One core at 100% is to be expected if you're executing a long-running
(unindexed) search
over data that's mostly already in memory.
What's not expected is that other concurrent operations (even on the
same connection)
should block. Generally that shouldn't happen. You might try turning up
the
Rich Megginson wrote:
Emmanuel BILLOT wrote:
Hi,
When DS is crashed, sometimes logs sayes Recovering Database and i
have to wait for minutes before it re run.
Is it possible to watch what DS is doing (recovering progression ?)
No, not really. I suppose you could strace the process. I think
Chandrasekar Kannan wrote:
One of my pet peeves .. a plugin that can compress/decompress binary
data.
When we store large binary data (that can be easily compressed
and stored ) in attributes , for example CRLs, I would like to see
a ds plugin that compresses the data prior to storage. stores
Branimir wrote:
so there is no way to find the number of total LDAP entries stored in
FDC?
Obviously that's a ridiculous statement. You could at the very least
perform a search that
returns all entries and count them !
The server however does not maintain a running count itself. So one way
Rich Megginson wrote:
You might also be able to extract that information from the
information in cn=monitor or one of the cn=monitor entries under the
database entries -
Unless something has changed recently, there's no entry count
information maintained or readable via cn=monitor.
The
Branimir wrote:
well, I know that I can perform search and count them. I hoped that
there is some shell command implemented in FDS that could provide this
number. I administer commercial LDAP solution that provides such
command. In my case this commercial solution charges per directory
entry
Rich Megginson wrote:
Assuming your entry cache contains every entry (that is, assuming you
have enough RAM to cache every entry), you can query the entry cache
count and that should be the number of entries in your directory
server. This is the (apparently) undocumented attribute called
Nalin Dahyabhai wrote:
Assuming you only care about entries that get stored on disk (which is
what I'd prefer if I were a customer), you could find the id2entry
database file run 'db_stat -d' against it, and use the number of unique
keys and data items it returns as your count.
This does
Graham Leggett wrote:
Normal users on the directory are subject to an administrative limit
as to the size of the result sets returned, which in our case has
defaulted to 50.
I have to periodically query the directory and have all results
returned, in order to perform an operation on all
Chun Tat David Chu wrote:
I know that Fedora Directory and Red Hat Directory is essentially same
except that Fedora Directory is usually newer than Red Hat Directory.
My question is I know I can get the source code of Fedora Directory
but what about Red Hat Directory?
I thought Red Hat
Chun Tat David Chu wrote:
Just to clarify, so Red Hat does store their source code of Red Hat
Directory Server in a different repository than Fedora?
No. There's only one repository. If you browse it you'll see RHDS
release tags.
And beside looking at it via CentOS source control system, if I
Chun Tat David Chu wrote:
Can you please tell me the URL to the Red Hat/Fedora repository that
you're talking about? I am not sure where is that.
It's documented on the web site.
pserver:anonym...@cvs.fedoraproject.org:/cvs/dirsec
Dave, you're correct, we need to do some comparison between
Looks like something bad happened to the DB files while the server was
running (some other process overwrote the files perhaps??). 23 minute
recovery time would usually imply that either the database is very
large, or that checkpoints weren't being done often enough (or some
combination of
Memory is hazy about this, but I seem to remember that it was done as
two steps because AD didn't allow userAccountControl to be set in the
ADD. It had to be set by a separate MOD. Perhaps AD has changed since
that time in this respect though.
Rich Megginson wrote:
Howard Chu wrote:
Date:
Glenn wrote:
David - At least once a week on our 8,000-user systems, synchronization
breaks. Usually it is because the Passsync service on the AD server stops
running. Other times, Passync is running, but passwords do not sync.
Sometimes passwords sync only one way. Sometimes password sync
lingu wrote:
* Since i am using 64 bit windows edition but rhds8.0 is running on 32
bit edition.May be the passSync.msi comes along with 32bit edition
works only with 32 bit windows or if any 64 bit version of
PassSync.msi is available.Plz help me this is very urgent for me.
*
I don't know
Glenn wrote:
It is difficult to know when a full resynchronization is necessary for a
given Windows Sync agreement.
Why do you want to perform a full sync ? Typically that would only be
done if
a) the servers had been out of contact for a long time or b) when
bringing up a new
server or c)
Kenneth Holter wrote:
The DS supports both TLS and SASL. TLS can be used for both
authentication and encryption, and should therefore cover our security
needs.
