How relevant is Poodlebleed Bug to 389?
by Jan Tomasek
Hello,
is http://poodlebleed.com/ related to 389? I think it is, this is not
implementation flaw in OpenSSL, this seems to be related to the SSLv3
design.
I've found:
http://directory.fedoraproject.org/docs/389ds/design/nss-cipher-design.html
but new syntax with -SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA doesn't seem to
be working on my system:
ldap-dev:~# yum list installed |grep 389
389-admin.x86_64 1.1.29-1.el5
389-admin-console.noarch 1.1.8-1.el5
389-admin-console-doc.noarch 1.1.8-1.el5
389-adminutil.x86_64 1.1.20-1.el5
389-console.noarch 1.1.7-3.el5
389-ds.noarch 1.2.1-1.el5
389-ds-base.x86_64 1.2.11.28-1.el5
389-ds-base-devel.x86_64 1.2.11.28-1.el5
389-ds-base-libs.x86_64 1.2.11.28-1.el5
389-ds-console.noarch 1.2.6-1.el5
389-ds-console-doc.noarch 1.2.6-1.el5
389-dsgw.x86_64 1.1.11-1.el5
I'm running on CentOS 5 with EPEL sources.
Thanks
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
9 years, 6 months
restore ou use/groups
by Ghiurea, Isabella
Hi LIst,
I'm testing my backups/rstore procedures , I need to know if there is away to restore user/groups using db2bak or db2bak.p ?
or All this entries are stored only in dse.cfg file ?
Isabella
9 years, 6 months
Re: [389-users] 389 console
by Rich Megginson
On 10/16/2014 10:52 AM, Ghiurea, Isabella wrote:
> OK, I had to restart both the ds and admin service on second host and admin console on host1, there is a lot of cacheing, every time for a new change to show up in Admin console.
Please keep replies on-list.
I'm not sure what you mean. There is no "caching". In order to see a
change in the admin console, you should just have to go to View and do
Refresh. At most, you should have to restart the console.
> The setup-ds-admin.pl script re-create the whole ds instance , which I would prefered not .Do you know if there is a way to re-create only the admin server cfg part and keep my existing ds instance on second host?
You might be able to use register-ds-admin.pl
>
>
> Thank you Rich
> Isabella
>
>
> ________________________________________
> From: Rich Megginson [rmeggins(a)redhat.com]
> Sent: Wednesday, October 15, 2014 7:03 PM
> To: Ghiurea, Isabella; 389-users(a)lists.fedoraproject.org
> Subject: Re: 389 console
>
> On 10/15/2014 04:55 PM, Ghiurea, Isabella wrote:
>> Thank you Rich,
>> I did that but I'm back to server1 ujsing 389UI Admin console and can't see the second host: server2.org , do I need to to register or reboot anything ?
> setup-ds-admin.pl should have done that for you if you correctly
> specified the configuration ds. If not, then I'm not sure what else you
> can do except start over from scratch.
>
>> Isabella
>>
>> ________________________________________
>> From: Ghiurea, Isabella
>> Sent: Wednesday, October 15, 2014 6:26 PM
>> To: 389-users(a)lists.fedoraproject.org
>> Subject: 389 console
>>
>> HI List,
>> I need to know how can I add a second host entry to 389 UI Admin console under same Admin Domain ,
>> I already have an Admin domain :mytest.com and host name server1.org.com , need to add another server2.org.com same domain .
>>
>> Thank you
>> Isabella
9 years, 6 months
389 console
by Ghiurea, Isabella
HI List,
I need to know how can I add a second host entry to 389 UI Admin console under same Admin Domain ,
I already have an Admin domain :mytest.com and host name server1.org.com , need to add another server2.org.com same domain .
Thank you
Isabella
9 years, 6 months
RHEL / CentOS 7
by Gordon Messmer
What's the status of 389 DS on RHEL 7? As I recall, when Red Hat
originally started shipping "389-ds-base" it lacked replication and
windows sync, which were available with a separate paid subscription.
Do the RHEL packages include those bits now?
Are there any plans to get the admin and console packages into EPEL?
Should I just move ahead building the Fedora srpms on my own system?
9 years, 6 months
how to install a server cert the DS is down
by Ghiurea, Isabella
HI lIst,
need to know how to replace an existing server cert , I have the new one signed by CA and need to know how to installed , I just copy in
/etc/pki/tls/certs ( 389admin UI not working)
Is this sufficient?
Thank you
9 years, 6 months
Re: [389-users] load balancing options
by Ghiurea, Isabella
Hi Paul,
any estimate of cost the software ? any opensource available. you are aware ?
is DNS round robin common used for DS load balancing cfg ?
Thank you
________________________________________
From: Ghiurea, Isabella
Sent: Thursday, October 09, 2014 2:12 PM
To: 389-users(a)lists.fedoraproject.org
Subject: load balancing options
Hi List,
I would like to know what other options people are using for DS laod balancing, beside round robin DNS?
I'm interested in a software solution than hardaware :clustering .
Thank you
Isabell
9 years, 6 months
load balancing options
by Ghiurea, Isabella
Hi List,
I would like to know what other options people are using for DS laod balancing, beside round robin DNS?
I'm interested in a software solution than hardaware :clustering .
Thank you
Isabell
9 years, 6 months
Slapd stops processing queries or providing SSL certs
by William
Hi,
Our slapd instance stopped responding to queries or processing queries
this morning. There are no errors in the log that aren't normal for
operation, nothing in abrt, and no apparent limits that we are hitting
up against.
Is this a known issue, or is there a way to start investigating this?
Any tips are appreciated.
--
William <william(a)firstyear.id.au>
9 years, 6 months
389 Master - Master Replication
by Santos Ramirez
Good Morning,
We have a master - master replication agreement. When we initialize the replication it works perfectly we can see changes to a test user we have set up go up and down from the two servers. However at some point the replication stops and we cannot get replication to start once again. The only way we can get replication to start once again is to recreate the replication agreement and then it fails again. Can anyone please point us in a direction. I am relatively new to 389 so any help would be greatly appreciated.
Santos U. Ramirez
Linux Systems Administrator
National DCP, LLC
150 Depot Street
Bellingham, Ma. 02019
Phone: 508-422-3089
Fax: 508-422-3866
Santos.Ramirez(a)natdcp.com<mailto:Santos.Ramirez@natdcp.com>
This email and any attachments are intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, do not copy or forward to any unauthorized persons, permanently delete the original and notify the sender by replying to this email.
9 years, 6 months