Rich Megginson wrote:
Kenneth Holter wrote:
Hi.
We're using Windows sync on our (RedHat) directory server to fetch
users from AD, and have a quick question about the UID attribute: It
look to me like the UID attribute that linux ldap clients use for
authentication, is a attribute created
We just noticed this problem last week as well. I submitted bug:
https://bugzilla.redhat.com/show_bug.cgi?id=549384
Rich Megginson wrote:
Jason Solan wrote:
Hello,
Recently we've upgraded our fds servers (1.1.3) to 389 (1.2.2). Doing
so seems to have broken password sync from 389 to Active D
Never mind. I realized that the memberof plugin was not enabled on the
replica, so no memberof entry to apply a CoS.
James Roman wrote:
I have two 389 1.2.2 servers in a Multi-master replication
configuration. I've added a few Classic Class of Service entries on
the memberof attribute t
I have two 389 1.2.2 servers in a Multi-master replication
configuration. I've added a few Classic Class of Service entries on the
memberof attribute to one of the servers. The CoS and template entries
seem to have replicated to the other server, however, when I perform a
lookup on the entires
Installed the x86_64 on 2003 R2 successfully without the previous
installation failure messages. I have the log if you need it.
Rich Megginson wrote:
I have a new PassSync package 1.1.3 that should address some install
issues reported by some users on Windows 2008.
Please test these and let m
Windows Server 2003 R2. The package is labeled 1.1.2-x86_64. I've
already got it installed on both of my x86_64 domain controllers. I
won't get the chance to delete it to test it until the weekend.
Rich Megginson wrote:
James Roman wrote:
Very first impression during installation.
I am unable to download the 1.2.1 versions of the passsync msi files. I
could really use the x86_64 version.
--
389 users mailing list
389-us...@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
l the server back to FC9 for the evening.
Anyone have any ideas how to eliminate the errors, or perform the
upgrade in a way that avoids them? Do I need to remove the replication
agreements first?
James Roman
Sr. Network Administrator
TerraNet, Inc. on Contract to SSAI
--
389 users
the evening. Anyone have
any ideas how to eliminate the errors, or perform the upgrade in a way that
avoids them? Do I need to remove the replication agreements first?
James Roman
Sr. Network Administrator
TerraNet, Inc. on Contract to SSAI
--
389 users mailing list
389-us...@redhat.com
ht
On Mon, May 11, 2009 at 7:09 PM, Chris St. Pierre wrote:
> On Mon, 11 May 2009, James Chavez wrote:
>
> Now If the uid is listed as Joe_Montana..and I login as Joe_Montana then
>> the
>> entry is recognized correctly by the sudo functions.
>> If I login as joe_mont
-1.fc9.noarch
Thank you
James
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
Hello list,
I upgraded my FDS install (yum upgrade fedora-ds, yum upggrade
fedora-ds-base etc..) on one of my boxes and the directory restarts fine.
However I receive the following messages in the error log. I am hoping that
someone has seen this message before and can decipher it for me.
The entry
Hello List,
I have a directory with 20,000 plus users.
The output from logconv is showing me that I have unindexed searches with a
search filter of '(uidNumber=*)'.
However my uidNumber attribute is indeed indexed.
The documentation states the following
" In Directory Server, when examining an ind
Sounds like selinux is enabled/enforcing. Try setting it to permissive.
Andy Schofield wrote:
I have exactly the same error:
> ldap...[19/Apr/2009:06:46:14 -0400] - Unable to access
nsslapd-rundir: > Bad address
In my case this is nothing to do with the upgrade to CentOS 5.3 (which
went smo
access with the admin console
I also agree with Andrey that this is a nice feature to have in future
releases if possible, definitely on my wish list!!
Thank you
James
From: fedora-directory-users-boun...@redhat.com
[mailto:fedora-directory-users-boun
possible. I am able to access with a third party
tool but would like to use the FDS admin console.
Thank you
James
CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged and/or
confidential
It is
suggested in some documentation to increase the nsslapd-maxbersize
entry. However I do not see that in the config file. Does anyone have
any knowledge of this setting?#
Thanks
James
-Original Message-
From: fedora-directory-users-boun...@redhat.com
[mailto:fedora-directory-use
Andrey,
Thanks this actually helps alot towards my understanding. Appreciate the
information, that logconv.pl is slick!
