[389-users] creating replication user from 389-console

Thu Dec 6 17:36:26 UTC 2012

Yes I created mine in the dse.ldif as well a while back. Though I put the
user into an LDIF file and used ldapmodify to add it.

cat replication_manager.ldif

dn: cn=replication manager,cn=config
objectClass: inetorgperson
objectClass: person
objectClass: top
cn: replication manager
sn: manager
userPassword: (cleartext password)
passwordExpirationTime: 20380119031407Z
nsIdleTimeout: 0

Stop dirsrv

ldapmodify -D "cn=directory manager" -W -f replication_manager.ldif

Start dirsrv

grep "dn: cn=replication manager" -A 15 /etc/dirsrv/slapd-kat-ds-02/dse.ldif

dn: cn=replication manager,cn=config
objectClass: inetorgperson
objectClass: person
objectClass: top
objectClass: organizationalPerson
cn: replication manager
sn: manager
passwordExpirationTime: 20380119031407Z
nsIdleTimeout: 0
userPassword:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==
creatorsName: cn=directory manager
modifiersName: cn=directory manager
createTimestamp: 20120708014028Z
modifyTimestamp: 20120708014028Z

--Derek

On Thu, Dec 6, 2012 at 9:53 AM, Rich Megginson <rmeggins at redhat.com> wrote:

>  On 12/06/2012 08:20 AM, Sharuzzaman Ahmat Raslan wrote:
>
> In the URL
> https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_the_Supplier_Bind_DN_Entry.html
>
> Quote:
> However, although Red Hat recommends not storing simple user entries under
> cn=config for performance reasons, it can be useful to store special user
> entries such as the Directory Manager entry or replication manager
> (supplier bind DN) entry under cn=config since this centralizes
> configuration information.
>
> Quote:
>
>    1. Stop the Directory Server. If the server is not stopped, the
>    changes to the dse.ldif file will not be saved. See Section 1.3,
>    “Starting and Stopping Servers”<https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Starting_and_Stopping-DS.html>for more information on stopping the server.
>     2.  Create a new entry, such as cn=replication manager,cn=config, in
>    the dse.ldif file.
>
>
> Ok.  Please file a doc bug.  We should not encourage people to edit the
> dse.ldif when it is not necessary.
>
>
>
>  I cannot give the error message now, as I'm not at customer site. When I
> get back to office, I will give the exact error.
>
> Thanks.
>
>
>  On Thu, Dec 6, 2012 at 10:19 PM, Rich Megginson <rmeggins at redhat.com>wrote:
>
>>  On 12/05/2012 10:07 PM, Sharuzzaman Ahmat Raslan wrote:
>>
>> Hi all,
>>
>> According to RH document, if you want to create the replication user, you
>> must edit the dse.ldif file and put the user information there.
>>
>>
>>  No.  Where does it say that you must edit the dse.ldif?
>>
>>
>>
>> I tried to use 389-console, create user (which use uid=repman) then try
>> to enable cn=repman, but there is error saying that directory server refuse
>> to do the renaming.
>>
>>
>>  Can you provide the exact error message?
>>
>>
>> What is the correct way to create cn=repman only by using 389 console?
>>
>> Thanks.
>>
>>
>>
>> https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_the_Supplier_Bind_DN_Entry.html
>>
>>
>>
>> --
>> Sharuzzaman Ahmat Raslan
>>
>>
>>  --
>> 389 users mailing list389-users at lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>>
>>
>
>
> --
> Sharuzzaman Ahmat Raslan
>
>
> --
> 389 users mailing list389-users at lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20121206/84354e3c/attachment.html>