March 2008 - 389-users - Fedora Mailing-Lists

by Marco Maccari

We passsync installed on windows 2003 server. We have the following error when passsync part. 03/26/08 12:04:25: PassSync service stopped 03/26/08 12:04:28: PassSync service started 03/26/08 12:04:28: Failed to load entries from file What does this error? Failed to load entries from file What are the entries that should read? Working with what files? Thanks Marco

15 years

6
8
0 / 0

[Fedora-directory-users] Fedora DS 1.0.2 and RHEL5.1 Compatibility

by Chun Tat David Chu

Hi All, I would like to install Fedora DS 1.0.2 LDAP (64 bits) on RHEL 5.1 (64 bits) using the binary package (fedora-ds-1.0.2-1.FC5.x86_64.opt.rpm) built against the FC5 that can be downloaded from the Fedora DS website ( http://directory.fedoraproject.org/wiki/Download). I installed it, launched the console and ran couple of my Java LDAP tests that use Java Native Directory Interface (JNDI), and it seems to be working happily. When I look at it, it seems like it is compatible. I would like to know if I miss anything obvious that the Fedora DS 1.0.2binary package that built against FC5 will not be compatible with RHEL 5.1? Thanks!! - David

15 years, 2 months

4
7
0 / 0

[Fedora-directory-users] SSL

by Anand Vaddarapu

Hi, After enabling SSL with console using the procedure * http://directory.fedoraproject.org/wiki/Howto:SSL#Console_SSL_Information* i am getting these following error messages when i am trying to login into directory server in the console. SSL is enabled in both the admin console & the Ldap server >From logs: [27/Mar/2008:14:56:24 +1100] conn=47 fd=66 slot=66 SSL connection from 10.50.5.81 to 10.50.1.24 [27/Mar/2008:14:56:24 +1100] conn=47 op=-1 fd=66 closed - SSL peer cannot verify your certificate. we are these when starting the Ldap server 27/Mar/2008:14:45:04 +1100] - attrcrypt_unwrap_key: failed to unwrap key for cipher AES [27/Mar/2008:14:45:04 +1100] - Failed to retrieve key for cipher AES in attrcrypt_cipher_init [27/Mar/2008:14:45:04 +1100] - Failed to initialize cipher AES in attrcrypt_init [27/Mar/2008:14:45:04 +1100] - attrcrypt_unwrap_key: failed to unwrap key for cipher AES [27/Mar/2008:14:45:04 +1100] - Failed to retrieve key for cipher AES in attrcrypt_cipher_init [27/Mar/2008:14:45:04 +1100] - Failed to initialize cipher AES in attrcrypt_init [27/Mar/2008:14:45:05 +1100] - slapd started. Listening on All Interfaces port 389 for LDAP requests [27/Mar/2008:14:45:05 +1100] - Listening on All Interfaces port 636 for LDAPS requests Console error message: netscape.ldap.LDAPException:JSSSocketFactory.makeSocket devil.wcg.net.au:636, SSL_ForceHandshake failed: (-8054) unknown error (91) Help Appreciated. Thanks

15 years, 2 months

2
4
0 / 0

[Fedora-directory-users] ldap2dns schema

by Doug Chapman

I'm trying to evaluate ldap2dns, but I'm having trouble loading the schema into FDS 1.1. I used the file http://directory.fedoraproject.org/wiki/94ldap2dns.ldif, but the allowed attributes aren't getting populated- the objectclass is getting created. There are no errors in the directory server log on startup, and I can see all of the attributes in the console under Configuration->schema->attributes. So it's like the MAY line from this entry is getting ignored or thrown out: objectClasses: ( 1.3.6.1.4.1.7222.1.4.20 NAME 'dnsrrset' SUP dnszone MUST ( objectclass $ cn ) MAY ( dnsdomainname $ dnsrr $ dnsclass $ dnstype $ dnsipaddr $ dnscipaddr $ dnscname $ dnspreference $ dnsttl $ dnstimestamp $ owner $ dnssrvpriority $ dnssrvweight $ dnssrvport ) ) What am I missing?

15 years, 2 months

2
1
0 / 0

[Fedora-directory-users] FDS Certificates

by Doug Jantz

I'm trying to set up SSL using a wildcard cert that I have for my domain, and the system doesn't seem to take the wildcard cert? Is this correct? Is there a way around this? I loaded a UserTrust CA Cert, and tried to load my wildcard cert signed by UserTrust that was purchased a while ago and got a general error of : "Private Key not found", "Either this certificate is for another server, or this certificate was not requested using this server and the selected security device "internal (software)". Any help would be appreciated.

15 years, 2 months

2
1
0 / 0

[Fedora-directory-users] Deleting cached database entries

by Duane Dunston

Hello, We have a problem where someone entered a hostname into the database with a capital letter in the hostname for a set of users. We want all lowercase entries. We use a web program to update the database. There was a bug in my web application where I didn't force the hostname string to lowercase letters, which has been corrected. We deleted the host entries for the user but when we added the hostnames back with lowercase letters, it still shows up as capital letters only for the users that were entered initially. If we enter a new user for one of the hosts with a lowercase hostname it works fine, meaning the hostname is lowercase for any new user not entered initially. Even if we add in the hostname via the console for the users initially entered, the capital hostname reappears after we apply the changes. It seems those hostnames with capital letters are cached. Is there a way to flush the database cache or permanently remove those cached capital hostname entries for each user? -- Duane Dunston

