389-Console no longer works. Blank menu items
by Jeremy Carroll
Here is the pastebin of the console log with debugging.
http://pastebin.com/C8iajzXY
The console no longer works on any operating system I've tried. I've tried the ldap server (CentOS 5.5), a Windows 2003 Server w/Console, a Windows 2008 Server w/console, and Fedora 15. None of them work. Here is the screenshot of the console.
http://i.imgur.com/gqO4j.png
The errors in the log state that it's unable to resolve a lot of the strings. I don't know how to troubleshoot this issue. Any ideas?
ResourceSet:getString():Unable to resolve menu-start
Jeremy Carroll
Sr. Network Engineer
12 years, 11 months
db import failure, when setting replication up
by Reinhard Nappert
Hi,
I have seen the following:
I set 2 systems up in MMR. Replication worked. For some reason, I needed to take one of the boxes out of the replication and disabled replication. Later on, I enabled it again and created the shadowing agreement to the other box. Now, I saw the following errors during the import of the db:
[17/May/2011:11:46:04 -0400] NSMMReplicationPlugin - multimaster_be_state_change
: replica o=base is going offline; disabling replication
[17/May/2011:11:46:07 -0400] - WARNING: Import is running with nsslapd-db-privat
e-import-mem on; No other process is allowed to access the database
[17/May/2011:11:46:08 -0400] - import userRoot: WARNING: Skipping entry "nsuniqu
eid=06869502-7fe011e0-8f589300-7e7b2163,ou=sample,o=base" which has no parent,
ending at line 0 of file "(bulk import)"
[17/May/2011:11:46:08 -0400] - import userRoot: WARNING: bad entry: ID 453
.....
Any idea, what is going on there?
Thanks,
-Reinhard
12 years, 11 months
MMR replication fails
by Karoly Czovek
Hi there, i just trying to set up an MMR replication with MMR, as the following:
./mmr.pl --host1 ds-swz.moveone.info --host2 marcus.moveone.info --bindpw jou6.Hou, --host1_id 43 --host2_id 12 --repmanpw R3pl1C4t10nP4sSw0Rd --create
adding to ds-swz.moveone.info port 389 -> cn=changelog5,cn=config
-> already exists
adding to ds-swz.moveone.info port 389 -> cn=repman,cn=config
-> already exists
adding to ds-swz.moveone.info port 389 -> cn=replica,cn="o=netscaperoot",cn=mapping tree,cn=config
-> already exists
adding to marcus.moveone.info port 389 -> cn=changelog5,cn=config
-> already exists
adding to marcus.moveone.info port 389 -> cn=repman,cn=config
-> already exists
adding to marcus.moveone.info port 389 -> cn=replica,cn="o=netscaperoot",cn=mapping tree,cn=config
failed to add replica entry: No such object at ./mmr.pl line 319, <DATA> line 339.
[root@ds-swz]:/home/karoly#>
Any idea?
--
Karoly CZOVEK
Global Systems Administrator
MoveOne IT Department
Eastern Europe - Balkans - CIS& Central Asia - Middle East& Africa -
Asia Pacific
phone: +36 1 266 0181 - ext.6710
mobile: +36 70 708 9953
skype: mo_karoly.czovek
email: karoly.czovek(a)moveoneinc.com
web: http://www.moveoneinc.com
12 years, 11 months
memberOf attribute and plugin behaviour between sub-suffixes.
by Juan Carlos Camargo
Is the memberOf attribute handling by the memberOf plugin limited to
objects inside the same subsuffix?
If it's not planned as such please doublecheck this behaviour within
the following scenario:
- suffix dc=directory,dc=org
- subsuffix ou=users,dc=directory,dc=org
- subsuffix ou=testing,ou=users,dc=directory,dc=org
We have then three databases. They're not replicated. The membefOf
plugin works only with elements (users and groups) that belong to the
same subsuffix. But not between different subsuffixes. As such, if you
make a user of ou=testing... member of a group of ou=users then the
plugin will not populate the memberOf attribute for that user.
The same here:
- subsuffix ou=users,dc=example,dc=com
- subsuffix ou=grupos,dc=example,dc=com
Here the plugin wont work either. If you make a user inside ou=users
member of a group inside ou=groups then the value of memberOf wont be
populated.
If you set debug to heavy trace, you'll see that the plugin runs in
every situation but:
1.- when the objects belong to the same subsuffix, adding one membership
triggers the memberOf plugin to "ldap replace" values, which is correct.
2.- when the objects belong to different subsuffix, adding one
membership triggers the memberOf plugin to "ldap REMOVE" values, which
amazes me.
DS 1.2.8.2 CentOS5.
12 years, 11 months
Building 389 console
by Michael Pelletier
Hello,
I have followed the instructions on http://directory.fedoraproject.org/wiki/BuildingConsole#Building_Director...
