values2keys_sv failed for type lastUpdated

On 10/09/2017 05:20 PM, tda...@email.arizona.edu wrote: > I fixed the problem but the solution makes me concerned that this version of > 389 server is not going to work for me. In short, I found that deleting a > particular entry on both servers brought them back to life. This actually >

[389-users] Announcing 389 Directory Server 1.3.6.9

389 Directory Server 1.3.6.9 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.9 Fedora packages are available from the Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-800c2374d3 The

[389-users] Announcing 389 Directory Server 1.3.7.6

389 Directory Server 1.3.7.6 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.7.6 Fedora packages are available on Fedora 27. https://koji.fedoraproject.org/koji/taskinfo?taskID=22353280 - Fedora 27

[389-users] Announcing 389 Directory Server 1.4.0.1

389 Directory Server 1.4.0.1 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.1 Fedora packages are available on Fedora 28(rawhide). https://koji.fedoraproject.org/koji/taskinfo?taskID=22352819 -

[389-users] Re: Locating syntax violations

Hi Morgan, On 10/04/2017 03:46 PM, Morgan Jones wrote: > I’m working on importing a Ldif from an older version of Redhat and have a > few dozen of the below: is there a way to increase debugging such that it > tells me which attribute violates syntax? Yes, set nsslapd-syntaxlogging to "on"

[389-users] Re: Multimaster replication + one way replication Q

On 10/04/2017 12:43 PM, isabella.ghiu...@nrc-cnrc.gc.ca wrote: > William , thank you for feedback , 2 years ago when I set up 389-DS > multi-mater replication with Memberof plugin I was advised by people on this > list to use fractional replication (we were seeing strange behavior)

[389-users] Announcing 389 Directory Server 1.4.0.0

389 Directory Server 1.4.0.0 The 389 Directory Server team is proud to announce 389-ds-base version 1.4.0.0 Fedora packages are available on Fedora 28(rawhide). https://koji.fedoraproject.org/koji/buildinfo?buildID=974103 -

[389-users] Announcing 389 Directory Server 1.3.7.5

389 Directory Server 1.3.7.5 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.7.5 Fedora packages are available on Fedora 27. https://koji.fedoraproject.org/koji/buildinfo?buildID=974124 - Fedora 27

[389-users] Re: jss and idm-console-framework conflict

Mark > > -morgan > > > >> On Sep 14, 2017, at 4:57 PM, Mark Reynolds <marey...@redhat.com> wrote: >> >> >> >> On 09/14/2017 04:12 PM, Morgan Jones wrote: >>> Awesome, thanks. Apologies if this is well know >> It was not, not for epel

[389-users] Re: jss and idm-console-framework conflict

L-2017-cec2fcb8ae) it usually happens within a week. Mark > > -morgan > > >> On Sep 14, 2017, at 3:36 PM, Mark Reynolds <marey...@redhat.com> wrote: >> >> Morgan, >> >> I just built idm-console-framework-1.1.17-4.el7 >> https://koji.fedoraproje

[389-users] Re: jss and idm-console-framework conflict

Morgan, I just built idm-console-framework-1.1.17-4.el7 https://koji.fedoraproject.org/koji/taskinfo?taskID=21865518 Here is the bodhi link that requires "karma" to become an official update in epel7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-cec2fcb8ae Regards, Mark On

[389-users] Announcing 389 Directory Server 1.3.7.4

389 Directory Server 1.3.7.4 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.7.4 Fedora packages are available on Fedora 27 and 28(Rawhide). https://koji.fedoraproject.org/koji/taskinfo?taskID=21684703

[389-users] Announcing 389 Directory Server 1.3.7.3-1

389 Directory Server 1.3.7.3 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.7.3 Fedora packages are available on Fedora 27 and 28(Rawhide). https://koji.fedoraproject.org/koji/taskinfo?taskID=21607186

[389-users] Re: LDAP: error code 19 - invalid password syntax - passwords with storage scheme are not allowed

On 08/29/2017 04:59 PM, Alberto Viana wrote: > Hi Kirk > > I think that in newer versions of 389 you need a special permission to > adding already hashed passwords or change user password scheme: > > http://www.port389.org/docs/389ds/design/password-administrator.html Using "directory manager"