James
Hi,
we use following approaches:
1. we limit the idle connection time "net.ipv4.tcp_keepalive_time = ..."
in /etc/sysctl.conf
2. fs.file-max = 65000 i
Thanks, I think that may be our issue. Can I ask what parameters you set
to accomplish this?
And also what is your "net.ipv4.tcp_keepalive_time" set to?
Thanks again
James
We had the same problem. We set the idle timeout, and it was fixed. By
default it doesn't timeout c
Thanks, I think that may be our issue. Can I ask what parameters you set
to accomplish this?
And also what is your "net.ipv4.tcp_keepalive_time" set to?
Thanks again
James
We had the same problem. We set the idle timeout, and it was fixed. By
default it doesn't timeout conne
-users] Too many FDS open
Chavez, James R. wrote:
> Hello Rich, list,
>
>
> Earlier today we started getting this error in our FDS error log
> repeatedly. Obviously connections were being refused at this point. I
> had to restart the directory server for the server to function
-directory-users] Too many FDS open
Chavez, James R. wrote:
> Hello Rich, list,
>
>
> Earlier today we started getting this error in our FDS error log
> repeatedly. Obviously connections were being refused at this point. I
> had to restart the directory server for the server to function
20,000 users.
We are running FC9 and FDS 1.1.1-3.
We are lacking in RAM but look to improve on that shortly.
I do see on the web past posts to this list regarding this error, I am
currently looking through them. Is there anyone out there that has
experienced this and gotten past it?
Thanks
James
[
Howard Chu wrote:
>
>> Date: Mon, 2 Feb 2009 13:26:18 -0800
>> From: "Chavez, James R."
>
>> Hi Rich,
>> Thank you for your previous response..The answer was actually
>> embedded within your statement I believe.
>>
>> "This is a
s and such.
Thank you again
James
-Original Message-
From: fedora-directory-users-boun...@redhat.com
[mailto:fedora-directory-users-boun...@redhat.com] On Behalf Of Howard
Chu
Sent: Tuesday, February 03, 2009 1:49 PM
To: fedora-directory-users@redhat.com
Subject: RE: [Fedora-directory-users
tries that
I point at the consumer. I would have never guessed the openldap tool
would not follow LDAPv3 referrals. Maybe a switch I missed or something.
Thanks again for your suggestion.
James
-Original Message-
From: fedora-directory-users-boun...@redhat.com
[mailto:fedora-directory-
r OpenLDAP
Thank you
James
CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged and/or
confidential information. If you are not the intended recipient of this e-mail
message, you are hereb
am missing? Not sure why the console refers updates
but the command line does not.
Thank you
James
CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged and/or
confidential information. If you
Rich , Thanks again,
Do I email the log to the entire list?
Or can I shoot it to you?
Thank you
James
-Original Message-
From: Rich Megginson [mailto:rmegg...@redhat.com]
Sent: Wednesday, January 28, 2009 4:03 PM
To: Chavez, James R.
Cc: General discussion list for the Fedora
CA certificate in order to properly use this server cert
that was generated?
Thank you
James
-Original Message-
From: Rich Megginson [mailto:rmegg...@redhat.com]
Sent: Wednesday, January 28, 2009 3:21 PM
To: Chavez, James R.
Cc: General discussion list for the Fedora Directory server
ot;
I can import it as a CA cert but it shows as a broken chain and it is
supposed to be server cert anyway.
Any ideas on how to properly import this base 64 signed cert?
Perhaps certutil or openssl commands?
Thank You
James
Openssl
-Original Message-
From: Rich Megginson [mailto:rmegg...@
Import the server's certificate as the object certificate.
If the problem persists, contact the Certificate Authority.
Any body out there can help out please.
Thanks
James
CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by
the addressee(s) named he
rom the outside world. If this
is the case, it really is a question that belongs in the Xen-users
mailing list. My suggestion is that you ensure you can bring up a secure
shell into your VM server. You will most likely need to use the
vif-bridge Xen scripts.
--
James D. Roman
Sr. Network Admini
receive my initial account info from Edir and then would like to be
able to edit on the FDS console and have the attributes sync back up
when necessary. Sounds reasonable to me.
Thank you in advance.
James
CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by
that is authenticating to the directory for logins.
I have read the ACI chapter on the Directory services Administrator's
guide but I am still struggling a bit.