SASL is quite new to me, and as of now I don't see the benefit of
using it. Which security or functionality features does SASL
Kenneth Holter wrote:
We're going for the TLS based solution. However, I'd like a better
understanding of SASL, so let me post these questions:
* What can SASL be used for besides Kerberos integration?
SASL is a pluggable authentication framework, so it is a bit abstract
when you read
Michael Ströder wrote:
Paul Fontenot wrote:
Can anyone recommend a good howto that’ll allow Outlook to ‘browse’
the ldap entries?
Maybe I misunderstood your question:
AFAIK Outlook can only search for entries by (partial) name / e-mail
address listing the results like address book entries.
I doubt you need to use SO_KEEPALIVE. A couple of observations:
1. If you have ESTABLISHED state connections on one end that are not
in the same state on the peer, that would indicate something broken in the
network or the stack, rather than in the DS.
2. The DS already has connection timeout
Roman RATHLER wrote:
If I activate error logging for ACL Control Summary or similar, the
machine totaly goes into IO-Wait. It just writes maybe 100K/second but
is totaly unusable any more... From normal 1% CPU Load (on a 2 Way
Xeon) it moves to 200% CPU Utilization.
Debugging ACLs therefore
Are you sure you are running a Netscape/Mozilla/FedoraDS ldapmodify and
not an OpenLDAP ldapmodify ?
Scott Lacy wrote:
All,
I am migrating an LDAP server off of Netscape I-Planet to Fedora
Directory Server 1.0.4. I am having some issues with ldapmodify in
that the command that worked in
Looking at the debug logs you provided, the entry is correctly
returned by the server in both cases. So persumably NSS_LDAP
doesn't like the look of it. Is it expecting some specific object class
that's missing perhaps ?
Peter Santiago wrote:
Hi,
I was able to finally configure FDS to sync
Peter Santiago wrote:
http://www.redhat.com/docs/manuals/dir-server/ag/7.1/sync.html#2836267
To create a synchronization agreement:
1. In the Directory Server Console, select the Configuration tab.
2. In the left-hand navigation tree, right-click on the suffix to
sync, and select
Jason wrote:
Is there a way to get past this problem? Am I crazy for expecting this
to compile on solaris even though solaris support is listed?
Not crazy, but pretty darned close ;)
A couple of things come to mind : the code may have rotted for Solaris 8
--- that's quite an old release.
The
My questions are:
1) Why have the duplicated entries with other kind of DNs spring up?
These duplicated entries continue to appear again, but they are not
desired. I need to know how to clear duplicates in order to such
additions to be avoided.
2) Why the full replica initialization fall
David Bogen wrote:
Our experience has shown start_tls to be noticeably slower than straight
ssl; slow enough that the difference is noticeable to people and not
just to measurements. I would recommend going with straight SSL and not
messing around with start_tls
Interesting observation given
Xavier Toth wrote:
Maybe this is old, maybe I've misunderstood?
http://forums.fedoraforum.org/showthread.php?t=98414
Well, that isn't an 'official' FDS document, but reading it I suspect the
author wanted to tell you how to install a DNS server, assuming perhaps
that you wouldn't already
Aaron Bliss wrote:
We are currently running sun directory server, however I don't
particularly care for it too muchI'm thinking about possibly
migrating to fds (I've used fds extensively at my previous job)...Does
anyone know if it's possible to setup replication between a sun
directory
I can reproducably, impact on FDS performance by running:
$ getent passwd | cut -d: -f 1 | while read i; do id $i; done
Since you can reproduce the syndrome at will, and in a steady state,
just run that command above and then go run 'pstack fds_pid' on the
server machine.
That'll dump
Satish Chetty wrote:
Wilmer,
Does this mean, I can move all OpenLDAP data (including Zimbra
System config data) from OpenLDAP to FDS? Or just user data? Zimbra
recommends that I only move user data and not Zimbra system data.
Looking at the ldif file, it looks like he's replacing OpenLDAP
e a step I
am missing. How does one do that?
