Hi LIst,
I have 2 pairs of DS's in multimaster fractional replication with
memberof plugging excluded from replication , (DS1 <->DS2 )
and
second pair same fractional multimaster rep config ( DS3<>DS4)
I want to import with ldif2db a copy of DS content from first pairs to
second
OUjBaBCmTIPu7Mut"
--=-U4zaOUjBaBCmTIPu7Mut
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Tue, 2017-06-27 at 09:47 -0700, ghiureai wrote:
=3D20
Yes, this is a valid and supported configuration for migration of
the
data. We don't advise i
.sh output) refers
in 389 (ldap)
(Matveev Alexey)
2. multimaster replication with # 389-DS version +OS ? (ghiureai)
3. pam_ldap not respecting passwordExpirationTime (Mitch Patenaude)
4. Re: multimaster replication with # 389-DS version +OS ?
(Wil
Hi List,
I have an existing multimaster replication 389-DS , 2 hosts running :
OS :el6.x86_64 #1 SMP
with
389-ds-base-1.3.4.4-000.x86_64
I need to bring the 3 host and cfg multimaster rep/ or any other rep
if will work,
the new host will run:
OS: fc24.x86_64 #1
with
Hi List,
I 'm running 389-DS :
389-ds-base-1.3.5.15-1.fc24.x86_64 with TLS enable and the following cfg ,
is the last update version of TLS supported in this version?
i try using ( sslVersionMin: TLS1.1 and sslVersionMax: TLS2.0) but will
not work, seems works for (sslVersionMin: TLS1.1 and
Hi Team,
need help with following error after a fresh installation on FC 24:
rpm -qa | grep 389-ds
389-ds-base-1.3.5.15-1.fc24.x86_64
389-ds-console-1.2.16-1.fc24.noarch
389-ds-base-libs-1.3.5.15-1.fc24.x86_64
Seeing the following:
service dirsrv stop
Redirecting to /bin/systemctl stop
Hi LIst,
I am seeing a segmentation fault (Error updating console.conf: ) r when
trying to build 389-ds admin console ,
see details : running setup-ds-admin.pl , my OS and packages installed
Any clues , much appreciate.
Thank you
>>> setup-ds-admin.pl -ddd
+++check_and_add_entry: Entry not
Hello List,
I am running some search performance tests , basic ldapsearch augument
"cn" , on local ldap host with rsearch, and
seeing readwaiters: values chainng , here is a sample from dbmon
currentconnections: 41
totalconnections: 6407
currentconnectionsatmaxthreads: 0
Hi Gurus,
I am importing userRoot/DS data ( ldif2db -n userRoot) from a master
replication DS into a standalone DS and see the following lines when
import jobs starts ,
but continue and all the entries are been imported :
(the export created with : db2ldif -n userRoot )
Hello Gurus,
I was searching the web for some scripts to monitor DS performance , and
found the Open Ldap: ldap-ping.pl script,
I wonder if there is a version for 389-DS or if are other similar
performance measure scripts available for 389-ds?
Thank you
--
389 users mailing list
Hello Guris,
I'm not able to find the doc for this release I need to know the default
values for this 2 param and the menaing of (-1), I belive in older
verion used to be (0) ?
nsslapd-pagedlookthroughlimit: -1
nsslapd-pagedidlistscanlimit: -1 |
if rpm -qa | grep
Hi List,
I am seeing this warning/error in one of my LDAP log, ( version 1.2.11)
" NSACLPlugin - Can't find the acl in the tree for moddn
operation:olddnuid=" I would like to know more details , is this
related to an aci issue/missing etc?
Isabella
--
389 users mailing list
Hi List,
I would like to know if there is a cfg option in a multimaster
replication ( 2 servers both accept read-writes) to prevent
users/clients application writes to one of the master without
affecting the replication agreements.