However, when I start the 389-conole on a remote server, I can login fine, I click on "Administrative Server" and I get a message:
"Failed to instantiate Server Object for Administration Server
com.netscape.management.admserv.AdminServer cannot be cast to com.netscape.management.client.topology.IServerObject"
Running the console in debug mode gives:
ClassLoader: com/netscape/management/client/topology/TopologyResourcePage.class found in 389-admin-1.1.jar
ClassLoader: com/netscape/management/client/topology/topology_en_US.properties NOT in 389-admin-1.1jar
ClassLoader: com/netscape/management/client/topology/topology_en.properties NOT in 389-admin-1.1.jar
ClassLoader: com/netscape/management/client/topology/topology.properties NOT in 389-admin-1.1.jar
ClassLoader: com/netscape/management/admserv/admserv_en_US.properties NOT in 389-admin-1.1.jar
ClassLoader: com/netscape/management/admserv/admserv_en.properties NOT in 389-admin-1.1.jar
ClassLoader: com/netscape/management/admserv/admserv.properties NOT in 389-admin-1.1.jar
ClassLoader: :loadClass():name:java.util.Vector
ClassLoader: :loadClass():name:com.netscape.management.admserv.AdminServer$1
ClassLoader: :loadClass():loading:com.netscape.management.admserv.AdminServer$1
ClassLoader: com/netscape/management/admserv/AdminServer$1.class found in 389-admin-1.1.jar
ERROR ServerNode.createServerInstance: could not create com.netscape.management.admserv.AdminServer@389-admin-1.1.jar(a)cn=admin-serv-ldap1,cn=389 Administration Server,cn=Server Group,cn=ldap1.mcna.net,ou=mcna.net,o=NetscapeRoot
Exception: java.lang.ClassCastException: com.netscape.management.admserv.AdminServer cannot be cast to com.netscape.management.client.topology.IServerObject
Please help!!!
Michael
12 years, 11 months
Importing Thunderbird AddressBook into LDAP
by Philip Rhoades
People,
I have installed the 389 DS on F14 x86_64 OK and can see a few people
that I added with the 389 Console in both Thunderbird and Squirrelmail
but now I want to do a bulk import of my TB addressbook into the 389 DB.
I can export the TB AB to an ldif file but it fails to import using
the 389 "Import Databases" fn - I presume I have to somehow massage the
LDIF file to make it compatible? Here is a complete record:
dn: cn=Tina XXXXXX,mail=TXXXXXX(a)nYYYYYYY.com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: mozillaAbPersonAlpha
givenName: Tina
sn: Franks
cn: Tina XXXXXX
mozillaNickname: tinaX
mail: TXXXXXXX(a)nYYYYYYY.com
modifytimestamp: 48a5a25d
I guess one of the objectlasses should be "People"?
Thanks,
Phil.
--
Philip Rhoades
GPO Box 3411
Sydney NSW 2001
Australia
E-mail: phil(a)pricom.com.au
12 years, 11 months
Building 389-ds-console-1.2.5, 389-console-1.1.6 and 389-admin-console-1.1.7 (via Git)
by Michael Pelletier
Hello all,
I am building my own package. I have compilied everything except 389-ds-console-1.2.5, 389-console-1.1.6 and 389-admin-console-1.1.7
I have been running into a problem. I used git to download the sources. I went into the 389-ds-console directory and typed ant and I get:
BUILD FAILED
/usr/local/Source/389/TEMP/389-ds-console-1.2.5/build.xml:76: /usr/local/Source/389/TEMP/imports/console/389-console-1.2.5 not found
Please help.
What am I doing wrong?
Michael
12 years, 11 months
Windows Sync with additional schema
by Terry Soucy
Hi All,
I've successfully created a Windows Sync Agreement between my test ldap
infrastructure and test AD server. We use the eduPerson schema in 389,
and require it to be on the AD side as well for population of proper
groups of staff/students/faculty. Is it possible to sync additional
schema attributes as well as the standard ntuser ones?
Terry
--
Terry Soucy, Systems Analyst Integrated Technology Services
University of New Brunswick, Fredericton Campus http://www.unbf.ca/its
Voice: 506.447.3018 Fax: 506.453.3590 E-mail: terry.soucy(a)unb.ca
** ITS is a scent-reduced workplace - www.unbf.ca/its/policies **
12 years, 11 months
ssl replication
by solarflow99
I'm trying to configure replication over SSL using StartTLS, I don't see any
example of how to export/import self signed certs into the slave. Here's
what I did:
created a CA cert and server cert on the master, everything is fine.
exported the CA cert and copied it to the slave:
[root@ldapslave]# certutil -A -d . -n "CA certificate" -t "CT,," -a -i
cacert.asc
[root@ldapslave]# certutil -d . -L
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
CA certificate CT,,
What is next? I tried everything I could think of..
12 years, 11 months