April 2009 - 389-users - Fedora Mailing-Lists

[Fedora-directory-users] aliasedObjectName problem

by tamarin p

I'm running into some problems when trying to add some alias entries and importing with ldapmodify or ldif2db. I'm using the directory server version 1.2.0. Example of LDIF dn: aliasedobjectname="ou=foo,dc=test,dc=com",ou=bar,ou=test,dc=com changetype: add aliasedObjectName: ou=foo,dc=test,dc=com objectClass: top objectClass: alias When I run this I get: ldapmodify: Object class violation (65) additional info: single-valued attribute "aliasedObjectName" has multiple values Same when I use ldif2db.. What am I doing wrong?

14 years, 4 months

2
4
0 / 0

[Fedora-directory-users] Proposed new features for 1.3

by Rich Megginson

Here are some features we are considering for the next major version (tentatively called 1.3). These are not in any particular order, and this is quite an ambitious list, so we're not likely to complete all of these in a single release. We would appreciate your help in prioritizing this list, filling in any missing details, helping with requirements/design/coding/testing/docs, and letting us know if there are other features which would be nice to have. In addition, we are considering using GIT instead of CVS for our SCM. http://directory.fedoraproject.org/wiki/Roadmap#Version_1.3

14 years, 4 months

9
23
0 / 0

[Fedora-directory-users] Unknown attribute nsslapd-ldapiautonsuffix will be ignored

by James Chavez

Hello list, I upgraded my FDS install (yum upgrade fedora-ds, yum upggrade fedora-ds-base etc..) on one of my boxes and the directory restarts fine. However I receive the following messages in the error log. I am hoping that someone has seen this message before and can decipher it for me. The entry exists in the dse file so I figure it is some new configuration parameter as it is new since upgrade. I tried Google before the list and nothing turned up. config - Unknown attribute nsslapd-*ldapiautonsuffix* will be ignored<http://www.google.com/search?hl=en&ei=rpb3Sfe5GsPktgf09sm6Dw&sa=X&oi=spel...> Here is what I have installed. fedora-ds-base-1.2.0-3.fc9.i386 fedora-ds-admin-1.1.7-3.fc9.i386 fedora-ds-1.1.3-1.fc9.noarch fedora-ds-dsgw-1.1.2-1.fc9.i386 fedora-ds-admin-console-1.1.3-1.fc9.noarch fedora-ds-console-1.2.0-1.fc9.noarch Thanks

14 years, 5 months

2
1
0 / 0

[Fedora-directory-users] What doesn't a user access the system directly?

by 김정곤

Hi everyone. I want to limit accessing logon machines a user directly. Can someone ask me the method for solve? I try to apply ‘inactivate’ option a user. However, this user can access machine as ever. thanks

14 years, 5 months

1
1
0 / 0

[Fedora-directory-users] Allow root to change user's passwords

by Orion Poplawski

I'm used to being able to change user's passwords as root using the "passwd" command on my main server (this was with NIS and the master shadow file kept on the server). Now with FDS, I get: # passwd orion Changing password for user orion. Enter login(LDAP) password: and I must enter the password for the user "orion". This gets tricky when the user has forgotten their password. Is there a way to avoid this first check and allow root to force a change of the password? -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA Division FAX: 303-415-9702 3380 Mitchell Lane orion(a)cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com

14 years, 5 months

5
5
0 / 0

[Fedora-directory-users] Active Directory PW sync works for console but not user initiated PW changes