Thank you
James
CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended only for use by
the addressee(s)
: Tue 15 Apr 2008
10:31:42 AM MST
Install Date: Tue 07 Oct 2008 10:15:03 PM MST Build Host:
xenbuilder4.fedora.phx.redhat.com
Group : System Environment/DaemonsSource RPM:
fedora-ds-admin-1.1.4-1.fc9.src.rpm
James
On Tue, 2008-12-09 at 15:05 -0700, Rich Megginson wrote:
> James Cha
e Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
CA certificate CT,,
Server-Cert2 u,u,u
Any ideas.
Thanks
James
CONFIDENTIALITY
This e-mail message and any attachments thereto, is intended on
D->FDS sync have the same requirements?
--
James D. Roman
IT Network Administration
Terranet Inc.On contract to:
Science Systems and Applications, Inc.
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
correct? And from there export it from the root CA
and import it on the second server. Where do I import that certificate
into? /etc/openldap/cacerts or /etc/dirsrv/slapd-hostname?
Thank you
James
On Fri, 2008-12-05 at 11:56 -0800, George Holbert wrote:
> Chavez, James R. wr
like I did for the Solaris clients?
'Error opening Certificate cacert.asc
2312:error:02001002:system library:fopen:No such file or
directory:bss_file.c:352:fopen('cacert.asc','r')
2312:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
Many Thanks
James
absolutely necessary for SSL replication to work or can I get
around it? This is my test environment so I would like to do without if
possible for the time being.
Thank you
James
*
*
> James Chavez wrote:
> > Thank you for the reply.
> > OK so the Root CA is self signed o
use certutil to create a cert
database with ...
certutil -N -d -f /passfile
Does it matter where I create this?
After this I just import the cacert.asc, is that accurate?
Thank you
James
On Thu, 2008-12-04 at 11:49 -0800, George Holbert wrote:
> >
> > But what about creat
there can I just import them into the clients? I have read the NSS tools
links regarding PKI and SSL but I am still having a bit of difficulty.
On the FDS wiki documentation site there are some good links but I am
not sure how to go about this to use TLS:simple authentication.
Thank you
James
objectclass, so no attributes are assigned. I tried
setting up a pointer object class with no luck. Is there a trick to
setting this up for an objectclass or is there a better way of reaching
my objective?
--
James D. Roman
Sr. Network Administrator
Science Systems and Application, Inc.
Phone
I am having trouble getting fedora-ds-admin to do anything but display
an empty dialog. I am attempting this on CentOS 5.2 and I've tried it with
both java-1.5.0-sun and java-1.5.0-ibm.
fedora-idm-console -D 9 http:127.0.0.1:9830 > http://pastebin.com/f4c8867aa 2>&1
This is on a development VM, i
Hi All,
I'm about to set up a Fedora DS 1.1 instance, but I'm unable to find the "new"
mmr.pl script. Every link I've found which purports to have the script seems
to be broken. Can someone point me at this script?
Thanks,
~James
--
James Bushey
Software Engineer
started up the other master, and replication
resumed as normal, without any error messages.
That seemed to work for me. Thanks for all of your help.
~James
[EMAIL PROTECTED] ~]$ ldapsearch -MMxw -D "cn=Directory
Manager" -b "ou=people,dc=soleocommunications,dc=com" -
ng in my search? Or, is there something else I can
try?
Thanks
~James
On Tuesday 25 March 2008 14:46:56 Nathan Kinder wrote:
> James wrote:
> > Hi All,
> >
> > I have a set of directory servers with multi-master replicaiton. On one
> > of the two master servers, I se
The logs is repeated once per second (there are two in this copy/paste). I
have a high-level understanding of what a glue entry is, and why one would be
created, but why can't this server create one in this instance? And, is
there anything I can do to fix this repeated log?
Thanks,
~Ja
hello,
I've got a pair of masters replicating happily.
I restore a db backup to master01 and reinitialise the master01->master02
replication agreement. On master02 I see:
[13/Dec/2007:17:55:34 +0100] NSMMReplicationPlugin - replica_reload_ruv:
Warning: new data for replica ou=x,dc=y,dc=com d
bute be set to "CL2LDIF" on one server constantly, but not be set
at all on the other? Might this setting be causing one slow server? If so,
how can I fix this situation?
Any help would be greatly appreciated.
Thanks,
~James
--
James Bushey
Software Engineer
Soleo Communications
made me
nervous about how trouble-free a restore might be...
