On 01/22/2014 12:31 PM, Chaudhari, Rohit K. wrote:
Before I explore this further, when using ldappasswd, will it still
prompt me for the current password before I can type in a new password to
replace it?
You need to be bound to the LDAP server as a user who has permission to
change the
On 01/21/2014 05:16 AM, Diego Woitasen wrote:
On Mon, Jan 20, 2014 at 9:17 PM, Diego Woitasen di...@woitasen.com.ar wrote:
Hi,
I have a replication error with 389DS. If I try a full resync,
replication works. But if I modify something after that, it fails. The
only lines that I see in the
On 01/21/2014 12:29 PM, Chaudhari, Rohit K. wrote:
Hello,
I want to be able to use the Unix passwd command to reset a LDAP
user's password from the command line. However, I keep getting an
authentication token manipulation error whenever I try to reset the
password using that command.
On 01/15/2014 10:51 AM, Richard Mixon wrote:
Nathan/Rich,
Thank you both for the responses.
We are using the 389 Directory Server for a pretty isolated situation -
authentication/authorization for external users on an extranet type
portal website (it integrates pieces of several different
On 01/16/2014 07:13 AM, Paolo Barbato wrote:
On 16/gen/2014, at 15:52, Rich Megginson rmegg...@redhat.com wrote:
On 01/16/2014 07:48 AM, Paolo Barbato wrote:
Hi Rich,
On 16/gen/2014, at 15:28, Rich Megginson rmegg...@redhat.com wrote:
On 01/16/2014 12:56 AM, Paolo Barbato wrote:
Thanks
On 01/15/2014 09:38 AM, Richard Mixon wrote:
During the bind process is there anyway to tell 389 directory server to
hash a plaintext password n (multiple) times before trying to compare to
what is stored?
I am trying to implement something similar to what's described in this
article:
On 09/30/2013 04:56 PM, Michael R. Gettes wrote:
I have the ldap-agent working. All I see is
snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2312
SNMPv2-SMI::enterprises.2312.6.5.1.1.389 = STRING: 389 Replica
SNMPv2-SMI::enterprises.2312.6.5.1.2.389 = STRING: 389-Directory/1.2.11.15
Title: Untitled Document
On 03/22/2013 02:24 AM, Scott Crooks
wrote:
Greetings,
We're using 389-ds on CentOS 6.4 with 3 master LDAP servers in
different locations. All three master servers have a problem
adding new users in
On 03/19/2013 02:33 PM, Chandan Kumar wrote:
Hello,
I am deploying the 389 server (On CentOS 6) to manage the Linux
Users/Password. So as part of Linux User management, I was trying to
get the Managed Entries work for Posix user creation.
I am following the standard Redhat documentation.
On 02/27/2013 07:49 AM, Rich Megginson wrote:
On 02/27/2013 08:48 AM, Nathan Kinder wrote:
On 02/27/2013 06:57 AM, Rich Megginson wrote:
On 02/26/2013 10:17 PM, Nathan Kinder wrote:
On 02/26/2013 08:42 PM, David Baird wrote:
Hi,
We have been experiencing an intermittent problem with our AD
On 02/26/2013 08:42 PM, David Baird wrote:
Hi,
We have been experiencing an intermittent problem with our AD sync,
where updates to a group in 389 have resulted in the group being
emptied of users.
This has been occurring at various times but not consistently, so was
very difficult to
On 02/20/2013 02:33 PM, Rob Crittenden wrote:
With DNA configured for allocating POSIX uids with an MMR setup we see
the range split in half with every new replica provisioned. This is
expected.
It appears that if a replica is deleted then its range is lost. Is
there a way to recover this
On 05/16/2012 06:16 AM, Paul Robert Marino wrote:
The exact timing of the issue is to strange is there a backup job
running at midnight. Or some other timed job that could be eating the
ram or disk IO. Possibly one that is reliant on ldap queries that
would otherwise be inocuious.
It is
On 05/16/2012 01:09 PM, Brad Schuetz wrote:
On 05/16/2012 11:54 AM, Nathan Kinder wrote:
On 05/16/2012 11:19 AM, Brad Schuetz wrote:
On 05/16/2012 06:16 AM, Paul Robert Marino wrote:
The exact timing of the issue is to strange is there a backup job
running at midnight. Or some other timed job
On 05/16/2012 11:19 AM, Brad Schuetz wrote:
On 05/16/2012 06:16 AM, Paul Robert Marino wrote:
The exact timing of the issue is to strange is there a backup job
running at midnight. Or some other timed job that could be eating the
ram or disk IO. Possibly one that is reliant on ldap queries
On 03/13/2012 04:09 PM, Petr Spacek wrote:
Hello list,
I'm looking for way how to bypass nsslapd-sizelimit and
nsslapd-timelimit for persistent search made by specific user (or
anything made by that user).