by John A. Sullivan III

Hello, all. This is a sequel to the last email on this subject now that we've resolved the shadowLastChange problem. Fixing that problem did not fix the DS 8.0 / AD password synchronization problem. To reiterate, the passwords synchronize if the change is made from idm-console or from AD. But they do not change when our Ubuntu/KDE users change their own passwords. It fails when changed from both the KDE password change interface and using passwd at the command line. Windows Event Viewer is not giving me any useful information. There is quite a bit of information in the DS logs but I'm not quite sure what they are telling me. I'll post pertinent snippets below (please pardon the left truncation but I'm screen scraping): icationPlugin - ruv_add_csn_inprogress: successfully inserted csn 49f632dd000000010000 into pending list icationPlugin - Purged state information from entry uid=mlap,ou=Desks,o=a0000-0010,o=Internal,dc=ssiservices,dc=biz up to CSN 49ecf604000200010000 icationPlugin - ruv_add_csn_inprogress: successfully inserted csn 49f632dd000100010000 into pending list icationPlugin - Purged state information from entry uid=mlap,ou=Desks,o=a0000-0010,o=Internal,dc=ssiservices,dc=biz up to CSN 49ecf604000200010000 icationPlugin - ruv_update_ruv: successfully committed csn 49f632dd000100010000 icationPlugin - ruv_add_csn_inprogress: successfully inserted csn 49f632dd000200010000 into pending list icationPlugin - Purged state information from entry uid=mlap,ou=Desks,o=a0000-0010,o=Internal,dc=ssiservices,dc=biz up to CSN 49ecf604000200010000 icationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: wait_for_changes -> wait_for_changes icationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: wait_for_changes -> ready_to_acquire_replica (this seemed to happen immediately upon password change and not in the normal five minute sync routine) . . . [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - ruv_update_ruv: successfully committed csn 49f632dd000200010000 [27/Apr/2009:18:34:05 -0400] - acquire_replica, supplier RUV: . . . r/2009:18:34:05 -0400] NSMMReplicationPlugin - ruv_update_ruv: successfully committed csn 49f632dd000000010000 r/2009:18:34:05 -0400] NSMMReplicationPlugin - supplier: {replicageneration} 49e5ebb3000000010000 r/2009:18:34:05 -0400] NSMMReplicationPlugin - supplier: {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000200010000 49f632dd r/2009:18:34:05 -0400] - acquire_replica, consumer RUV: r/2009:18:34:05 -0400] NSMMReplicationPlugin - consumer: {replicageneration} 49e5ebb3000000010000 r/2009:18:34:05 -0400] NSMMReplicationPlugin - consumer: {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f63084000200010000 49f63084 r/2009:18:34:05 -0400] - acquire_replica, supplier RUV is newer r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Trying secure slapi_ldap_init NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): binddn = cn=Synch Manager,cn=Users,dc=mycompany,dc=com, passwd = {DES}tOBO . . . [27/Apr/2009:18:34:05 -0400] - windows_conn_connect : detected Win2k3 peer [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): No linger to cancel on the connection [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - windows_acquire_replica returned success (101) [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: ready_to_acquire_replica -> sending_updates [27/Apr/2009:18:34:05 -0400] - _cl5PositionCursorForReplay (agmt="cn=a0000-0010(EBC)" (timberline:636)): Consumer RUV: [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replicageneration} 49e5ebb3000000010000 tionPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f63084000200010000 49f63084 [27/Apr/2009:18:34:05 -0400] - _cl5PositionCursorForReplay (agmt="cn=a0000-0010(EBC)" (timberline:636)): Supplier RUV: [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replicageneration} 49e5ebb3000000010000 tionPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000200010000 49f632dd 05 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - session start: anchorcsn=49f63084000200010000 05 -0400] NSMMReplicationPlugin - changelog program - agmt="cn=a0000-0010(EBC)" (timberline:636): CSN 49f63084000200010000 found, position set for replay 05 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - load=1 rec=1 csn=49f632dd000000010000 8:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Looking at modify operation local dn="uid=mlap,ou=desks,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" (ours,user,not group) 8:34:05 -0400] NSMMReplicationPlugin - agmt="cn=ssiservices.biz ldap01->ldap02" (ldap02:636): No linger to cancel on the connection 8:34:05 -0400] - windows_search_entry: recieved 2 messages, 1 entries, 0 references 8:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Processing