[389-users] Re: Last update message time stamp

On 08/28/2017 11:54 AM, Paul Whitney wrote: > Hi guys, > > Is there a reason why the update time stamp defaults to Dec 31, 19:00 > EST 1969 in the console? Hey Paul, What exactly are you referring to? Modifytimestamp? Which entry? Mark > Is there a way to preserve the last successful or

[389-users] Re: Registering remote 389-DS instances in Console

directory server . . . > > Updating adm.conf with information from configuration directory server > . . . > > Updating the configuration for the httpd engine . . . > > Restarting admin server . . . > > The admin server was successfully started. > > Admin server was succes

[389-users] Re: Registering remote 389-DS instances in Console

rk MacDonald [mailto:kirk.macdon...@corp.eastlink.ca] > *Sent:* Thursday, August 24, 2017 1:36 PM > *To:* Mark Reynolds <marey...@redhat.com>; General discussion list for > the 389 Directory server project. <389-users@lists.fedoraproject.org> > *Subject:* [389-users] Re: Re

[389-users] Re: Registering remote 389-DS instances in Console

On 08/24/2017 11:30 AM, Kirk MacDonald wrote: > > I have built 3 new 389-DS instances (389-Directory/1.3.5.10 > B2017.145.2037) on different services. Each has local Admin console. > They are all in the same Administrative Domain. > Perfect... > > > > Is the method to register the remote

[389-users] Re: Console hang after 4th server install

w up with our networking and security folks to see if > we can find anything there. These hosts are all on the same subnet for what > it’s worth. > > Thanks for the help. > > -morgan > > >> On Aug 23, 2017, at 12:35 PM, Mark Reynolds <marey...@redhat.com> w

[389-users] Re: Console hang after 4th server install

On 08/23/2017 12:31 PM, Morgan Jones wrote: >> On Aug 23, 2017, at 12:17 PM, Mark Reynolds <marey...@redhat.com> wrote: >> >> >>> [pid 27442] recvmsg(14, 0x7f3880ef74d0, 0) = -1 EAGAIN (Resource >>> temporarily unavailable) >>> [pid 27442] r

[389-users] Re: Console hang after 4th server install

to comment on this... This explains the "hang" - connections to the remove server(s) are timing out. Can you look at the DS access logs on a remote server during the hang (note there is a 30 sec log buffer with the access log). Perhaps just tail the access log, reproduce the hang (wait 30 seconds),

[389-users] Re: Console hang after 4th server install

lt;... futex resumed> ) = -1 ETIMEDOUT (Connection timed out) > [pid 27440] futex(0x7f38940cfd28, FUTEX_WAKE_PRIVATE, 1) = 0 > > -morgan > > > > >> On Aug 23, 2017, at 11:18 AM, Morgan Jones <mor...@morganjones.org> wrote: >> >> >>> On Aug

[389-users] Re: Console hang after 4th server install

On 08/23/2017 11:18 AM, Morgan Jones wrote: >> On Aug 22, 2017, at 2:15 PM, Mark Reynolds <marey...@redhat.com> wrote: >> >> >> >> On 08/22/2017 01:36 PM, Morgan Jones wrote: >>> Thanks—is there a trick to turning on admin-serv logging? I don’t ha

[389-users] Re: Console hang after 4th server install

> -morgan > > >> On Aug 17, 2017, at 3:16 PM, Mark Reynolds <marey...@redhat.com> wrote: >> >> Sorry these logs look "normal", that message that keeps repeating is >> expected when the console is idle (it's waiting for you to do something). >>

[389-users] Announcing Directory Server 1.3.6.8-1

389 Directory Server 1.3.6.8 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.8 Fedora packages are available from the Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-c95a212f02 The new packages and versions are: * 389-ds-base-1.3.6.8-1 Fedora

[389-users] Announcing Directory Server 1.3.7.2-1

*389 Directory Server **1.3.7.2* The 389 Directory Server team is proud to announce 389-ds-base version 1.3.7.2 Fedora packages are available on Fedora 27 and 28(Rawhide). https://koji.fedoraproject.org/koji/taskinfo?taskID=21401020 - Fedora 28