Please, can you point me to right place in documentation about
persistent
On 03/02/2012 06:32 AM, Michael R. Gettes wrote:
On Mar 2, 2012, at 9:21, Rich Megginson wrote:
On 03/01/2012 09:56 PM, Michael R. Gettes wrote:
I am in process of standing up a new directory service and will have to migrate
many apps to the new service. Do you believe 1.2.10.2 is stable
On 11/08/2011 04:52 AM, cnu wrote:
Hello,
I use 389 directory server 1.2.8.1 in a master slave replication
configuration.
One master and five slaves.
Now I want to configure DNA plugin. Is it sufficient to activate the
plugin only on the master server ?
By slave, I assume you mean read-only
On 09/16/2011 08:48 AM, solarflow99 wrote:
On Fri, Sep 16, 2011 at 11:01 AM, Rich Megginson rmegg...@redhat.com
mailto:rmegg...@redhat.com wrote:
On 09/16/2011 08:55 AM, Vasil Mikhalenya wrote:
hi all,
can windows sync agreement replicate nested objects ? like
On 07/08/2011 07:26 AM, Arian Sanusi wrote:
does that mean it listens only on IPv6?
What does 'sysctl net.ipv6.bindv6only' show on your system?
Do you have nsslapd-listenhost set in your cn=config entry? You can
check this in /etc/dirsrv/slapd-instance/dse.ldif.
[root@centos5-test ~]# netstat
On 05/23/2011 05:57 AM, Michael Pelletier wrote:
Can anyone help with this?
On May 22, 2011, at 12:42 AM, Michael Pelletier
michael.pellet...@me.com wrote:
Hello all,
I am building my own package. I have compilied everything except
389-ds-console-1.2.5, 389-console-1.1.6 and
On 05/23/2011 08:47 AM, Philip Rhoades wrote:
Christopher,
On 2011-05-24 01:08, Christopher Wood wrote:
On 23/05/11 02:06 AM, Carsten Grzemba wrote:
I guess the standard schema of 389Ds do not know objectclass
mozillaAbPersonAlpha and the attribute mozillanickname
My 389 install (rpm via
On 05/23/2011 10:56 AM, Michael Pelletier wrote:
On May 23, 2011, at 11:55 AM, Rich Megginson rmegg...@redhat.com wrote:
On 05/23/2011 09:51 AM, Michael Pelletier wrote:
Hello,
I have followed the instructions on
On 03/17/2011 01:33 PM, pav...@gmail.com wrote:
Hi,
Is it possible to sync uidNumber and gidNumber from AD 2008 to DS. If
not is there any way to map this attributes? Documentation is showing
only hard coded pre-define attribute is being synchronize. Thanks
The documentation is correct. The
On 03/16/2011 04:31 AM, Juan Asensio Sánchez wrote:
Hi
We had in version 1.1.3, some values in the attribute
destinationIndicator with tildes and special chars; in that version
the syntax of the attribute was Directory String. We have updated to
version 1.2.5, and now, when running
Do you have any of the dejavu-* packages installed? This might be a
font problem.
On 02/17/2011 03:23 PM, Daniel R. Gore wrote:
I have finally got 389 to build completely on a RHEL6 virtual systems.
Unfortunately, I cannot get the console(s) to work correctly. When I
execute the
On 02/14/2011 10:36 AM, danielg...@yaktech.com wrote:
I have managed to get everything compiled and all packages installed, but
when I go through the /usr/sbin/setup-ds-admin.pl script if fails with
Could no start the admin server. Error: 256
Failed to create and configure the admin server.
On 11/29/2010 02:03 PM, brandon wrote:
Is there an easier way to get the SRC RPMs without YUM?