Thanks
Geoff
David Boreham wrote:
mallapadi
niranjan wrote:
would it be possible to just install DS and
setup the same hostaname and same replica ID,
and start the replication. Why should we delete the replication
aggreement in other master se
The message tells you that the server failed to create a thread
because the OS wouldn't let it. Typically this happens either because
there's some OS limit that needs to be increased, or because the
thread stack stride is very large and you're running a 32-bit server
(the fix for that is to
Chun Tat David Chu wrote:
Can anyone recommend any tools that are available for testing LDAP?
SLAMD is popular, but I still like to use the simple command line
tools like rsearch and its siblings :
http://docs.sun.com/source/816-6400-10/rsearch.html
Norman Gaywood wrote:
Yes it was a read-only test. But then that's the main application of
LDAP servers. Are there applications that require high LDAP write
performance?
It's pretty easy to achieve performance in excess of most applications'
requirements for reads, but write performance it
Vampire D wrote:
We will not be using LDAP in the traditional sense.
Instead of authentication, we will be using it to perform lookups upon
incoming mail.
We plan on having tens of thousands of email addresses stored in LDAP,
every message that comes in is verified via LDAP that it is
Vampire D wrote:
Would you recommend more than 2GB for 100k/hr?
Memory usage is unrelated to search workload.
You need more memory to achieve good performance
with a larger set of active data.
I'd recommend you do some load testing. There are
plenty of good tools available that make testing
Not sure what the problem is but passync is designed to avoid this loop :
it attempts to bind to fds with the new password before propagating it back.
If the bind succeeds it concludes there is a loop and refrains from sending
the change to FDS. At least that's what should happen. You might look
Paxton, Darren wrote:
Unfortunately, our current strategy is to have Active Directory as the
single Directory for user management so as to make our Service Desk
more efficient. We also have a policy of removing all single points of
failure from within our enterprise, therefore I was looking
Eddie C wrote:
I can not give an authoritative answer, but if your active directory
is 2003 server your active directory itself is multimaster ( no more
PDC and SDC ). It seems theorically possible to install active
directory sync on both nodes but leave it running only on one domain
The notion behind lookthrough limit is that the administrator
can dermine an upper bound for the amount of WORK that
the server will perform for a given client's search. This is
basically a simple form of denial of service control.
So clients that hit the limit are not expected to receive
useful
Wendt, Trevor wrote:
I'm having some significant issues getting my multi-master servers
synchronized after a network outage this past weekend. First I was
getting:
error-- NSMMReplicationPlugin - agmt=cn=srv1-to-srv2 (srv2:389):
Replica has a different generation ID than the local data.
Richard Megginson wrote:
What is the output of hostname and hostname -f?
'servera' and 'servera'
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
Richard Megginson wrote:
It's failing in the function isValidServerID in ux-dialog.cc The
argument to this is the server id, which is usually everything to the
left of . in the FQDN. If you can manually specify either a FQDN in
the hostname dialog, or a server ID in the server id dialog, you
Ankur Agarwal wrote:
We have a weblogic app server based application which talks to RedHat
LDAP through weblogic's security provider APIs.
On Production env we have set-up master-master LDAP servers i.e. there
are two master LDAP servers. How should i make my application connect
to these 2
Yu Joe wrote:
Dear all
I tried to make my FDS work with sasl(digest-md5)+SSL. I can get
correct result by ldapsearch -Y digest-md5 -U sasl1 ... or
ldapsearch -x -D 'cn=Directory Manager' -W -H
ldaps://rhds.example.com
But I got the error message such as *sasl encryption not supported
Renato Ribeiro da Silva wrote:
I'm having questions about CPU utilization of Directory Server. The process
ns-slapd take 99.9% of CPU almost all the time. Is there any way to know why
this is happening? Any performance counter ( DS Console ) can show me the
answer ? Is is possible to know
George Holbert wrote:
Is it possible for DB corruption to be replicated?
In other words, if a master replica's DB goes corrupt, how likely is
that to corrupt the DB on the consumers (if at all)?
In general this can't happen. Replication is done at the
directory entry semantic level, so each
Stéphane Konstantaropoulos wrote:
It'd be nice if it noticed by itself that the db is corrupted.