modify operation local dn="uid=mlap,ou=desks,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" remote dn="<GUID=5b0db1b95d6dca44aaef260be70ee31b>" 8:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_create_remote_entry: Password is already hashed. Not syncing. **** THIS ENTRY ABOUT NOT SYNCING CERTAINLY JUMPED OUT AT ME BUT I DON'T KNOW WHAT IT MEANS ***** 8:34:05 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - load=1 rec=2 csn=49f632dd000100010000 NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Looking at modify operation local dn="uid=mlap,ou=desks,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" (ours,user,not group) . . . - windows_search_entry: recieved 2 messages, 1 entries, 0 references NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Processing modify operation local dn="uid=mlap,ou=desks,,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" remote dn="<GUID=5b0db1b95d6dca44aaef260be70ee31b>" agmt="cn=a0000-0010(EBC)" (timberline:636) - load=1 rec=3 csn=49f632dd000200010000 NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Looking at modify operation local dn="uid=mlap,ou=desks,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" (ours,user,not group) . . . [27/Apr/2009:18:34:05 -0400] - repl5_inc_result_threadmain starting [27/Apr/2009:18:34:05 -0400] - windows_search_entry: recieved 2 messages, 1 entries, 0 references NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Processing modify operation local dn="uid=mlap,ou=desks,,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" remote dn="<GUID=5b0db1b95d6dca44aaef260be70ee31b>" - repl5_inc_result_threadmain: read result for message_id 0 [27/Apr/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 0 . . . [27/Apr/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 0 [27/Apr/2009:18:34:05 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - clcache_load_buffer: rc=-30989 [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): No more updates to send (cl5GetNextOperationToReplay) [27/Apr/2009:18:34:05 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - session end: state=5 load=1 sent=3 skipped=0 [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Beginning linger on the connection [27/Apr/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 0 [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Linger timeout has expired on the connection [27/Apr/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 6 [27/Apr/2009:18:34:05 -0400] - repl5_inc_result_threadmain: result 3, 0, 0, 6, (null) [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=ssiservices.biz ldap01->ldap02" (ldap02:636): replay_update: Consumer successfully sent oper [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Disconnected from the consumer [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: sending_updates -> wait_for_changes [27/Apr/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: wait_for_changes -> ready_to_acquire_replica [27/Apr/2009:18:34:05 -0400] - acquire_replica, supplier RUV: r/2009:18:34:05 -0400] NSMMReplicationPlugin - supplier: {replicageneration} 49e5ebb3000000010000 r/2009:18:34:05 -0400] NSMMReplicationPlugin - supplier: {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000200010000 49f632dd r/2009:18:34:05 -0400] - acquire_replica, consumer RUV: r/2009:18:34:05 -0400] NSMMReplicationPlugin - consumer: {replicageneration} 49e5ebb3000000010000 r/2009:18:34:05 -0400] NSMMReplicationPlugin - consumer: {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000200010000 49f632dd r/2009:18:34:05 -0400] NSMMReplicationPlugin - windows_acquire_replica returned consumer_was_uptodate (104) r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: ready_to_acquire_replica -> wait_for_changes . . . . r/2009:18:34:05 -0400] NSMMReplicationPlugin - ruv_update_ruv: successfully committed csn 49f632dd000500010000 r/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 7 r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: wait_for_changes -> wait_for_changes r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: wait_for_changes -> ready_to_acquire_replica r/2009:18:34:05 -0400] - acquire_replica, supplier RUV: r/2009:18:34:05 -0400] NSMMReplicationPlugin - supplier: {replicageneration} 49e5ebb3000000010000 r/2009:18:34:05 -0400] NSMMReplicationPlugin - supplier: {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000500010000 49f632dd r/2009:18:34:05 -0400] - acquire_replica, consumer RUV: r/2009:18:34:05 -0400] NSMMReplicationPlugin - consumer: {replicageneration} 49e5ebb3000000010000 r/2009:18:34:05 -0400] NSMMReplicationPlugin - consumer: {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000200010000 49f632dd r/2009:18:34:05 -0400] - acquire_replica, supplier RUV is newer