Before we jump in & test the process - is there a documented procedure for
restoring replicated databases & do I have to worry about the changelog when
restoring?
Many thanks for
s should be ok?:
Numeric String Y 1.3.6.1.4.1.1466.115.121.1.36
Any ideas?
Thanks,
James
As far as I can tell from RFC2252 this should be ok?
_
The next generation of MSN Hotmail has arrived - Windows Live Hotmail
http://www
For fear of asking the complete obvious, have you checked your local
firewall?
The default for Fedora is to block everything (assuming it's enabled).
cheers,
James
On 01/09/2007, at 12:19 PM, Bob Wooden wrote:
Cannot connect to the Admin Server "http://**.***.***:43766";
pl) on the server1 when the config
instance (created during install/setup) is already there. If there were an
option to create a new instance via the console and specify a separate
configuration directory it'd be easy...presumably!Is this the normal way to do
this? Kind regards,James> Date
600> From: [EMAIL
PROTECTED]> To: fedora-directory-users@redhat.com> Subject: Re:
[Fedora-directory-users] Configuration Directory Question> > James Deuchar
wrote:> > Hi,> >> > I've got a what I thought was a relatively simple DS setup
with two &g
Hi,I've got a what I thought was a relatively simple DS setup with two master
DS servers doing master-master replication. In the future slaves may be added
into the equation.Initially I installed both servers the same - as standalone
DS' each with it's own admin server and 'in-house' o=Nets
Hi,
Is it possible to create new server instances via the command line as
opposed to admin console?
The same question goes for setting up replication...?
Many thanks!
_
Txt a lot? Get Messenger FREE on your mobile.
https://liv
I kludged my way around this.
I just exported a dc=int,dc=domain,dc=com that was there and then edited
the resulting ldif, and initialized the ama db from it.
The ama root now exists.
---
James S. White
nly the Directory Manager has the right to create the Root Entry
Log in as Directory Manager to be able to perform this operation.
-------
James S. White primary/voip: (615) 469-0268
220 Hidden
How does one add custom attributes and objectclasses without using the
GUI in fedora-ds?
---
James S. White primary/voip: (615) 469-0268
220 Hidden Valley Rd..O. mobile: (256
lways keep directories in sync
---
James S. White primary/voip: (615) 469-0268
220 Hidden Valley Rd..O. mobile: (256) 476-2619
Danville, AL 35619 ..O
olaris, its free, the support is not.
>
> --- James Greene <[EMAIL PROTECTED]> wrote:
>
>> Hello,
>> Just joined the list. I want to compile fedora
>> directory on Solaris 10
>> (sparc). Anyone have any good docs on it? I am using
>> gcc. Thanks
>>
Hello,
Just joined the list. I want to compile fedora directory on Solaris 10
(sparc). Anyone have any good docs on it? I am using gcc. Thanks
Jim
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
Ahhh thanks, I did not know the Fedora DS GUI could modify schema,
I'll have to get my GUI working now.
- Original Message From: David Boreham <[EMAIL PROTECTED]>To: General discussion list for the Fedora Directory server project. Sent: Monday, September 25, 2006 4:42:51 PMSubject: Re:
ot the other attributes of inetOrgPerson, when I try to create the object I get an object violation error.
I didnt quite understand this part you mentioned , what else could I be missing.
.and have your users implement both inetOrgPerson and your auxiliary class.
Any ideas ?
Thanks
.
Thanks,
Kevin
- Original Message From: kevin james <[EMAIL PROTECTED]>To: fedora-directory-users@redhat.comSent: Monday, September 25, 2006 3:43:07 PMSubject: Extending inetOrgPerson's schema to support custom attributes
Hello All,
I'm trying to extend the inetOrgPerson&
Hello All,
I'm trying to extend the inetOrgPerson's schema in order to better support our companie's
user profile. I 've been doing some googling and I understand that modifications need to be done to the 99users.ldif file, I've tried a couple of settings but I'm unable to see my custom attributes
=hg,dc=com
nsUniqueID: fd033081-1dd111b2-80cef01a-e856
[EMAIL PROTECTED] bin]#
Richard Megginson wrote:
James B Newby wrote:
Yes, it is a read-only consumer, set up as per instructions in the
administration guide.
My multi-master replication scheme works fine. When chaining is not
set up
they do not propagate to the master.
Are there any other queries I should make to the server in order to give
you more information?