Unfortunately that's something of an AI problem :(
There is some code in the server that can compare the
results of an indexed vs an unindexed execution of the same
query (used in the past to
Howard Chu wrote:
I really wish Net::LDAP would just go away and die. People should be
using Mozilla::LDAP (or Net::LDAPapi), particularly when they're doing
timing measurements. I guess as a monitoring device to say is it
alive it's not too crucial, but you have to realize that when it
Richard Megginson wrote:
But even Net::LDAP is not entirely perl - the SSL bits call out to
openssl via Net::SSLeay. There may be other C bits called as well.
Calling out to C isn't bad per se, but it really only works when the module
has OS distribution support. End users typically can't
One thing to watch when using software tunnels is that there was (is
still?) a
bug in the ldap protocol library underneath the server where if packets are
fragmented in strange and unnatural ways, the server just won't work
properly
(it fails to decode the LDAP PDU header properly). This
Glenn wrote:
All you need is to have entries that are 'syncable'. On the FDS side
this means
special objectclass and attribute values. On the AD side it only
means having the entries in the container configured in the sync agreement.
If I have entries in DS that do not exist in AD, and
Patrick Morris wrote:
On Fri, 05 Jan 2007, Glenn wrote:
So if I have some object classes and attributes required for AD that
are not allowed in DS, and vice-versa, how can I make Windows Sync
work? I'm sure I'm missing something here. I'm including sample
ldif entries from each import
Richard Hesse wrote:
I'm guessing the problem is along those lines. The installer MSI puts the
files in the correct locations for 32-bit binaries [syswow64 and program
files (x86)]. Everything appears kosher along those lines, but it's just not
working. My fear is that Windows will only let a
HAWKER, Dan wrote:
Have had a quick surf and there are couple of OpenLDAP and SunOne DS
templates out there I can use as a starting point, but nothing specifically
for FDS.
The SunOne template should work, since the SNMP MIB is identical.
--
Fedora-directory-users mailing list
Phil Lembo wrote:
Any chance we'll get to see support for Simple Paged Results Control
in a future version of Fedora Directory?
It wouldn't be hard to implement because the existing VLV code could be
mostly re-used.
Are you looking to support an application that already uses simple paged
Ulf Weltman wrote:
Does it definitely replicate a few changes correctly before the
problem starts? It reminds me of a problem that used to occur with an
earlier 6.21 release, but in that case the first change would not be
replicated (changelog empty with no anchor at the head of the list),
Eddie C wrote:
I ran
DB ERROR: db_verify: Page 30: out-of-order key at entry 498
DB ERROR: db_verify: DB-verify: db/o_com/channelcontentowner.db4:
DB_VERIFY_BAD: Database verification failed
I'm assuming that you are running the correct version of db_verify (it
should
perform a version
Nicholas Byrne wrote:
Is it possible to do a syncronisation of a windows peer without the
windows user who i use to bind being a domain admin?
No. I'm not 100% sure but I believe you need to be a domain admin to
use the dirsync control, which FDS uses to pull entries from AD.
If that isn't
Glenn wrote:
The Windows Sync documentation indicates that Windows Sync will populate an
Active Directory, but I find this difficult to believe given the
limitations noted above.
Erum, it will provided you don't feed it bad data.
I admit that I haven't tried working with the
schema. I'm
Joerg Schoppet wrote:
I'm in an account of a bigger company, which uses Microsoft Active
Directory for User Management and Authentication.
Now we need to save some additional information for a subset of all
employees, but the AD-Administrators do not want to include the
required attributes in
Glenn wrote:
I wasn't thinking when I said the directory server data was imported from
NT. It actually came from a Netscape Directory server. Just as a test, I
exported a few users to an ldif file and tried to use the ldifde on the W2003
domain controller to import them. It seems to find a
Ulf Weltman wrote:
The Pass Through Authentication plugin should also work with ADS
Right. Windows Sync would need to be deployed _without_ passsync
otherwise I'm not quite sure what would happen when it does its binds
to check the password for loops.
FDS + Winsync + PTA - passsync might
Philip Kime wrote:
I know some people have reported success - perhaps they will chime in.
I tried an upgrade to 1.0.4 but it didn't change anything - still can't
have subtree/user policies enforced when I use ldappasswd. Now, this
shouldn't be an ACI issue on the policy objects, correct?
Gordon May wrote:
I was wondering if anyone can help me with setting up a single sign on
system. I want my users to be able to sign on once and have access to
all areas of our site. Ie Forum, wiki, Trac, SVN, etc. From what I've
read it looks like Kerberos will be needed for this.