[389-users] Re: CentOS-Directory/8.1.0 B2009.134.1334 ldapsearch problem

On 08/18/2017 10:18 AM, Kirk MacDonald wrote: > Hello, > > I'm working on migrating from CentOS-Directory/8.1.0 B2009.134.1334 to > 389-Directory/1.3.5.10 B2017.145.2037. > > What I'm finding is that the Database Export functions in the > CentOS-Directory/8.1.0 B2009.134.1334 Console as well

[389-users] Re: Console hang after 4th server install

t; Hello Mark, > > See attached, "AbstractServerObject.StatusThread: waiting for change > listeners to register” repeats presumably forever after it hangs. > > Thanks, > > -morgan > > > > > > > > > > > > > > > > >> On Aug 16

[389-users] Re: Console hang after 4th server install

Hi Morgan, We need more info. Try running the console in debug mode: 389-console -D 9 Also look at the configuration DS access log Mark On 08/16/2017 02:57 PM, Morgan Jones wrote: > I’m in the process of installing 389 in CentOS 7 from epel (versions below) > and find that the console

[389-users] Announcing 389 Directory Server version 1.3.5.19

389 Directory Server 1.3.5.19 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.5.19. Fedora packages are available from the Fedora 25. The new packages and versions are: * 389-ds-base-1.3.5.19-1 Source tarballs are available for download at Download

[389-users] Announcing 389 Directory Server version 1.3.6.7

389 Directory Server 1.3.6.7 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.7 Fedora packages are available from the Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-431f07f52a The new packages and versions are: * 389-ds-base-1.3.6.7-1 Fedora

[389-users] Re: Index corruption message in multimaster replication

On 07/13/2017 06:09 PM, tda...@email.arizona.edu wrote: > I have two 389 servers configured for multimaster replication. I noticed > these possibly related messages in the errors logs: > > server1: > [12/Jul/2017:07:50:44 -0700] - database index is corrupt; key *zon has a data > item with the

[389-users] Announcing 389 Directory Server version 1.3.5.18

389 Directory Server 1.3.5.18 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.5.18. Fedora packages are available from the Fedora 24, and 25. The new packages and versions are: * 389-ds-base-1.3.5.18-1 Source tarballs are available for download at Download

[389-users] Re: IIAP - Ldap authentication

On 07/06/2017 05:59 AM, Narendra Laga wrote: > > > Hi, > > > can any one help on below issue. > > > we are integrating 389-DS with cyberoam, while doing test connection > we are facing below error. > > > > Please check the below Ldap authentication errors and check for the > solution. > > > >

[389-users] Re: setup-ds-admin.pl -u Script

upgrade should of restarted the server, but perhaps try to restart it again and check the build number. It also doesn't hurt to try the upgrade again. > Is it something else? > Paul M. Whitney > E-mail: paul.whit...@mac.com > Sent from my browser. > > > > On Jun 28, 2017, at

[389-users] Re: setup-ds-admin.pl -u Script

On 06/28/2017 12:40 PM, Paul Whitney wrote: > Just updated 389-ds-base to version 1.3.5.10-21. When I run the SUBJ > script, I get an error indicating that could not update the Admin > Server with Error: Administrative limit exceeded. > > Any ideas how I can get around this? Try setting the

[389-users] Re: What is the changelog:ent and changelog:dn (dbmon.sh output) refers in 389 (ldap)

On 06/23/2017 12:21 PM, Matveev Alexey wrote: > > Hello! > > I have FreeIPA 4.5.2 and tune it performance for adding more than 100k > users. > > I have a question about script dbmon.sh (or for 389 DS db in general) > > The output of the dbmon.sh says: > > dbcachefree 2374205440 free%

[389-users] Announcing python-lib389 1.0.4

python-lib389-1.0.4 The 389 Directory Server team is proud to announce python-lib389 version 1.0.4. Source tarballs are available for download at Download python-lib389 source code . Fedora packages are in testing for Fedora 25,

[389-users] Re: Migration from OpenLDAP to 389 DS

On 06/19/2017 03:14 AM, Blaz Kalan wrote: > I added these two lines to 99user.ldif: > > ObjectClasses: ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject' DESC 'RFC2079: > object that contains the URI attribute type' SUP top AUXILIARY MAY labeledURI > ) > AttributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/18/2017 07:41 AM, Mark Reynolds wrote: > > On 06/17/2017 10:46 PM, dave_horton2...@hotmail.com wrote: >> Hi Mark, >> >> I can confirm removing it from adm.conf prevents it working. Adding it >> back, it works again. >> >> Possibly there's anoth