I find the YUM repo a very frustrating way of getting the software. I
want the the src RPMs so I can rebuild them myself, but I don't want to
get the version that is pushed via yum by default. I
On 11/23/2010 09:33 AM, Nathan Kinder wrote:
On 11/23/2010 08:56 AM, Andrey Ivanov wrote:
Hi Rich,
I have two issues with this new version (that i have compiled from the
git sources)
here is the first issue :
there were some changes to the memberfo plugin (Bug 620927) that added
a more
On 11/23/2010 12:34 PM, Nathan Kinder wrote:
On 11/23/2010 08:56 AM, Andrey Ivanov wrote:
Hi Rich,
I have two issues with this new version (that i have compiled from the
git sources)
here is the first issue :
there were some changes to the memberfo plugin (Bug 620927) that added
a more
On 11/09/2010 08:06 AM, Daniel Maher wrote:
On 11/09/2010 04:27 PM, Gerrard Geldenhuis wrote:
There is another document on the wiki which describes how to setup
certificates for a vip that is similar to what you want to do. I can't
find it at the moment but might be worth trolling
On 10/29/2010 08:28 AM, Uzor Ide wrote:
Hi
we have a need for 389 directory to store password in clear text, in
given subtree. I have used the console to configure password policy
and chose CLEAR for the encryption scheme under passwordStorageScheme,
yet the passwords are still SSHA
.
Good catch. Please open up a bug on this and I'll get it addressed.
-NGK
On Oct 15, 2010, at 11:19 AM, Robert Viduya wrote:
On Oct 14, 2010, at 5:25 PM, Nathan Kinder wrote:
The 1.2.6.1 instance should detect that the 1.2.2 version does not support
the newer startReplication extop
On 10/16/2010 11:42 AM, Edward Z. Yang wrote:
I've got a failure, and I'm able to gdb it. However, I don't
know what to look for. What kind of tracing would you like to
see? I was going to wireshark but decrypting the Kerberos would
be annoying.
If you can break in acquire_replica() on
On 09/30/2010 09:49 PM, Barry Sitompul wrote:
Hi All,
Does 389-DS provide a tool to check the synchronization state between
replicas to check whether or not the replicas have converged?
I recall there was a tool called 'insync' that came with Sun Directory
Servers quite some time ago. Just
On 09/22/2010 05:48 AM, smlacc1 leador wrote:
Hi There,
I just installed 1.2.6 from the epel repository onto a freshly
installed and updated RHEL 5.5.
When I use service dirsrv-admin start, it starts, but then refuses
to receive connections. the /var/log/dirsrv/admin-serv/error log
shows
On 09/22/2010 10:45 AM, Gerrard Geldenhuis wrote:
Hi
This is probably OT but I am not having much luck with google. How can
I create SSHA512 strings? I have been using either a php script or
slappasswd to create SSHA password but not sure how to do SSHA512.
openssl can create the SHA512
On 09/14/2010 12:41 PM, Rich Megginson wrote:
Brandon G wrote:
Nathan Kinder wrote:
On 09/01/2010 05:50 PM, brandon wrote:
I am curious if anybody knows of a bug with the password history limit?
I am not aware of a bug like this. What version of 389-ds-base
On 09/14/2010 02:00 PM, Nathan Kinder wrote:
On 09/14/2010 12:41 PM, Rich Megginson wrote:
Brandon G wrote:
Nathan Kinder wrote:
On 09/01/2010 05:50 PM, brandon wrote:
I am curious if anybody knows of a bug with the password history limit
On 09/01/2010 05:50 PM, brandon wrote:
I am curious if anybody knows of a bug with the password history limit?
I am not aware of a bug like this. What version of 389-ds-base are you
running?
I have the limit set to 20 passwords, and due to debugging I have cycled
through 20 passwords.
On 08/31/2010 08:28 PM, Brian LaMere wrote:
Was this ever looked at again for a feature enhancement? Is it
already available, if I do X thing?
A feature enhancement to the schema conversion tool? I'm not sure who
maintains that now.
well, I was simply running the
On 07/29/2010 01:30 AM, Rudolf Hatheyer wrote:
Hi,
I've noticed a difference in behavior between 1.0.x and 1.2.x Version of
FDS.
Version 1.2.x will not return the hole schema (without specifying
attributes objectClasses, matchingRules ).
This change came about from some work to make 389
On 07/27/2010 10:21 AM, --[ UxBoD ]-- wrote:
Hi,
We have a Windows replication agreement in place which works great; plus we
are using the PassSync on the Windows server itself. The issue we have is
that when somebody changed their password on the Windows server it has got
stuck due to a
On 07/23/2010 07:19 AM, Roberto Polli wrote:
Hi all,
it seems that the new 00core.ldif doesn't contain the NAME alias for the
fields (eg. cn commonName)
it cause other old ldif not to work under new releases of fds.