r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Trying secure slapi_ldap_init r/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 7 r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): binddn = cn=SSI Synchronization Manager,cn=Users,dc=ebc-co,dc=c r/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 8 r/2009:18:34:05 -0400] - repl5_inc_result_threadmain: result 3, 0, 0, 8, (null) r/2009:18:34:05 -0400] - windows_conn_connect : detected Win2k3 peer r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): No linger to cancel on the connection r/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 8 r/2009:18:34:05 -0400] NSMMReplicationPlugin - windows_acquire_replica returned success (101) r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: ready_to_acquire_replica -> sending_updates r/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 8 r/2009:18:34:05 -0400] - _cl5PositionCursorForReplay (agmt="cn=a0000-0010(EBC)" (timberline:636)): Consumer RUV: r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replicageneration} 49e5ebb3000000010000 r/2009:18:34:05 -0400] - repl5_inc_result_threadmain: read result for message_id 8 r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000200010000 49f632dd r/2009:18:34:05 -0400] - _cl5PositionCursorForReplay (agmt="cn=a0000-0010(EBC)" (timberline:636)): Supplier RUV: r/2009:18:34:05 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replicageneration} 49e5ebb3000000010000 tionPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): {replica 1 ldap://ldap01.ssiservices.biz:389} 49e70122000000010000 49f632dd000500010000 49f632dd 5 -0400] - repl5_inc_result_threadmain: read result for message_id 8 5 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - session start: anchorcsn=49f632dd000200010000 5 -0400] NSMMReplicationPlugin - changelog program - agmt="cn=a0000-0010(EBC)" (timberline:636): CSN 49f632dd000200010000 found, position set for replay 5 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - load=1 rec=1 csn=49f632dd000500010000 5 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Looking at modify operation local dn="uid=mlap,ou=desks,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" (ours,user,not group) 5 -0400] - windows_search_entry: recieved 2 messages, 1 entries, 0 references 5 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): windows_replay_update: Processing modify operation local dn="uid=mlap,ou=desks,o=a0000-0010,o=internal,dc=ssiservices,dc=biz" remote dn="<GUID=5b0db1b95d6dca44aaef260be70ee31b>" 5 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - clcache_load_buffer: rc=-30989 5 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): No more updates to send (cl5GetNextOperationToReplay) 5 -0400] agmt="cn=a0000-0010(EBC)" (timberline:636) - session end: state=5 load=1 sent=1 skipped=0 5 -0400] - repl5_inc_result_threadmain: read result for message_id 8 5 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Beginning linger on the connection 5 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): State: sending_updates -> wait_for_changes 5 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Linger timeout has expired on the connection 5 -0400] NSMMReplicationPlugin - agmt="cn=a0000-0010(EBC)" (timberline:636): Disconnected from the consumer 5 -0400] - repl5_inc_result_threadmain: read result for message_id 8 5 -0400] - repl5_inc_result_threadmain: read result for message_id 8 5 -0400] - repl5_inc_result_threadmain: read result for message_id 8 5 -0400] - repl5_inc_result_threadmain: read result for message_id 8 6 -0400] - repl5_inc_result_threadmain: read result for message_id 8 6 -0400] - repl5_inc_waitfor_async_results: 8 8 6 -0400] - repl5_inc_result_threadmain: read result for message_id 8 7 -0400] - repl5_inc_result_threadmain exiting . . . . 27/Apr/2009:18:34:07 -0400] - repl5_inc_waitfor_async_results: 0 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 0 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: result 3, 0, 0, 12, (null) [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:07 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:08 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:08 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:08 -0400] - repl5_inc_waitfor_async_results: 12 12 [27/Apr/2009:18:34:08 -0400] - repl5_inc_result_threadmain: read result for message_id 12 [27/Apr/2009:18:34:09 -0400] - repl5_inc_result_threadmain exiting [27/Apr/2009:18:34:09 -0400] agmt="cn=ssiservices.biz ldap01->ldap02" (ldap02:636) - session end: state=5 load=1 sent=1 skipped=0 Does anyone see the problem? How do I get synchronization working when the users change their own passwords? Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan(a)opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society

