[389-users] errors messages in /var/log/messges

2020-03-04 Thread Mitja Mihelič
al0-local7 and none of them are responsible. What could be causing this? Kind regards, Mitja Mihelič ___ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-le...@lists.fedoraproject.org Fedora Code of Condu

[389-users] Operational attributes

2016-07-27 Thread Mitja Mihelič
set up an operational attribute that would do if (shadowExpire =< today) then return 0 else return 1 Is it possible to add one's own operational attributes to 389DS? If it is, how should it be done the right way? Kind regards, Mitja -- Mitja Mihelič ARNES, Tehnološki park 18, p.p. 7, S

[389-users] Re: Schemas, filters, attributes and values

2016-07-07 Thread Mitja Mihelič
On 06/07/16 14:26, Ludwig Krispenz wrote: On 07/06/2016 02:12 PM, Mitja Mihelič wrote: Hi! We would like to connect our services to 389DS. Each user would have an attribute that would determine their quota for each service. We have a registered space within the OID tree for our organization

[389-users] Re: nsAccountLock - Server is unwilling to perform

2015-12-15 Thread Mitja Mihelič
On 21/10/15 15:54, Rich Megginson wrote: On 10/21/2015 01:00 AM, Mitja Mihelič wrote: On 20/10/15 15:57, Mark Reynolds wrote: On 10/20/2015 09:37 AM, Mitja Mihelič wrote: Hi! We are using using nsAccountLock=true to lock user accounts. We also have dovecot authenticating users against

Re: [389-users] nsAccountLock - Server is unwilling to perform

2015-10-21 Thread Mitja Mihelič
On 20/10/15 15:57, Mark Reynolds wrote: On 10/20/2015 09:37 AM, Mitja Mihelič wrote: Hi! We are using using nsAccountLock=true to lock user accounts. We also have dovecot authenticating users against the 389DS. If we set nsAccountLock=true, then we get Oct 20 14:39:30 SERVER dovecot: auth

[389-users] nsAccountLock - Server is unwilling to perform

2015-10-20 Thread Mitja Mihelič
;User is locked" or "Authentication failed"... Kind regards, Mitja -- -- Mitja Mihelič ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia tel: +386 1 479 8800, fax: +386 1 479 88 99 -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.

Re: [389-users] multi-valued nsAccountLock

2015-07-10 Thread Mitja Mihelič
Re-lifing an old thread here, but I have been searching for the same answer. We were thinking of using the multi-value feature to lock various aspects of an account. By entering values like web, mail, app would mean no access to the respective service. Are there any ideas on multi-value

Re: [389-users] db2bak on a provider/master

2015-02-26 Thread Mitja Mihelič
Thank you for the clarification. Regards, Mitja On 26. 02. 2015 15:56, Rich Megginson wrote: On 02/26/2015 07:41 AM, Mitja Mihelič wrote: -- Mitja Mihelič ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia tel: +386 1 479 8877, fax: +386 1 479 88 78 On 26. 02. 2015 15:18, Rich

Re: [389-users] db2bak on a provider/master

2015-02-26 Thread Mitja Mihelič
-- Mitja Mihelič ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia tel: +386 1 479 8877, fax: +386 1 479 88 78 On 26. 02. 2015 15:18, Rich Megginson wrote: On 02/26/2015 06:30 AM, Mitja Mihelič wrote: Hi! We have a provider/consumer (master/slave) setup and we wish to create

[389-users] db2bak on a provider/master

2015-02-26 Thread Mitja Mihelič
: Standalone db2bak is not supported when a multimaster replication enabled server is coexisting. Please use db2bak.pl, instead. Since multimaster replication is not used, should I consider this a bug? Or is it referring to the Single Master setup as a multimaster setup? Regards, Mitja -- -- Mitja

[389-users] Managing user quotas

2013-11-25 Thread Mitja Mihelič
in 389DS Reagards, Mitja -- -- Mitja Mihelič ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia tel: +386 1 479 8877, fax: +386 1 479 88 78 -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users

