<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New","serif";
color:black;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=EN-GB link=blue vlink=purple><div class=WordSection1><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'>From:</span></b><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext'> Rich Megginson [mailto:rmeggins@redhat.com] <br><b>Sent:</b> 30 March 2012 15:15<br><b>To:</b> General discussion list for the 389 Directory server project.<br><b>Cc:</b> MATON Brett<br><b>Subject:</b> Re: [389-users] db2bak.pl Fails when secure connections are required.<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>On 03/30/2012 02:25 AM, MATON Brett wrote: <o:p></o:p></p><p class=MsoNormal><span lang=EN-US>OS RHEL 6.2 (<i>x86</i>_64)</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>Packages Installed:</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-admin-1.1.29-1.el6.x86_64</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-admin-console-1.1.8-1.el6.noarch</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-admin-console-doc-1.1.8-1.el6.noarch</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-adminutil-1.1.15-1.el6.x86_64</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-console-1.1.7-1.el6.noarch</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-ds-1.2.2-1.el6.noarch</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-ds-base-1.2.9.14-1.el6_2.2.x86_64</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-ds-base-libs-1.2.9.14-1.el6_2.2.x86_64</span><o:p></o:p></p><p class=MsoNormal><span lang=FR-BE style='font-family:"Courier New","serif"'>389-ds-console-1.2.6-1.el6.noarch</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>389-ds-console-doc-1.2.6-1.el6.noarch</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>389-dsgw-1.1.9-1.el6.x86_64</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>openldap-clients-2.4.23-20.el6.x86_64</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>/usr/lib64/dirsrv/slapd-<instance>/db2bak.pl -v -D "cn=Directory Manager" -w -</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>Bind Password:</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>Back up directory: /var/lib/dirsrv/slapd-<instance>/bak/<instance>-2012_3_30_10_13_21</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>ldap_initialize( <a href="ldap://">ldap://</a><FQDN>:389 )</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>ldap_bind: Confidentiality required (13)</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> additional info: Operation requires a secure connection</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>For me the following simple fix proved to be a working solution (having said that I haven’t tried a restore yet):</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>With ldapmodify, <a href="ldap://">ldap://</a><host> apparently kicks off a TLS connection whereas <host> on it’s own doesn’t. All very odd, anyhoo:</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>db2bak.pl : Line 125 add “<a href="ldap://”">ldap://”</a> before the host name.</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>open(FOO, "| ldapmodify -x $vstr -h <b><a href="ldap://">ldap://</a></b><host> -p 389 -D \"$rootdn\" -w \"$passwd\" -a" );</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>/usr/lib64/dirsrv/slapd-<instance>/db2bak.pl -v -D "cn=Directory Manager" -w -</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>Bind Password:</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>Back up directory: /var/lib/dirsrv/slapd-<instance>/bak/<instance>-2012_3_30_10_14_14</span><o:p></o:p></p><p class=MsoNormal><b><span lang=EN-US style='font-family:"Courier New","serif"'>ldap_initialize( <DEFAULT> )</span></b><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>add objectclass:</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> top</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> extensibleObject</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>add cn:</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> backup_2012_3_30_10_14_14</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>add nsArchiveDir:</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> /var/lib/dirsrv/slapd-<instance>/bak/<instance>-2012_3_30_10_14_14</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>add nsDatabaseType:</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'> ldbm database</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>adding new entry "cn=backup_2012_3_30_10_14_14, cn=backup, cn=tasks, cn=config"</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US style='font-family:"Courier New","serif"'>modify complete</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>Straight forward enough to change the template…</span><o:p></o:p></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif"'><br>Please file a ticket at <a href="https://fedorahosted.org/389">https://fedorahosted.org/389</a><br><br></span><span style='font-size:10.0pt;font-family:"Courier New","serif";color:#1F497D'>TRAC ticket added: https://fedorahosted.org/389/ticket/332</span><span style='font-size:10.0pt;font-family:"Courier New","serif"'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif"'><o:p> </o:p></span></p></div><!--DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"--><meta name="GENERATOR" content="TX_HTML32 11.0.211.501" /><span style="FONT-FAMILY: 'Verdana'; COLOR: #808080; FONT-SIZE: 7pt"><p><span style="FONT-FAMILY: 'Verdana'; COLOR: #808080; FONT-SIZE: 7pt">-------------------------------------------------------------------</span></p><span style="FONT-FAMILY: 'Verdana'; COLOR: #808080; FONT-SIZE: 6pt"><p style="MARGIN: 0cm 0cm 0pt" class="MsoNormal"><font face="tahoma,arial,helvetica,sans-serif"><font size="1"><font color="#669933"><span style="FONT-FAMILY: " lang="EN-GB"><strong>GreeNRB<br /></strong><em>NRB considers its environmental responsibility and goes for green IT.</em> <br /></span><i><span style="FONT-FAMILY: " lang="EN-GB">May we ask you to consider yours before printing this e-mail? </span></i><b><span style="FONT-FAMILY: " lang="EN-GB"> </span></b></font></font></font> </p><p><font size="1"></font></p><p style="MARGIN: 0cm 0cm 0pt" class="MsoNormal"><font face="tahoma,arial,helvetica,sans-serif"><font size="1"><font color="#000066"><b><span style="FONT-FAMILY: " lang="EN-GB">NRB, daring to commit <br /></span></b><i><span style="FONT-FAMILY: " lang="EN-GB">This e-mail and any attachments, which may contain information that is confidential and/or protected by intellectual property rights, are intended for the exclusive use of the above-mentioned addressee(s). Any use (including reproduction, disclosure and whole or partial distribution in any form whatsoever) of their content is prohibited without prior authorization of NRB. If you have received this message by error, please contact the sender promptly by resending this e-mail back to him (her), or by calling the above number. Thank you for subsequently deleting this e-mail and any files attached thereto.</span></i></font></font></font></p></span></span>
</body></html>