Hmm. What
I have also been researching two-factor token support in LDAP recently.
What I found depressed me : other than RSA with Novell, there is
no, repeat NO support for using centralized LDAP authentication
with these things. The vendors will often mention LDAP, but
when they do it's as a management
Chris Maresca wrote:
BTW, I have gotten CryptoCard to work with Fedora, and I'm just now
working on PAM passthru. Hopefully I'll be able to write a howto in
the next few weeks.
That'd be great. However in my experience it's SecurID that everyone
wants support for :(
--
Any thoughts on what logs from FDS would be slurp-able, or if FDS
supports writing that kind of replication log?
Originally the two came from the same code. Netscape Directory Server 1.x
used a replication mechanism that was derived from slurpd (but the slurp
functionality was included in
Philip Kime wrote:
I've
been trying to get Windows sync installed but it's going to be
impossibel as it means enabling password complexity policies in a large
domain and that isn't going to happen. Does anyone know of any
alternatives to this? I know this is desperate since you have
Pete Rowley wrote:
Bliss, Aaron wrote:
I'm a little confused here; what is the purpose of the passsync service
(I've successfully created a replication agreement over ssl via fds and
ad). Thanks again.
To synchronize passwords as they change.
Specifically, in the AD-FDS direction.
Mikael Kermorgant wrote:
I've read about password sync between Active Directory and Fedora
Directory Server.
In my environment, there is one global LDAP server built upon FDS, and
two Active directory domains.
Is there any hope to get password sync between FDS and both Active
Directory domains
Is there any hope that a virtual view would be enough ? I have indeed
a single ou for all the users in FDS.
Not without code changes, I don't think so. The code uses certain
criteria to determine if a given entry 'belongs' in the target AD.
It can support multiple AD domains (create multiple
Chris St. Pierre wrote:
If any of you are familiar with mailgraph for Postfix-based mail
servers, I've created something similar for Fedora DS. fdsgraph tails
For anyone that uses an SNMP based grapher like cricket or cacti,
note that most of this information is also available via SNMP
John Call wrote:
Is there a known limit of objects / db?
A few billion.
I've recently encountered strange behaviour in my FDS. The strange
behaviour exhibits itself by not allowing searchs within ou
containers. Although if I bind as Directory Manager I can search,
but it takes a
Any ideas ?
Yes. RTFM :
http://www.redhat.com/docs/manuals/dir-server/ag/7.1/scmacfg.html#1079595
Use the GUI to extend schema and see what it puts in the ldif files.
Then you can copy that content to extend schema in a server sans GUI.
--
Fedora-directory-users mailing list
* Cryptocard has its own authentication server, but provides a PAM
module for Linux. Therefore it should be possible to use the PAM
passthru
FDS module mentioned here a while back:
http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/pam_passthru/?root=dirsec
* Cryptocard
I skimmed RFC 4513 (sans coffee) and didn't find the section you're
referring to. I did see that RFC 4422 (last paragraph of section 3.6)
seems to suggest that OS X's and OpenLDAP's behavior is legitimate and
useful.
I'm not sure I read that there. I see this :
It is also important that the
One thing to observe here is that _generally_ one does not
want to reveal more information to a potential attacker than is
necessary. In this case it may be useful for a bad guy to know
that there is no plaintext password vs. only knowing that
authentication failed. Put another way : attempts to
Sævaldur Arnar Gunnarsson wrote:
Bottom line, how do I disable the security check that demands TLS/SSL
connection in order to change passwords ?
You can't, without editing the source code that is.
RFC3062 says:
4. Security Considerations
This operation is used to modify user
nattapon viroonsri wrote:
Compile Problem with RHAS 4.0 Pseries
RHAS 4.0 for Pseries
FDS is one of those projects that has to have been 'ported'
to each target platform. AFAIK no such port to pSeries has
been done. This would explain why ICU is not building for
you.
Now, it probably
Can the OP post a verbose log segment relating to this problem please ?
There _should_ be something in the log to indicate where the problem lies.
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
Jeff Gamsby wrote:
Here is a piece of the log:
This tells me that FDS either a) succeeded in modifying the user's password
or b) it never tried to generate the modify. It isn't clear from the log
what the
two modify operations in the changelog are (why are there two??).