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/17/2017 10:46 PM, dave_horton2...@hotmail.com wrote: > Hi Mark, > > I can confirm removing it from adm.conf prevents it working. Adding it back, > it works again. > > Possibly there's another means that normally ensures the correct range is set > for the config DS connection? > > The

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/17/2017 08:33 AM, dave_horton2...@hotmail.com wrote: > I figured out the issue here so updating for anyone else who may suffer this > problem. > > It appears that when things are locked down to prevent use of SSLv3, if you > want to use SSL with the Config DS from the admin server, you

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/17/2017 08:33 AM, dave_horton2...@hotmail.com wrote: > I figured out the issue here so updating for anyone else who may suffer this > problem. > > It appears that when things are locked down to prevent use of SSLv3, if you > want to use SSL with the Config DS from the admin server, you

[389-users] Re: Migration from OpenLDAP to 389 DS

On 06/16/2017 02:58 AM, Blaz Kalan wrote: > Hi Mark, thank you very much. > I actually always imported data with java LDAP browser/editor. Now I try with > ldapmodify and I am succeded with user passwords. > > Now I have only few unresolved things. > > For atribute entryUUID in exported data I

[389-users] Re: Migration from OpenLDAP to 389 DS

On 06/15/2017 07:48 AM, Blaz Kalan wrote: > Hi, > > Sorry, I checked again and we use base64 coded passwords: > userPassword:: e01ENX1VSnlnNGJSbmcxRlB1NE43ZFlWYkdnPT0= The server always base64 ecodes passwords - that is fine and expected > > what do you suggest in this case? > > But even if I

[389-users] Re: Broken replicas and CleanRUV question

On 06/14/2017 08:24 AM, Predrag Zečević - Technical Support Analyst wrote: > On 06/02/17 16:22, Mark Reynolds wrote: >> >> >> On 06/02/2017 08:47 AM, Predrag Zečević - Technical Support Analyst >> wrote: >>> On 05/31/17 20:44, Mark Reynolds wrote: >>&g

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/13/2017 09:06 AM, dave_horton2...@hotmail.com wrote: > I believe that should all be ok. It's using the same key/cert as the DS > although I've also tried different keys/certs. There is an intermediate cert > in the chain, but in Manage Certs in both DS and admin server the trust chain

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/13/2017 08:45 AM, dave_horton2...@hotmail.com wrote: > Thanks for the reply. > > Same end result in the console, although the access log of the DS seems to > indicate a bind was attempted. This is post restart after enabling the > secure option. Did you setup SSL for the Admin Server?

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/13/2017 08:10 AM, dave_horton2...@hotmail.com wrote: > I am having difficulty getting the config DS connection working over TLS. > When I enable this and attempt to log into the console, I receive an > "Authentication Failed" error. > > The admin server log shows: > [Tue Jun 13

[389-users] Re: Migration from OpenLDAP to 389 DS

On 06/09/2017 03:32 AM, Blaz Kalan wrote: > Hi, thank you all. Now I am a little further. > > My current tmp ldif file is as follows: > > dn: cn=schema, cn=config > objectclass: top > objectclass: ldapSubentry > objectclass: subschema > > dn: cn=itnetmanager, cn=schema, cn=config > objectclass:

[389-users] Re: Need to re-register 389ds servers

On 06/07/2017 10:38 AM, wudadin2...@gmail.com wrote: > Here is a look at the logs as it happens > > ~ # tail -f /var/log/dirsrv/admin-serv/error > [Wed Jun 07 09:19:27 2017] [error] Could not bind as []: ldap error -1: Can't > contact LDAP server > [Wed Jun 07 09:19:27 2017] [warn] Unable to

[389-users] Re: Need to re-register 389ds servers

On 06/06/2017 11:16 AM, wudadin2...@gmail.com wrote: > Mark, > Ok, I ran the new register-ds-admin.pl -u command on the LDAP server that I > wish to be the new single pane of glass config server but it looks like it is > not able to clean up the old config > or maybe it is failing to connect

[389-users] Re: Need to re-register 389ds servers

On 06/05/2017 11:19 AM, wudadin2...@gmail.com wrote: > I ran the setup-ds.pl -u command on one of the LDAP slaves in online more, it > does not ask about re-registering servers or anything of that nature. Okay, this is what you are looking for:

[389-users] Re: changing supplier

On 06/02/2017 05:52 AM, Fabrice Teissedre wrote: > > Hi, > > I'm new too 389DS. > > I want to use it for a LDAP / AD replication. > > My university has an openldap with all the accounts (around 3). > > How can I change the supplier in 389-Ds to put the openldap directory > as the source ? I

[389-users] Re: Broken replicas and CleanRUV question

On 06/02/2017 08:47 AM, Predrag Zečević - Technical Support Analyst wrote: > On 05/31/17 20:44, Mark Reynolds wrote: >> >> >> On 05/31/2017 06:00 AM, Predrag Zečević - Technical Support Analyst >> wrote: >>> Hi all, >>> >>> lon

[389-users] Re: Broken replicas and CleanRUV question

On 05/31/2017 06:00 AM, Predrag Zečević - Technical Support Analyst wrote: > Hi all, > > long time ago we have started with 389-DS and due to lack of > experience I have installed and used admin server (which is abandoned > later, because it is too complicated and requires someone at keyboard).

[389-users] Re: Performance Degradation with Split Database

On 05/31/2017 02:36 PM, Paul Whitney wrote: > Still in migration mode from RHEL5/DS 8.2 to CentOS7/DS10 (389-ds-base > 1.3.5.10-20). > > Our one instance is setup with two databases (userRoot and > groupRoot). We are seeing some really high etimes when performing > mods/search on the second

[389-users] Re: enabled account policy plugin and incrace changelog db size

On 05/25/2017 03:23 AM, Alparslan Ozturk wrote: > Hi, > > two 389-ds running with multimaster replication. and dbbackup size > 66MB but when I have enabled "account policy plugin" for tracing > lastlogintime of users. > > but now I see changelog db size incraced 3GB > > ... > the database size

[389-users] Re: Announcing 389 Directory Server version 1.3.6.6

On 05/23/2017 09:43 AM, Mark Reynolds wrote: > > On 05/23/2017 06:02 AM, Alan Milligan wrote: >> Hi Mark, >> >> I successfully migrated from 1.3.5.10 to 1.3.6.6 - great job team! > Great! >> I don't run any admin stuff on those nodes; I think the install/upgra

[389-users] Re: Announcing 389 Directory Server version 1.3.6.6

On 05/23/2017 06:02 AM, Alan Milligan wrote: > Hi Mark, > > I successfully migrated from 1.3.5.10 to 1.3.6.6 - great job team! Great! > > I don't run any admin stuff on those nodes; I think the install/upgrade > release note should perhaps just be setup-ds.pl Which doc are you referring to

[389-users] Announcing 389 Directory Server version 1.3.6.6

389 Directory Server 1.3.6.6 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.6 Fedora packages are available for testing from the Fedora 26 and Rawhide repositories. https://bodhi.fedoraproject.org/updates/FEDORA-2017-8ab2f264a3 The new packages and versions

[389-users] Announcing 389 Directory Server version 1.3.6.5

389 Directory Server 1.3.6.5 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.5 Fedora packages are available from the Fedora 26 https://koji.fedoraproject.org/koji/buildinfo?buildID=884231 The new packages and versions are: * 389-ds-base-1.3.6.5-1 Source

[389-users] Re: db2index.pl Questionable

On 05/16/2017 02:23 PM, Paul Whitney wrote: > Hi guys, > > I am trying to update the index on our userRoot database. I imported > the attribute using the ldif2db routine. Error log reports success. > > Then I ran the db2index.pl routine with no particular attribute > (in essence I guess the

[389-users] Re: entry set tombstone rdn

What are the exact errors messages? There should also be some kind of "str2entry" error message as well. What is it? And what version of 389-ds-base is this? As for your concerns, this is probably not a serious error.This actually sounds like a bug that is fixed in a newer release, but

[389-users] Re: Adding another Domain to 389-DS

On 05/03/2017 11:34 AM, Duarte,Alexander A wrote: > > Hello all!... > > > > question! ... I setup 389-ds for our organization and it has been > working great for months. > > > > i have two servers replicating as multiple masters and it is > fantastic. However a new problem came upon my desk