15 years, 2 months

2
1
0 / 0

[Fedora-directory-users] changelog

by Benny Chee

hi all, Not sure if any of you have got the changelog config going with respect to the following changes to it: Based on the docs from: http://www.redhat.com/docs/manuals/dir-server/cli/6.0/config.htm#112114 I have configured the nsslapd-changelogmaxentries variable below, but it has not taken any effect whatsoever. (restart dirsrv doesn't help too). Anyone got something similar going? /etc/dirsrv/slapd-cplusldap/dse.ldif dn: cn=Retro Changelog Plugin,cn=plugins,cn=config objectClass: top objectClass: nsSlapdPlugin objectClass: extensibleObject cn: Retro Changelog Plugin nsslapd-pluginPath: libretrocl-plugin nsslapd-pluginInitfunc: retrocl_plugin_init nsslapd-pluginType: object nsslapd-pluginEnabled: on nsslapd-plugin-depends-on-type: database nsslapd-plugin-depends-on-named: Class of Service nsslapd-pluginId: retrocl nsslapd-pluginVersion: 1.1.0 nsslapd-pluginVendor: Fedora Project nsslapd-pluginDescription: Retrocl Plugin *nsslapd-changelogmaxentries: 20* modifiersName: uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot modifyTimestamp: 20080122103752Z -- benny

15 years, 2 months

1
0
0 / 0

[Fedora-directory-users] encryption userPassword

by Luigi Santangelo

Hi all, With FDS, I created the user red (password red) and this is the code LDIF that I exported from FDS: dn: uid=red,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx uid: red givenName: red objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson sn: red cn: red red userPassword: {MD5}valkOsZgFyKijyOHFCdNpA== creatorsName: cn=root modifiersName: cn=root createTimestamp: 20080326114136Z modifyTimestamp: 20080326114136Z nsUniqueId: 73d76881-fb2911dc-8017dffc-71a7a144 But if I create, with the MD5sum utility, the MD5(red), I got 1098e2cb1442f45f8ca2e74e1cd24bd0 Why? It isn't the same algoritme? In the FDS I must have the same value of MD5sum utility. How can I do? Thanks luigi ______________________________________________ Voce Senza Limiti: chiama in tutta Italia a 0 cent. SOLO 9,90 EURO AL MESE fino al 27/03/08! http://abbonati.tiscali.it/promo/vocesenzalimiti_2603/

15 years, 2 months

4
6
0 / 0

[Fedora-directory-users] windows sync and password "clear"

by Luigi Santangelo

Hi everybody, this is my problem: I configured my Fedora DS and now I can sync the LDAP's users with Windows 2003 Active Directory. Then, I created a new user with this code ldif dn: uid=red,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx givenName: red sn: red objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson objectClass: ntuser uid: red ntUserCreateNewAccount: true ntUserDeleteAccount: true cn: red ntUserDomainId: red userPassword: redpwd creatorsName: uid=root,ou=administrators,ou=topologymanagement, o=netscaperoot modifiersName: uid=root,ou=administrators,ou=topologymanagement, o=netscaperoot createTimestamp: 20080318153555Z modifyTimestamp: 20080318153555Z nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae Note that I wrote the user's password in "clear". Now, I can logon the Windows AD with the username red and the password redpwd. Then I added another user (yellow) with this code ldif dn: uid=yellow,ou=Other,ou=Students,ou=People,dc=xxxxx,dc=xx givenName: yellow sn: yellow objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson objectClass: ntuser uid: yellow ntUserCreateNewAccount: true ntUserDeleteAccount: true cn: yellow ntUserDomainId: yellow userPassword: {MD5}8cb32079718c657b02bbbb176b97d030 creatorsName: uid=root,ou=administrators,ou=topologymanagement, o=netscaperoot modifiersName: uid=root,ou=administrators,ou=topologymanagement, o=netscaperoot createTimestamp: 20080318153555Z modifyTimestamp: 20080318153555Z nsUniqueId: f8f6c801-f50011dc-80ebbfe2-cc3ccdae Note the MD5(yellowpwd) = 8cb32079718c657b02bbbb176b97d030 Then If I try logon the Windows AD (from Windows) with the username yellow and the password yellowred, I cannot log in. Instead, if I try logon the Windows AD with the username yellow and the password {MD5}8cb32079718c657b02bbbb176b97d030 I can log in. Do you think that this is a problem strictly related to Windows' problem? How can I get over it? Thank you in advance. ______________________________________________ Adotta un bambino a distanza. Avrà vestiti, cibo, scuola?e avrà te! http://social.tiscali.it/promo/C02/sos/

15 years, 2 months

4
3
0 / 0

[Fedora-directory-users] Allow only TLS connections

by Ken.GENOUEL＠valeo.com

Hello, Is there a way to force Fedora Directory to handle only TLS connections and drop everything else ? Thank Best Regards -- Ken GENOUEL ken.genouel(a)valeo.com VALEO SYSTEMES THERMIQUES SAS Branche Thermique Habitacle 8 rue Louis Lormand BP513 - LA VERRIERE 78321 LE MESNIL SAINT DENIS RCS Versailles : 331 312 108 VALEO SYSTEMES THERMIQUES SAS Branche Thermique Habitacle 8 rue Louis Lormand BP513 - LA VERRIERE 78321 LE MESNIL SAINT DENIS RCS Versailles : 331 312 108 "This e-mail message is intended only for the use of the intended recipient(s). The information contained therein may be confidential or privileged, and its disclosure or reproduction is strictly prohibited. If you are not the intended recipient, please return it immediately to its sender at the above address and destroy it."

15 years, 2 months

2
1
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-users March 2008