my env 389-ds 1.3.4.4
Thank you
Isabella
--
389 users
Hi List,
After upgrading from DS 1.1.2 to 1.3.4.4 , I am seeing errors with
master/slave ( fractional replication: memberOf):
all transactions are been committed to producer but the following
case the transactions will not been committed to consumer :
( our case: create 2 new groups:A,
This issues has been fixed with new cfg :nsslapd-db-deadlock-policy
Thank you for your support
Isabella
On 01/14/2016 12:56 PM, ghiureai wrote:
Hi List,
we upgrade our master/slave 389-DS from 1.2.2 to 1.3.4, now I 'm
seeing the following error in master DS ( fractional replication
Hi List,
After upgrading from DS 1.1.2 to 1.3.4.4 , I am seeing errors with
master/slave ( fractional replication: memberOf):
all transactions are been committed to supplier but the following
case the transactions will Not been committed to consumer DS :
( our case: create 2 new
, ghiureai wrote:
Hi List,
After upgrading from DS 1.1.2 to 1.3.4.4 , I am seeing errors with
master/slave ( fractional replication: memberOf):
all transactions are been committed to supplier but the following
case the transactions will Not been committed to consumer DS :
( our case: create
Hi List,
we upgrade our master/slave 389-DS from 1.2.2 to 1.3.4, now I 'm
seeing the following error in master DS ( fractional replication with
memberof excluded), when running tests seeing db deadlocks in
errorlog , I found the RH case #47409/979169 mentioned to add and
cfg
Hi LIst,
we need to fix Error (65) we are seeing with memberOf pluging in
last DS 1.3.4. with already existing groups entries,
after some research I found the new param: |memberofAutoAddOC needs to
be added to membeOf plugin cfg , would this be sufficient to maintain
the exiting DS
Hi List,
Since this our first time running a 389-DS upgrade in a replication
master/slave env, and there are no special references in documentation,
from your past experience, should we consider upgrading first the slave
or master DS? ( upgrade 389-DS 1.2.2 to 1.3.4 )
Thank you for your
) , the documentation does not mention ?
just checking from other users experience.
Thank you ,
Isabella
On 12/02/2015 08:58 AM, ghiureai wrote:
Hi Rich,
Yes I totally agree I should see the prompt as you put here, this is
working in my case only when running:
setup-ds.pl -u
tinue.
Continue?
==
I have no idea what's wrong.
...
<https://lists.fedoraproject.org/archives/list/389-users%40lists.fedoraproject.org/thread/PI4Z4UYJST2FNSNV43M3DLOH6SQWEUHM/#>
On 12/01/2015 02:07 PM, ghiureai wrote:
Rich, still see bellow : and bellow only for ds no admin
_setup-
- servers may need to be restarted
Offline - servers must be shutdown - no username or password required
On 12/01/2015 01:23 PM, ghiureai wrote:
On 12/01/2015 11:42 AM, ghiureai wrote:
Rich, pls see the answers to your Q's ( the DS upgrade worked but
the DS Admin
On 12/01/2015 11:42 AM, ghiureai wrote:
Rich, pls see the answers to your Q's ( the DS upgrade worked but the
DS Admin set up will not behave same way )
...
<https://lists.fedoraproject.org/archives/list/389-users%40lists.fedoraproject.org/thread/PI4Z4UYJST2FNSNV43M3DLOH6SQWEUHM/#>
Hi List,
we are tying to upgrade to 389-ds 1.3.4 from 1.2.2 , after rpm installed
and update the server , when restarting the DS geting the following in
DS errorlog, there is no such "entryallowWeakCipher" in cfg file , what
should we dissable see entries for this cn
SSL alert: Cipher
grep 389-*
389-ds-console-1.2.12-000.x86_64
389-admin-1.1.42-000.x86_64
389-ds-base-1.3.4.4-000.x86_64
389-console-1.1.9-000.x86_64
389-admin-console-1.1.10-000.x86_64
389-adminutil-1.1.22-000.x86_64
On 12/01/2015 09:07 AM, ghiureai wrote:
Hi List,
we are tying to upgrade to 389-ds 1.3.4
HI LIst,
I am looking for clues to solve this messages after a export or DS
reboot we are seeing this messages,
I checked the 2 plugins: caseExactString and CaseIgnore String theya re
both enabled , where else should I look?
DS version:
389-ds-console-1.2.6-1.el6.noarch
Rich the version for 389-base is :( I know is old ,we are planing
upgrading in next future, but I do not see this messages on all DS hosts
running same DS version)
389-ds-base-1.2.11.15-34.el6_5.x86_64
Thanks a lot
Isabella
On 11/19/2015 08:00 AM, ghiureai wrote:
HI LIst,
I am
Hi List ,
I'm looking for cmd line steps to make a dedicated consumer in a
supplier in single master replication ( if original master goes
offline), I have the steps from Admin GUI ,
I would like to hase same steps but using cmd's line :
- add the new changelog entry at to be supplier
the db2index.pl?
Isabella
On 10/20/2015 01:32 PM, ghiureai wrote:
Hi Mark,
As per developers advise , I removed most the index listed here, we
have memberof pluging on and mutl-master rep pluging on,
I removed :mail, mailHost, telephoneNumber,seeAlso, owner,
ntUserDomainI,ntUniqueId
database config entry
[cn=numericid,cn=index,cn=NetscapeRoot,cn=ldbm database,cn=plugins,cn=config]
On 10/20/2015 08:58 AM, ghiureai wrote:
Mark , thank you for reply, the main reason I was asking is:
I seen several times when I removed user indexes using admin console
and after 2-3 days
Hi List,
I would like to know if after removing user indexes using the admin
console there is need to run the
|db2index.pl| script while the ldap is shutdown or should be fine to
run with DS online?
