Hi,
On Thu, Nov 21, 2019 at 7:48 AM William Brown <wbrown(a)suse.de> wrote:
> On 21 Nov 2019, at 10:49, cool dharma06 <cooldharma06(a)gmail.com> wrote:
>
> Hi William,
>
> Thanks for your reply.
>
> I want to enable 389ds to generate nsUniqueID, modifiedTimestamp,
creators
name for all enteries which is added/getting added to 389-ds. Any
suggestions or reference link to enable this.
They are all generated by default as part of the server - it may be the
access
controls preventing you from viewing them instead ....
Sure, I will verify the access policy. And I used following commands to
retrieve the user information.
$ dsidm ceenext-sles account get-by-dn
Enter dn to retrieve : cn=sudo,ou=Groups,dc=cee,dc=test,dc=com
dn: cn=sudo,ou=Groups,dc=cee,dc=test,dc=com
cn: sudo
gidNumber: 1950
objectClass: posixGroup
objectClass: groupOfNames
objectClass: top
>
>
> I have OpenLdap set up with replication enabled and I want to make one
more
389-ds with replication in sles 15.1 machine . I am unable to find
admin-console package.
> So I installed lib389 rpm and I am using dsctl, dsidm, dsconf
tools to
experiment and add users in my local 389ds setup.
SUSE does not ship admin-console, and never will - we are in the process
of
actually bringing the new ds* tools into SLE 15.0 and 15.1 which will
make it much easier to administer the server. You can see these on the wiki
or on Red Hat's correspending 389 docs
It will be very helpful if you share the ds* tools and 389-ds docs release
dates.
>
> Once it's done I am planning to enable sync and replication in 389-ds.
>
> It will be very helpful if u have any guidelines on this.
389-ds can replicate with other 389-ds servers, but *not* openldap. So I
think you
need to do a datamigration ....
Yes, with multiple 389-ds i am planning for replication. Any guidelines or
reference link to configure replication.
>
> Thanks & Regards
> cooldharma06
>
>
> On Thu, Nov 21, 2019, 4:33 AM William Brown <wbrown(a)suse.de> wrote:
>
>
> > On 20 Nov 2019, at 15:41, cool dharma06 <cooldharma06(a)gmail.com>
wrote:
> >
> > Hi all,
> >
> > i have OpenLDAP in my environment. And i am experimenting 389-ds and
their functionalities. In my OpenLDAP, i have entries with following
attributes:
> > entryCSN, contextCSN, entryUUID.
> >
> > 1. For entryCSN and contextCSN - any equivalent attribute available
in
389-ds
> >
> > 2. When i check for the above attributes in 389-ds, i am unable to
find
those attributes. From the post link, its mentioned like we can use
nsUniqueID in place of entryUUID. but we might face issue during Sync/repl.
> >
> > Is this issue got fixed.
> >
https://pagure.io/389-ds-base/issue/137
> >
> > Any suggestions for the above queries.
>
> OpenLDAP and 389-ds use a really different replication model. That's
probably why you can't find the same types and datapoints.
>
> My question is "what are you trying to achieve". You shouldn't need to
look at our replication state, that's an internal detail.
>
> If you want a "did this entry change" look at the entryUSN plugin.
>
> If you need the entries unique id, look at nsUniqueID attribute - we
have
spoken about adding entryUUID too, but it's just never materialised.
>
> It's not recommended to set nsUniqueID manually, you should let 389-ds
generate that itself.
>
> Does that help? Really happy to help as much as possible with your
389-ds
experimenting :)
>
> >
> > Thanks & Regards
> > cooldharma06
> > _______________________________________________
> > 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> > To unsubscribe send an email to
389-users-leave(a)lists.fedoraproject.org
> > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
>
> —
> Sincerely,
>
> William Brown
>
> Senior Software Engineer, 389 Directory Server
> SUSE Labs
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...