Why are the aliases have been removed?
I don't think that this was
On 07/23/2010 07:20 AM, Dael Maselli wrote:
Hi,
I installed a new 389 (389-ds-base-1.2.5-1.el5.x86_64) to replace the
old FDS (fedora-ds-base-1.1.3-2.fc6.x86_64) and migrated the content.
Now I realize that search behavior on 'mail' has changed, the old was
case-insensitive and now is
I upgraded everything to what was in
updates-testing no more selinux messages, sorry about the confusion.
Aaron
2010/7/15 Nathan Kinder nkin...@redhat.com
mailto:nkin...@redhat.com
On 07/15/2010 09:12 AM, Aaron Hagopian wrote:
I upgraded my fedora 13 x86_64
On 07/02/2010 07:22 AM, Daniel Maher wrote:
On 07/02/2010 11:58 AM, Daniel Maher wrote:
I am trying to get system groups working on 389-ds via the addition of
posixGroup as a value for a given LDAP group.
However, this error appears in the log :
[02/Jul/2010:09:43:03 +]
On 07/06/2010 09:08 AM, Daniel Maher wrote:
On 07/06/2010 05:31 PM, Nathan Kinder wrote:
http://directory.fedoraproject.org/wiki/Howto:DNA
The way you have DNA configured will cause it to try to add a
uidNumber attribute to a posixGroup entry. You should change
On 06/24/2010 03:49 PM, Steven Jones wrote:
Steven Jones wrote:
8-
see also the configuration directory ldap url - ldapurl in
/etc/dirsrv/admin-serv/adm.conf
8-
Ok, I fixed the latter by editing the adm.conf to point at
636however I now have a SSL
On 06/15/2010 07:20 PM, Steven Jones wrote:
Hi,
I installed with, yum -y install 389-ds
I have started the console with, /usr/bin/389-console
under the Server group folder I have Administration Server and Directory
Server (hostname)
Clicking on either of these gives me a class load
On 05/19/2010 01:39 PM, Roland Schwingel wrote:
Hi
One last question before switching of my machine...
Is it possible that the dirsrv logfiles (access, error etc.) are
written to disk with activated buffering?
When I do a tail -f on these logfiles I see a big delay in output.
When I do
On 05/18/2010 09:50 AM, Rich Megginson wrote:
Nathan Kinder wrote:
On 05/18/2010 08:48 AM, Rich Megginson wrote:
Roberto Polli wrote:
On Tuesday 18 May 2010 16:28:48 Rich Megginson wrote:
...I would start with the member of plugin code
On 04/19/2010 07:03 AM, Daniel Maher wrote:
On 04/16/2010 06:39 PM, Nathan Kinder wrote:
The document you are using off of the wiki is an feature design document
that was used while developing DNA. Not everything mentioned in there
is in the plug-in. The ability to use multiple dnaType
On 04/14/2010 03:02 AM, Daniel Maher wrote:
On 04/14/2010 11:45 AM, Daniel Maher wrote:
When i use the console to add a new user, it expects there to be a value
in three fields : UID Number, GID Number, and Home Directory. The
console will not create the entry if those fields are empty.
On 04/14/2010 04:10 AM, Daniel Maher wrote:
On 04/14/2010 11:45 AM, Daniel Maher wrote:
At ~ 09:28, i attempted to add the user entry as described above. At ~
09:29 i manually restarted the dirsrv service. As you can see, there
are no long entries related to the interaction or the
On 02/17/2010 01:36 PM, serge.ste...@fmsb.be wrote:
I still have one problem that prevent me to migrate from tivoli to 389
ldap
i have a problem with the birthdate attribute. I have encoded this in
a ldif
with the format MMJJHHMMSS but it refuse my question is
what is the format that i
On 01/14/2010 10:56 AM, Fulda, Paul R (IS) wrote:
Hi,
I am trying to configure the Password Policy for my users and read
that you would not be able to use the Policy unless you set up SSL/TLS.
Where did you read this? SSL/TLS is not required to use the password
policy features.
I am
On 01/14/2010 02:00 AM, Fazli wrote:
Hi,
I'm currently making use of the DNA plugin to assign unique values for
the 'uidNumber' attribute for new POSIX users, which (from what I
understand) is the 'ideal' configuration in a large, corporate
environment.
I decided to run a stress test by
58 matches
Mail list logo