Richard Megginson wrote:
James B Newby wrote:
Yes. I can add or modify entries on the consumer with update
chaining set up, but those changes do not propagate to
n answer but no luck.
Richard Megginson wrote:
James B Newby wrote:
Well actually the entry was already there; I just made a small change
to one of the attributes on the consumer through the directory console.
I added a new entry on the consumer from the command line:
[EMAIL PROTECTED] bin]# .
maCSN creatorsName nsICQStatusText pwdpolicysubentry ldapSyntaxes
createTimestamp nsLookThroughLimit *"
[01/Sep/2006:18:20:05 -0500] conn=1 op=26 RESULT err=0 tag=101
nentries=1 etime=0
[01/Sep/2006:18:20:05 -0500] conn=1 op=27 SRCH
base="uid=nbody,ou=people,o=thgg,dc=hg,dc=com"
from
fedora-ds-1.0.2-1.FC4.i386.opt.rpm on all machines. All three machines
are Intel/CentOS 4.3.
-James
In the consumer's access log:
[01/Sep/2006:17:41:34 -0500] conn=1 op=8 SRCH
base="uid=jhines,ou=people,o=thgg,dc=hg,dc=com" scope=0
filter="(|(objectClass=*)(object
r replication is set up, this entry is present on all
three servers.
Any help would be appreciated! Thanks!
-James
dn: cn="dc=hg,dc=com",cn=mapping tree, cn=config
objectClass: top
objectClass: extensibleObject
objectClass: nsMappingTree
nsslapd-state: backend
cn: "dc=hg,dc=com&qu
something like
that).
Thanks,
James T. Richardson, Jr.
[EMAIL PROTECTED]
eXcellence in IS Solutions,
Inc.
Office: 713-862-9200 x226
NOTICE:
This message may contain privileged or otherwise confidential information. If you are not the intended recipient, please immediately advise the
Doh!
I spent a lot of effort tracking this down, making sure I had everything
in order And I fat-fingered the address in DNS.
Install works great now. :)
Thanks,
James T. Richardson, Jr.
[EMAIL PROTECTED]
eXcellence in IS Solutions, Inc.
Office: 713-862-9200 x226
-Original Message
run the console
application.
Can someone please help, I am not sure where to go next.
Thanks,
James T. Richardson, Jr.
[EMAIL PROTECTED]
eXcellence in IS Solutions, Inc.
Office: 713-862-9200 x226
NOTICE:
This message may contain privileged or otherwise confidential information. If
you are n
Hi Richi,
By any chance, have you checked out pam_ccreds?
James
On Tue, 1 Aug 2006, Richi Plana wrote:
> Hi, All.
>
> Any suggestions/leads?:
>
> On Thu, 2006-07-27 at 10:25 -0600, Richi Plana wrote:
> > Hi, All.
> >
> > On Wed, 2006-07-26 at 00:03 -0600, Ri
Thanks to Mike and Pete for the solution. I suspected it was a java
problem. Glad it's not.
//James
--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users
in...', but no login window.
The prompt does not return either from ./startconsole command until I
press Ctrl-C, when the splash screen also disappears.
I have not been able to find any errors recorded in log files.
Any help would be appreciated.
//James
--
Fedora-directory-users mailing li
"Administrator" account?
Could a problem or poor configuration of the root/administrator accounts
be the root cause?
J
On Fri, 2005-11-11 at 18:02, James van Zeeland wrote:
> Hi.
>
> Up to date FC4 install + Fedora Directory + Samba + VMware , on HP ML150
> dual 3.0G Xeons
Hi.
Up to date FC4 install + Fedora Directory + Samba + VMware , on HP ML150
dual 3.0G Xeons w/ 2Gb
Boots as a Directory server, and then on start of X logs in as vmware
user which starts a VMware only session (no window manager) and launches
a 2003 terminal server. Files are served from samba o
Turning off selinux protections for Samba solves issue
J
On Thu, 2005-08-25 at 21:23, James van Zeeland wrote:
> Scratching my head on samba integration.
>
> I can login Posix users OK, i.e. go to directory console create a user,
> enable posix attributes, set UID and GID, c
Scratching my head on samba integration.
I can login Posix users OK, i.e. go to directory console create a user,
enable posix attributes, set UID and GID, create a home directory and
the user can login.
Have followed the howto linked to from docs page.
Attempting to login with samba from an XP w
84 matches
Mail list logo