[389-users] Re: problems after upgrading to 1.3.5.10 B2017.093.2133

Can you please file a ticket: https://pagure.io/389-ds-base/new_issue And provide the steps to reproduce, although it looks pretty straight forward. Thanks, Mark On 05/02/2017 11:54 AM, albert@uwindsor.ca wrote: > I have the following problems after upgrading from: > 389-Directory/1.3.5.10

[389-users] Re: Replication Issue between versions - Space after commas issues in DN

On 05/02/2017 09:01 AM, its-not...@alfresco.com wrote: > Hi, > > We have an old version of CentOS Directory Server running on RHEL5 hosts. > > This has been successfully replicating our LDAP directory to CentOS 6 hosts > running a version of 389: > > 389-ds-base-1.2.11.25-1.el6.x86_64 >

[389-users] Announcing 389 Directory Server version 1.3.6.4

389 Directory Server 1.3.6.4 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.4 Fedora packages are available from the Fedora 26 and Rawhide repositories. https://bodhi.fedoraproject.org/updates/FEDORA-2017-7f0a10c808 The new packages and versions are: *

[389-users] Re: 389-ds and password hashing

On 04/19/2017 08:34 PM, William Brown wrote: > On Wed, 2017-04-19 at 13:57 -0400, Mark Reynolds wrote: >> On 04/19/2017 01:33 PM, James Chamberlain wrote: >>> Hi all, >>> >>> Does anyone know, can the CRYPT plugin for 389-ds be passed a >>> “cr

[389-users] Re: 389-ds and password hashing

On 04/19/2017 01:33 PM, James Chamberlain wrote: > Hi all, > > Does anyone know, can the CRYPT plugin for 389-ds be passed a > “crypt-algorithm” parameter? I came across some documentation* from > the related Oracle Unified Directory / OpenDS which looks like it > would do exactly what I’m

[389-users] Announcing 389 Directory Server version 1.3.6.3

389 Directory Server 1.3.6.3 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.3. Fedora packages are available from the Fedora 26 and Rawhide repositories. The new packages and versions are: * 389-ds-base-1.3.6.3-4

[389-users] Announcing 389 Directory Server version 1.3.5.16

389 Directory Server 1.3.5.16 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.5.16. Fedora packages are available from the Fedora 24, and 25. The new packages and versions are: * 389-ds-base-1.3.5.16-1 F24 -

[389-users] Announcing 389 Directory Server version 1.3.6.1

389 Directory Server 1.3.6.1 The 389 Directory Server team is proud to announce 389-ds-base version 1.3.6.1 Fedora packages are available from the Fedora 26 and Rawhide repositories. The new packages and versions are: * 389-ds-base-1.3.6.1-2 Source tarballs are available for download

[389-users] Re: password not expire 389

On 03/04/2017 05:34 PM, tua...@gmail.com wrote: > hi All > > thanks it is solved by now > > Mark, sorry I didn't realized it was set at my home setup. I found it from > GUI -> the organisation > right click -> manage passwrd policy -> subtree , > it was SET > > i had unflag, it Works now as it

[389-users] Re: password not expire 389

On 03/02/2017 06:06 PM, tua...@gmail.com wrote: > hi mark > > Again, never use the "local subtree password policy", Yes you are: [root@centos6 scripts]# ldapsearch -xLLL -ZZ -b cn='cn\3DnsPwPolicyEntry\2Cou\3DInfrastructure\2Cdc\3Dnnit,cn=nsPwPolicyContainer,ou=Infrastructure,dc=nnit' -s

[389-users] Re: password not expire 389

On 03/01/2017 04:25 PM, tua...@gmail.com wrote: > hi > > Here you are. > with those 2 pasword below I can use them to "passwd" again & Again as user > "tnng" Can you paste some access log output showing these password updates? passwd could still be using Directory Manager to set the passwords.