Can you say more
Scott wrote:
In our ldap we do not delete users, we deactivate them
with nsaccountlock. All user entries are in the same
branch of the tree. In this data structure, all uid's
are unique and are not used again.
Ok well now our ldap is getting large and I would like
active users separate from
Frits Hoogland wrote:
I am running the fedora directory server version 1.0.2
on debian gnu linux version 3.1 (debian sarge)
The ldap server itself (ns-slapd) worked alright, but upon increased
usage, the ns-slapd process is ever increasing memory usage.
ps shows size (SZ col) of 220669,
top
Mickael Besse wrote:
In the access log fo FDS there is:
SSL connection from ... to
[09/Jun/2006:11:57:45 +0200] conn=163 op=-1 fd=77 closed - Encountered
end of file.
thus , the connection arrives to FDS but it is directly closed. I
don't know what means Encountered end of file ??
One thing to note, in case it isn't already clear :
The SSL connection setup between FDS and AD is entirely
orthogonal to the SSL connection from PassSync running on Win2k
and FDS.
From your e-mail it isn't clear to me that you're aware of this.
e.g. the certutil command you're running on
Jeff Gamsby wrote:
Thanks. Yes, I understand that.
From what I understand, the FDS (client, certutil db) is trying to talk to
the AD (server, Microsoft CA) and the PassSync cert db just has the
trusted FDS server certs (for synchronization).
Do I need to import the FDS server certs into AD,
paul barnes wrote:
Does anybody have any other ideas or can give me indications
Robert's suggestion of ApacheDS is a good one.
It's used for the NT4 sync feature of FSD, principally
because otherwise a Windows version of FDS would
have been required, and because modifying its
Paul, while the paragraph here
http://directory.fedora.redhat.com/wiki/Building#Windows
implies that FDS builds on Windows. In fact it doesn't.
It _could_ be made to build, install and run on Windows,
since there was a Windows version of its ancestor products.
But I'd be astonished if someone
Title: Replication problems
Paul Clayton wrote:
I have one server running FD core 5
and the other FD core 4
Each server has the recommended
product installed, and at this point there is no issue.
What I am having is a replication
problem. Initially I set server A as
Title: Replication problems
Paul Clayton wrote:
I am aware of that and if you had read the email
I sent, it was specified as such.
Yes, but it seemed that you attempted to 'upgrade' the consumer to a
master
after installation and configuration. It may be that this doesn't
The user is added to the database succefully.I can able to see the
encrypted password while retrieving it (but i am adding it using the
clear text format).
I want to know how the password is actually stored in the database?
The hashed value is stored (much the same as /etc/passwd).
You
Mikael Kermorgant wrote:
Is there be a way to store a clear version of the passwords in an
external storage (sql db, text file...) while turning on encryption
on the directory server ?
Yes there is. It might be useful to know more about what you are
trying to achieve, because there are a few
Hariharan R wrote:
Fedora DS 7.1 by default supports LDBM database as a backend data
store.
I want to change the backend database to BDB or MySQL.
How i can make the Fedora DS 7.1 to interface with BDB or MySQL
database?
Well let's see...
1. The LDBM/BDB thing is an OpenLDAP-ism.
Philip Lembo wrote:
Very important point made about knowing the extended features of each
directory product. For example, Active Directory sets a hard limit on
the number of entries returned by a search. The way around this is to
use the Paged Results control extension (good feature). Problem
Mikael Kermorgant wrote:
Hello,
I'd like to run a script that deletes everything from ou=People (~
5000 users).
The problem is that I first run a search and the result size is
limited by the server.
Increasing thiis limit would surely work but I don't find it very
elegant. Do you see
Reinhard Nappert wrote:
Can anybody
point me to a way how the vlv feature can be disabled?
You'll need to modify the source
code. The change is quite simple :
you'd need to find the place where a VLV operation is detected and
change the code to bypass the VLV code path.
Also, I
Reinhard Nappert wrote:
Unfortunately there is a bug (iPlanet/SUN Directory Server used to have
the same bug, but it was fixed recently). In case you perform vlv
searches and modifications occur at the same time the server hangs. Have
a look at the release notes
1 - 100 of 161 matches
Mail list logo