Thank you
Isabella
--
389 users mailing list
389-users@lists.fedoraproject.org
the indexes are getting re-create back ??
Thank you
Isabella
On 10/20/2015 08:42 AM, ghiureai wrote:
Hi List,
I would like to know if after removing user indexes using the admin
console there is need to run the
|db2index.pl| script while the ldap is shutdown or should be fine to
run with DS
10/20/2015 09:47 AM, ghiureai wrote:
Hi Mark as per your advise,
I checked the
/var/lib/dirsr5v/slapd-INSTANCE/db/useroot/ the files are gone
BUT seeing this lines
when exporting ldap instance, this are the indexes I removed few
days ago and saw them back
plugin_mr_find - Error: matching r
Hi LIst,
I have cfg a multimaster rep env with fractional rep, all agreements
are already in placed between suppliers and consumers , all consumers
had been cfg with Multi Master Replica option, reading trough RHES
389-ds there is some mentioning about "dedicated consumer" option in
to exclude "memeberOf" plugin from and this
when I start seeing this error.
Thank you !
On 10/16/2015 02:02 PM, ghiureai wrote:
Hi list,
we completed the MMRep Fractional rep excluded (memberOf pluging) and
on supplier seeing this error:
repl5_inc_wait for_async_results timed o
Hi List,
I have 2 questions related to export/ db2ldif for a domain:
-anything I need to be aware when using a export /db2ldif from a
multimaster rep cfg ldap file to be imported/ldif2db in a non
replication server cfg ldap ? or into another multimaster rep cf ldap
( are any rep
gelog.
Recreating the changelog file. This could affect replication with
replica's consumers in which case the consumers should be
reinitialized.."
Thank you
On 10/05/2015 08:13 AM, Rich Megginson wrote:
On 10/05/2015 08:57 AM, ghiureai wrote:
Gmorning List and Rich,
I manged som
/Administration_Guide/Advanced_Entry_Management.html#groups-cmd-memberof
Thank you
Isabella
On 10/01/2015 11:20 AM, Rich Megginson wrote:
On 10/01/2015 12:06 PM, ghiureai wrote:
Hi Rich
Unless the issue involves some sort of security problem that involves a
potential CVE, or contains sensitive data internal
ld saying "notes=U". However, I'd like to see the
logs
/>/ for evidence of this.
/
If there are internal searches that are unindexed, you'll need to turn
on logging of internal operations in the access log.
On 09/16/2015 08:59 AM, ghiureai wrote:
Hi Gurus,
we are trying to under
Hi Gurus,
we are trying to understand are performance issues and start
investigating the ACI's and indexes , I need to know if all "default
indexes" showing in 389-console admin are necessary beside the one which
we create for our application requirement :
- there are a 1/2 dozen of
Hi ,
we are having issues with one of our DS , part of multimaster
replication , after was onlin for several hours and brought up the DS is
not respoding running a basic ldapsearch to count the users or grous
will hang not results or messages in error or access file , we do not
know whre to
uot;uid=axxx,ou=Users,ou=ds,dc=cb,dc=net"
"(objectclass=groupofuniquenames)" "cn" | sort -u | wc
On 09/10/2015 03:00 PM, ghiureai wrote:
Hi Gurus,
we are seening some performance issues when running ldapsearch with
tree ou=Groups, ou=ds , dc=abc, dc=net takes longer than when
Hi Gurus,
we are seening some performance issues when running ldapsearch with
tree ou=Groups, ou=ds , dc=abc, dc=net takes longer than when looking
for same user but from one level up of tree up aka :ou=ds,
dc=abc,dc=net, the difference in time very high , any idea why we seeing
this ?
Also
Hi List,
I need a nice , clean solution to give access to LDAP error log and
access file to developers team on our prod ldap , mentioned I they
will not be allowed to log in the actual LDAP host, at present time
dev's are using Appache Studio
Thank you for all your input
--
389 users
11:57 AM, ghiureai wrote:
//
https://www.flowdock.com/app/canfar/access-control/threads/QyygOboGumgx3qw3tIO_828AMgQ
//
// We are seeing poor performance from LDAP retrieving 2500-4500 entries
// compare with one of our regular RDBMS , here is bellow the result for
// a ldapsearch.
// We
https://www.flowdock.com/app/canfar/access-control/threads/QyygOboGumgx3qw3tIO_828AMgQ
We are seeing poor performance from LDAP retrieving 2500-4500 entries
compare with one of our regular RDBMS , here is bellow the result for a
ldapsearch.
