This is Rajendra and I'm active user/community of 389 directory server.
Could you please suggest me ,what is the latest stable version of 389 Directory server code base which I we can use. It would be great if you can provide the link as well.
Thanks in Advance,
Hi I downloaded and installed the 389-PassSync-1.1.5-i386.msi for my windows server 2003 active directory server. I first had to install a patch (WindowsServer2003-KB942288-v4-x86.exe) to get it to install as it said I didn't have the right service pack installed even though I am running service pack 2. After installing, I couldn't import the DS certificate into it using the certutil.exe application which is included in the 389 program files directory. It says certutil.exe is not a valid win32 application. It also says the same thing about the pk12util.exe, followed with access is denied from the command prompt.
Installing the 64 bit version of the app on my 64 bit domain controllers seems to not have that issue.
I have two 389-ds servers. I want them to do multi-master replication to each other. Beyond these 2, there are no other servers.
I tried to do this via the command-line, following RedHat's guide .
However, /var/log/dirsrv/slapd-*/errors says this:
[18/Mar/2014:15:02:10 -0500] NSMMReplicationPlugin - conn=22 op=3 replica="o=infinityhealthcare.com": Unable to acquire replica: error: permission denied
[18/Mar/2014:15:07:02 -0500] NSMMReplicationPlugin - agmt="cn=o-ihccom-to-ds2" (test-ds2:389): Unable to acquire replica: permission denied. The bind dn "uid=replica-manager,cn=config" does not have permission to supply replication updates to the replica. Will retry later.
[18/Mar/2014:15:07:02 -0500] NSMMReplicationPlugin - agmt="cn=dc-ihc-dc-com-to-ds2" (test-ds2:389): Unable to acquire replica: permission denied. The bind dn "uid=replica-manager,cn=config" does not have permission to supply replication updates to the replica. Will retry later.
Any ideas what to do to fix?
In case it helps explain the problem, here is what one of the replication agreements looks like:
description: agreement to replicate dc=ihc,dc=com tree from ds1 to ds2
nsDS5ReplicatedAttributeList: (objectclass=*) $ EXCLUDE authorityRevocationLis
t accountUnlockTime memberof
nsds5replicaLastUpdateStatus: 3 Replication error acquiring replica: permissio
and here is the replica on the other server, that this agreement refers to:
dn: cn=replica,cn=dc\3Dinfinityhealthcare\2Cdc\3Dcom,cn=mapping tree,cn=config
Sr. Systems Administrator
Just upgraded my packages from:
After that I ran "setup-ds-admin.pl -u". Now I'm having problems starting dirsrv-admin:
# service dirsrv-admin start
httpd.worker: Syntax error on line 136 of /etc/dirsrv/admin-serv/httpd.conf: Cannot load /usr/lib64/dirsrv/modules/mod_admserv.so into server: /usr/lib64/libadminutil.so.0: undefined symbol: ldap_explode
Server failed to start !!! Please check errors log for problems
# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.9 (Tikanga)
I checked any error logs I could think of but found nothing.
Thanks in advance for the help!
This communication, including any attached documentation, is intended only for the person or entity to which it is addressed, and may contain confidential, personal and/or privileged information. Any unauthorized disclosure, copying, or taking action on the contents is strictly prohibited. If you have received this message in error, please contact us immediately so we may correct our records. Please then delete or destroy the original transmission and any subsequent reply.
Hello there, I wanted to see if anyone else out there has gone through a
migration/upgrade from Sun One Directory 5.2 server to 389 DS?
I'm currently working on doing just that at my organization and I've
been running into a few snags. Ideally we'd want to setup a 389 consumer
replica attached to our Sun One master. Over time we replace the Sun One
replicas with 389 replicas until eventually all servers are 389 DS.
Anywho, I do have a 389 DS consumer replica that appears to be
replicating from our Sun One master, however I'm seeing a number of LDAP
error 53 (server was unwilling) errors. When I upped the log level it
looks like the master is trying to do an ldapadd when it should be doing
an ldapmodify. So that's where I'm slightly stuck now, if anyone out
there has any ideas.
UNIX System Administrator - CIS
Portland State University
We have four servers in our "cluster", one master and three slaves.
Everything works fine with one way replication. Problem is in "389
Management Console", in tab "Servers and Applications" are only 3
servers (master and 2 slaves), how add to this list third slave??
I've been running some load tests against version 389-ds-base-184.108.40.206-30.el6_5.x86_64 on Centos 6.5. When looking at the vmsize of the ns-slapd process it appears to grow linearly, rather than reaching a plateau. After some modifications to the load test it appears that the memory usage is flat if we remove the portion that performs the proxied authentication control. I'd estimate that the size of the leak is 282 bytes per operation.
Is this a known issue? Is there any extra logging or configuration that would allow me to help pinpoint the problem further?
Thanks for your help,
When users login into a ldap configured machine, and type passwd to
change their password, only the attribute userPassword gets changed,
how do I enforce updation of sambaNTPassword also?
Nehal J Wani
When adding a group from the 389-console, it creates a groupOfUniqueNames object. I'm curious if it's possible to change it so that by default only a posixGroup object is created and/or the group icon is displayed for posixGroup type objects instead.
some tests later I stumble in this problem:
[14/03/12:10:03:41] - [Setup] Info Could not authenticate as user 'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' to server 'ldap://testcsw.contac.lan:389/o=NetscapeRoot'. Error: Authentication method not supported
[14/03/12:10:03:41] - [Setup] Fatal Could not register the directory server with the configuration directory server.
I found in the mail archive a similar thread for PPC:
[389-users] Authentication method not supported (https://lists.fedoraproject.org/pipermail/389-users/2013-July/016073.html)
was there a solution found or a ticket created?