14 years, 5 months

2
7
0 / 0

[Fedora-directory-users] Storing email distribution lists in DS

by John A. Sullivan III

Hello, all. A bunch of tired googling hasn't quite given us what we need so I thought I'd ask the list. Is there a way to store email distribution lists in DS? We are in the midst of integrating DS and Zimbra. We elected to not use DS as the LDAP store for Zimbra despite the excellent community contributions to make it possible. We did this in case a future upgrade to Zimbra makes major schema changes which could potentially break our setup. Instead, we opted to use DS as an external LDAP authentication source and GAL for Zimbra. This is working very nicely but we've hit a bit of a wall with distribution lists. We don't want to store them in Zimbra because they do not show up in our exclusively external GAL but we do not know how to store them in DS. The groupofmailenhanceduniquenames looks interesting but is apparently reserved for future use. mailgroup looks useful but we are not sure how to use it. It looks like an object class which is added to a user object and not a group object. Can anyone point us in the right direction? Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan(a)opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society

14 years, 5 months

1
0
0 / 0

[Fedora-directory-users] shadowLastChange error and Active Directory synchronization

by John A. Sullivan III

Hello, all. I'm seeing a strange problem in our set up to synchronize passwords between Directory Server 8.0 and Active Directory. If I change a user's password from idm-console, the password synchronizes. If I change it from Active Directory, the password synchronizes. However, if the user changes their own password (they use Ubuntu 8.0.4 KDE desktops), the passwords do not synchronize. We do see an entry in the error log: Entry "uid=mlap,ou=Desks,o=a0,o=Int,dc=mycompany,dc=com" -- attribute "shadowLastChange" not allowed That seemed straightforward so I checked the ACIs and we do allow users to change this attribute: (targetattr != "nsroledn||aci") (version 3.0; acl "Allow self entry modification except for nsroledn and aci attributes"; allow (read,compare,search,write) (userdn = "ldap:///self") ;) Any idea why we are receiving these errors? Would this cause password synchronization to fail? Thanks - John -- John A. Sullivan III Open Source Development Corporation +1 207-985-7880 jsullivan(a)opensourcedevel.com http://www.spiritualoutreach.com Making Christianity intelligible to secular society

14 years, 5 months

2
3
0 / 0

[Fedora-directory-users] Fedora DS startup problem

by Barramundi K

> kb9vqf(a)pearsoncomputing.net wrote: > Ok - try this - /usr/lib/dirsrv/slapd-yourinstance/start-slapd -d 1 >Thank you for the -d 1 option--dirsrv finally told me what is wrong: >Error - Problem accessing the lockfile /var/lock/dirsrv/slapd-odin/lock >[02/Feb/2009:12:56:53 -0600] - Shutting down due to possible conflicts >with other slapd processes >Sure beats 8 hours of trial and error... >Tim Hi Tim, So what did you do to solve the lock file access problem ? Thanks a bunch. Leonard

14 years, 5 months

1
0
0 / 0

Re: [Fedora-directory-users] Slowly the network under control of FDS works

by Сафонов Алексей

Hi! Classical display of low speed of work in the following: - we carry out an input under user FDS - the long input in system is received; - it is worked under user FDS (GNOME) - we start the console (gnome-terminal). The console appears quickly, and here the invitation in it of a kind [user1@comp1 ~] $ appears 20-25 seconds. At work under the local user of the such does not occur. Concerning, nscd. This demon too often falls. At least that is delivered with Fedora 10. ----- Исходное сообщение ----- От: "Jérôme Fenal" <jfenal(a)gmail.com> Кому: "General discussion list for the Fedora Directory server project." <fedora-directory-users(a)redhat.com> Отправленные: Воскресенье, 26 Апрель 2009 г 17:44:08 GMT +03:00 Москва, Санкт-Петербург, Волгоград Тема: Re: [Fedora-directory-users] Slowly the network under control of FDS works 2009/4/26 Сафонов Алексей <alex-saf(a)npc.vrn.ru>: > Colleagues! > > At me the network on the basis of FDS 1.1 is developed. At the moment the quantity of computers - clients FDS does not exceed 40. Client computers on the basis of Fedora 10. Nevertheless, on computers of clients after a while all starts to work very slowly. Slowly start programs and etc. It occurs only to users FDS. If to come on the computer under the local user - all is normal. > Tuning of productivity FDS (http://directory.fedoraproject.org/wiki/Performance_Tuning) has been made. > > How it is possible to solve a problem? Where is the problem ? on clients (run nscd ?) or on the server(s) ? Can you caracterize better the problem than "starts to work very slowly" ? What is slow ? Login ? Password validation ? You'll need to tell more information about your setup, and modules using LDAP on your clients. If the problem looks to be on the server, then how it is setup, on what kind of hardware (or VM hypervisor). Regards, J. -- Jérôme Fenal - jfenal AT gmail.com - http://fenal.org/ Paris.pm - http://paris.mongueurs.net/ -- Fedora-directory-users mailing list Fedora-directory-users(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users

14 years, 5 months

1
0
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-users April 2009