Re: [389-users] 389 directory server crash

2013-11-21 Thread Mitja Mihelič
I disabled LDAP paging in sssd.conf and let the setup run for a while. No crashes since. It does worry me though, that some other application could crash the server by using result paging. On 18. 11. 2013 17:05, Rich Megginson wrote: On 11/18/2013 07:01 AM, Mitja Mihelič wrote: On 15. 11

Re: [389-users] 389 directory server crash

2013-11-18 Thread Mitja Mihelič
On 15. 11. 2013 21:46, Rich Megginson wrote: On 11/15/2013 02:58 AM, Mitja Mihelič wrote: On 14. 11. 2013 22:08, Rich Megginson wrote: On 11/14/2013 08:50 AM, Mitja Mihelič wrote: One of the consumers has crashed again and I have attached the stacktrace. Four hous later it crashed again

Re: [389-users] ACI invalid syntax

2013-09-05 Thread Mitja Mihelič
On 09/04/2013 04:30 PM, Ludwig Krispenz wrote: On 09/04/2013 04:11 PM, Mitja Mihelič wrote: Hi! We are moving our Directory server from CentOS 5 Directory Server to CentOS 6 with 389 Directory Server. Our DIT looks like this: dc=example,dc=com |- dc=guests,dc=example,dc=com We would like

Re: [389-users] ACI invalid syntax

2013-09-05 Thread Mitja Mihelič
On 09/04/2013 04:21 PM, Rich Megginson wrote: On 09/04/2013 08:11 AM, Mitja Mihelič wrote: Hi! We are moving our Directory server from CentOS 5 Directory Server to CentOS 6 with 389 Directory Server. Our DIT looks like this: dc=example,dc=com |- dc=guests,dc=example,dc=com We would like

[389-users] ACI invalid syntax

2013-09-04 Thread Mitja Mihelič
) (userdn = ldap:///self;) ;) This ACI works on the ol' CentOS 5 and the installed CentOS Directory server. However the very same ACI cannot be applied in the 389DS on CentOS 6. LDAPException: Invalid syntax (21) How should the ACI be written to work on CentOS 6 389DS? Kind regards, Mitja -- -- Mitja

Re: [389-users] Attribute value ordering

2013-08-21 Thread Mitja Mihelič
happened in the background. Do you think this could also be done from the command line? Regards, Mitja -- Mitja Mihelič ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia tel: +386 1 479 8877, fax: +386 1 479 88 78 On 08/19/2013 05:22 PM, Rich Megginson wrote: On 08/19/2013 09:12 AM

Re: [389-users] Logging to syslog

2013-08-20 Thread Mitja Mihelič
$InputFileFacility local4 $InputRunFileMonitor We use the local4 facility as it was the default when we were using OpenLDAP. And take into account that all messages will have the same severity, in this case info. Regards, Mitja -- Mitja Mihelič ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana

Re: [389-users] 389 directory server crash

2013-07-17 Thread Mitja Mihelič
On 07/16/2013 04:49 PM, Rich Megginson wrote: On 07/16/2013 01:23 AM, Mitja Mihelič wrote: On 07/15/2013 05:28 PM, Rich Megginson wrote: On 07/15/2013 02:57 AM, Mitja Mihelič wrote: On 07/12/2013 05:55 PM, Rich Megginson wrote: On 07/12/2013 08:22 AM, Mitja Mihelič wrote: On 07/09/2013 03

Re: [389-users] 389 directory server crash

2013-07-15 Thread Mitja Mihelič
On 07/12/2013 05:55 PM, Rich Megginson wrote: On 07/12/2013 08:22 AM, Mitja Mihelič wrote: On 07/09/2013 03:34 PM, Rich Megginson wrote: On 07/09/2013 06:43 AM, Mitja Mihelič wrote: Hi! We are having problems with some our 389-DS instances. They crash after receiving an update from

[389-users] Restart of replicated servers

2010-06-17 Thread Mitja Mihelič
Hi! We currently have the following setup. consumer1 -- supplier1 ---multi-master-repl--- supplier2 -- consumer2 What is the correct order in which to restart directory servers so that all replication agreements will come up OK ? That is without us having to reinitialize all of the