We are questioning if for general cn=(.*..) search
Hi lIst.
we are getting the following in access files, would like to know wher
eto look for clues , what means Resource temporarily unavailable ?
op=1 RESULT err=0 tag=101 nentries=5514 etime=14 notes=U
[31/Jul/2015:09:37:21 -0700] conn=143371 op=-1 fd=67 closed error 11
(Resource
Hi List
I would like to know how can I confiige my console to see the stats for
Connection Status windows there 4-5 columns :TIme Opened,Started but
can't see any fields entries in my 389-admin GUI for thist particular
counters ?
Thank you
Isabella
--
389 users mailing list
Hi Gurus,
we are trying to cfg the DNA pluging the, ldap host has two dc's :
dc =top1,dc=net and dc=top2,dc=net I have added the extra
layer/container with
ldapmodify add using :
dnascope: ou=ds,dc=top1,dc=net
Now I would like to extend this attribute to next dc =top2 but running
Hi List,
I have cfg LDAP multimaster replication, one of the hosts will be
offline for some days, do I need to disable the replication agreement
completely at this point? (what will be the minimum cfg)
What are the steps to resync the master after is been brought online ?
Thank you
Isabella
Hi 389 List,
we have a need to use an existing attribute ( do not know wich
one:nspentrydn ,nsbackendsufix) or create a new one use defined which
will act similar as sequence number( integer values, incremental by 1
,range values known) I understand we can not rely on nsUniqueId . Is
there
Hi List,
I need to know how can I extract in DS a specific user passwd in hash
format or un -hashed?
Thank you
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
Hi List,
After succesfully running with 389-DS in production for 3 months , we
had DS crashed this am , see OS errorlog for details, there are no erros
in DS . I would like to know if there are any DS cfg for memory garbage
collection etc
my OS :Linux 2.6.32-431.el6.x86_64 #1 SMP Thu Nov 21
Hi,
- I would like to get from DS when the last transaction from
master1/suplier was sent to consumer and the time stamp was processed by
consumer using ldapsearch option , any suggestion , I 'm using the
objectClass=nsDS5ReplicationAgreement but can get time stamp.
- I'm usig 389-console
Hi Gurus,
I need to know how to cfg 389-admin console to be able to display the
total number of entries in DS ( the count number) , seems that Appache
Studio has a limitation to 2000 entries/counts ( is this correct ?), I
increase the browsing options to 10 for DS Users but will show as (
this cfg for a specific user?
Isabella
On 11/19/2014 10:10 AM, ghiureai wrote:
Hi Gurus,
I need to know how to cfg 389-admin console to be able to display the
total number of entries in DS ( the count number) , seems that Appache
Studio has a limitation to 2000 entries/counts
- ;
print ; };s = 0; }
' /tmp/ldif.$$echo Ldif is in /tmp/ldif.$$echo
ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D ${SUP_MGRDN} \-w
${SUP_MGRPW}
-f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst,
I'm new to 389-ds admin , I have cfg a multimaster replication
-Forcing_Replication_Updates.html#ex.Replicate_Now_Script_Example.
*NOTE*
This script must be run manually since it cannot be configured to run
automatically as soon as the server, which was offline, comes back
online again.''
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst,
I'm new to 389-ds admin , I have cfg
; }
' /tmp/ldif.$$echo Ldif is in /tmp/ldif.$$echo
ldapmodify -x -c -h ${SUP_HOST} -p ${SUP_PORT} -D ${SUP_MGRDN} \-w
${SUP_MGRPW}
-f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst,
I'm new to 389-ds admin , I have cfg a multimaster replication system
, and read the RHES -DS
Hi LIst,
I'm new to 389-ds admin , I have cfg a multimaster replication system ,
and read the RHES -DS documentation find the replicate_now script which
is suppose to trigger master rep updates 10 min, the script fails ,
there is no option for -1 in ldapsearch ...etc
Wodner if any of you
} -D ${SUP_MGRDN} \-w
${SUP_MGRPW}
-f /tmp/ldif.$$
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst,
I'm new to 389-ds admin , I have cfg a multimaster replication system
, and read the RHES -DS documentation find the replicate_now script
which is suppose to trigger master rep updates
no attributes
* all user attributes
+ all operational attributes
Search options:
On 11/12/2014 09:54 AM, ghiureai wrote:
Hi LIst,
I'm new to 389-ds admin , I have cfg a multimaster replication system
, and read the RHES -DS documentation find the replicate_now script
:54 AM, ghiureai wrote:
Hi LIst,
I'm new to 389-ds admin , I have cfg a multimaster replication system
, and read the RHES -DS documentation find the replicate_now script
which is suppose to trigger master rep updates 10 min, the script
fails , there is no option for -1 in ldapsearch ...etc
Hi List,
I'm new to 389-ds, learning and cfg multimaster replication cfg for ds,
reading the RH doc about having a script to trigger the updates to from
one master to other one in 10 min , the original script on RH will
not work, is using ldapsearch -1 options seems does not exists in my
65 matches
Mail list logo