[389-users] Re: password not expire 389

On 02/28/2017 08:45 AM, Predrag Zečević - Technical Support Analyst wrote: > On 02/28/17 02:13 PM, Mark Reynolds wrote: >> >> >> On 02/28/2017 04:25 AM, Predrag Zečević - Technical Support Analyst >> wrote: >>> On 02/28/17 08:25 AM, tua...@gmail.com

[389-users] Re: password not expire 389

On 02/28/2017 02:25 AM, tua...@gmail.com wrote: > h >>> passwordHistory is not set in your policy config, thus it is not beingen >>> forced: > yes it is, i had set it the last many years > pls see the screendump in my first thread But you are using subtree policies, these override the global

[389-users] Re: password not expire 389

On 02/26/2017 10:57 AM, tua...@gmail.com wrote: > Hi > with the new 1.2.2-1 389* the user can resure the same password Again & > Again, the passwordhistory stop to Work and not showing anymore. passwordHistory is not set in your policy config, thus it is not being enforced:

[389-users] Re: Need help to tune 389 DS

On 02/23/2017 11:53 AM, Steve Holden wrote: >> -Original Message- >> From: Mark Reynolds [mailto:marey...@redhat.com] >> Sent: 23 February 2017 16:00 >> To: General discussion list for the 389 Directory server project. <389- >> us...@lists.fedoraprojec

[389-users] Re: Need help to tune 389 DS

On 02/23/2017 10:48 AM, Gordon Messmer wrote: > On 02/23/2017 12:11 AM, William Brown wrote: >> As Noriko pointed you, you are missing nsIndexType: pres on this > > > I hate to repeat myself, but is that a thing that changed *recently*? No, it has always only been indexed for "eq". As Rich

[389-users] Re: Replication Between RHDS 9 and RHDS 10

On 02/15/2017 09:27 AM, Paul Whitney wrote: > Hi everyone, > > I am currently testing RHDS 10 and have successfully > initialized/replicated from RHDS 9 to RHDS 10. Can I do the reverse? > Replicate from RHDS 10 to RHDS 9? You can - the protocol is the same, but I hope this is just a migration

[389-users] Re: [389-devel] Re: Trac -> Pagure migration is complete

On 02/13/2017 05:51 AM, Simon Pichugin wrote: > On Sat, Feb 11, 2017 at 05:23:24PM -0500, Mark Reynolds wrote: >>Our migration to Pagure is complete. Please use this project for >>filing Directory Server issues (aka Tickets): >>[1]https://pagure.io/389-ds-b

[389-users] Trac -> Pagure migration is complete

) On 02/08/2017 12:07 PM, Mark Reynolds wrote: > We are planning on doing the Trac to Pagure migration this Friday. > Using Pagure is very similar to Trac, except you create "Issues" > instead of "tickets". > > One change to keep in mind is that we now have sep

[389-users] Trac -> Pagure Migration this Friday (Feb 10)

We are planning on doing the Trac to Pagure migration this Friday. Using Pagure is very similar to Trac, except you create "Issues" instead of "tickets". One change to keep in mind is that we now have separate projects for our components like: admin server, 389-ds-console,

[389-users] Re: Odd issue with 389 and updating to Cent 6.8 with TLS/SSL

On 01/26/2017 05:25 PM, John McKee wrote: > @Mark Reynolds Those commands would fail as well, even the replication > appears to have issues and gets the same error. > > Here is my /etc/openldap/ldap.conf: > > # The distinguished name of the search base. > base dc=XX,dc=XX,

[389-users] Re: Odd issue with 389 and updating to Cent 6.8 with TLS/SSL

On 01/26/2017 03:16 PM, John McKee wrote: > @Mark Reynolds > > ldapsearch -Z -h localhost -x -b dc=XX,dc=XX,dc=com uid= -d1 What about: ldapsearch -ZZ -h localhost -x -b dc=XX,dc=XX,dc=com uid= -d1 And what about: ldapsearch -H \"ldaps://localhost:636" -x -b dc=

[389-users] Re: Odd issue with 389 and updating to Cent 6.8 with TLS/SSL

What is the exact ldapsearch command you are using? On 01/26/2017 12:59 PM, John McKee wrote: > We had to update our server from CentOS 6.7 to CentOS 6.8 due to security > compliance. When doing so however, it caused 389 to be unstable for TLS/SSL > port 636. It would be up for a minute or two,

[389-users] Re: use of wildcards in ACIs

On 01/24/2017 05:26 PM, Crocker, Deborah wrote: > > We have used directory 389 for many years having migrated forward from > the iPlanet/Sun version. Back when we were on Sun we discovered that > any attribute listed in an ACI where we wanted to use a wildcard had > to have the attribute name in

<    2   3   4   5   6   7   8   9   >