[Fedora-directory-users] Kerberos login
by Emmanuel BILLOT
Hi,
During FDS replication on AD, it seems that the "classic" login attribut
for windows is well filled wiith the ntuserdomainid FDS attribut.
However, the userPrincipaName is also filled with the ntuserdomainid FDS
attribut, since it should be quite different...
Is it possible to match this attribut with another one in FDS ?
BR,
--
==========================================
Emmanuel BILLOT
IRD - Orléans
Délégation aux Systèmes d'Information (DSI)
tél : 02 38 49 95 88
==========================================
15 years
[Fedora-directory-users] Windows account not atcivated ?
by Emmanuel BILLOT
Hi,
Every new AD account created by FDS replication is desactivated.
The FDS account is well activated.
Why ?
BR,
--
==========================================
Emmanuel BILLOT
IRD - Orléans
Délégation aux Systèmes d'Information (DSI)
tél : 02 38 49 95 88
==========================================
15 years
[Fedora-directory-users] import-merge utility clarification
by Brown Diego
Hi,
Is anybody familiar with “import-merge.c”? How to utilize this tool? From
the program I got that it is being used for importing
small db files and then merge them finally. import_mega_merge is also one of
the function used in that file.
I couldn’t find a way to make use of this import-merge file. Is there any
special functionality available in the directory server to merge the files?
Do I need to import using db2ldif and then again ldif2db.
Thanks in advance,
Brown Diego.
15 years
[Fedora-directory-users] Small change: Modrdn operation not allowed on non-leaf.
by Brown Diego
Hi,
Operation 1: I read there is no way of renaming a ou or an entry if it has
children.
Please refer:
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_Directory_E...
new RDN: ou= alumini (keep existing values)
modifying RDN of entry ou=students, o=school.com
ldap_rename: Operation not allowed on nonleaf
Since the ou students has child entries in it.
Operation 2: But, ldbm_modrdn.c file has the methods to rename the child
entries also when their parent entry is renamed.
i.e deleting the old parent DN and changing the new superior DN (new parent
modified using modrdn operation).
Example: moddn_rename_children
When the operation 1. is not allowed how Operation 2 is possible ? What is
the necessity of using methods inside
ldbm_modrdn.c file.
If I am not wrong, can anybody clarify my doubt.
Thanks in advance,
Brown Diego.
15 years
[Fedora-directory-users] Modrdn operation not allowed on non-leaf.
by Brown Diego
Hi,
Operation 1: I read there is no way of renaming a ou or an entry if it has
children.
Please refer:
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Creating_Directory_E...
new RDN: ou= alumini (keep existing values)
modifying RDN of entry ou=alumini, o=school.com
ldap_rename: Operation not allowed on nonleaf
Since the ou student has child entries in it.
Operation 2: But, ldbm_modrdn.c file has the methods to rename the child
entries also when their parent entry is renamed.
i.e deleting the old parent DN and changing the new superior DN (new parent
modified using modrdn operation).
Example: moddn_rename_children
When the operation 1. is not allowed how Operation 2 is possible ? What is
the necessity of using methods inside
ldbm_modrdn.c file.
If I am not wrong, can anybody clarify my doubt.
Thanks in advance,
Brown Diego.
15 years
[Fedora-directory-users] Database Testing Utility?
by Brown Diego
Hello all,
I found a file called dbtest.c in fds source code.
The actual purpose the file written is - “ldbm database test program”. (from
the comment inside file)
The function dbtest_help() inside the dbtest.c clearly shows some command
line help messages such as
i => traverse index keys and ID list values"
t => traverse index keys and values" ;
T => traverse index keys";
u => traverse id2entry keys and values" ;
U => traverse id2entry keys";
l<c> => lookup index";
L<c> => lookup index (all)";
t<c> => traverse index keys… etc,
But I could not find any specific tool which uses the functions which exists
inside dbtest.c. I tried using all the available tools in FDS I didn’t find
any tool which invokes this dbtest_help () function.
Other than dbverify, dbscan, is there really any testing tool available for
database testing OR
This file is in the source code as an intention of using it in future FDS
releases.
Can somebody clarify my doubt?
Thanks,
Brown Diego.
15 years
[Fedora-directory-users] Password
by Per Qvindesland
Hi List
Does anyone know how I can configure it to auomaticly set the username as
the first password so the user can change the password on first login?
Regards
Per Qvindesland
15 years
[Fedora-directory-users] Problem in moving subtree of entries to new parent.
by Brown Diego
Hello all,
Currently I am facing problem with moving subtree of entries to a new
parent.
I am trying to move a subtree or a user to a new parent. I am getting the
following error message.
There are two OU’s under the suffix o=xyzcorp.com ou=education and
ou=finance.
Browny is the user in ou=education,o=xyzcorp.com. Now I need to move Browny
to ou=finance,o=xyzcorp.com.
When I attempt to do the following modification I am getting error.
dn: cn=Browny,ou=education,o=xyzcorp.com
changetype: modrdn
newrdn: cn=BrownyNew
deleteoldrdn: 0
newsuperior: ou=finance,o= xyzcorp.com
*new RDN: cn=BrownyNew, new parent ou=finance,o= xyzcorp.com (keep existing
values)
modifying RDN of entry cn=Browny,ou= education,o= xyzcorp.com and/or moving
it beneath a new parent
ldap_rename: DSA is unwilling to perform
ldap_rename: additional info: server does not support moving of entries*
*I tried it this way also,…….
*dn: cn=Browny,ou=education,o=xyzcorp.com
changetype: modrdn
newrdn: cn=Browny
deleteoldrdn: 1
newparent: ou=finance,o= xyzcorp.com
*……no success*
Like the same way I am not able to move the OU also to a new parent.
Is anybody aware of this.
If so educate me how to do this.
Thanks in advance,
Brown Deigo.
15 years
[Fedora-directory-users] Import Unix users
by Per Qvindesland
Hi list.
Does anyone know about a simple script to import users from /etc/passwd to
directory server? I found some n the Fedora Directory server but I am just
wondering if there might be some others ideas since I have to import from
several servers into different ou's
Regards
Per Qvindesland
15 years
Re: [Fedora-directory-users] Sync diff subtrees ?
by Emmanuel BILLOT
Emmanuel BILLOT a écrit :
> Marc Sauton a écrit :
>> Emmanuel BILLOT wrote:
>>> Hi,
>>>
>>> Yet a new pb (sorry :-( )
>>>
>>> I try to sync to different subtrees
>> sync is between suffixes://
>> http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Windows_Sync.html#Wi...
>>
>> with the note:
>> "
>> Any descendant container entries need to be created separately in
>> Active Directory by an administrator; Windows Sync does not create
>> container entries.
>> "
> Ok, however the DIT is already set on each directory.
> Users are directly under
> ou=People,dc=orleans,dc=ird,dc=fr for FDS
> and
> cn=utilisateurs,cn=orleans,dc=ird,dc=fr for AD (empty, i want to fill
> it with FDS users)
>
>
> There is no container or subtree to create.
> That's why i define those two suffixes in the sync agremment.
>
> In the logs, it seems that the replication get a FDS user in the
> subtree i defined in the agrement, for ex
> uid=vinet45,ou=people,dc=orleans,dc=ird,dc=fr, and then search the
> same entry in AD.
> It fails (AD subtree is empty and is differents than FDS's one), and
> all stop.
>
> What's wrong ?
>
> BR,
>
>
>>>
>>> ou=People,dc=orleans,dc=ird,dc=fr and
>>> cn=utilisateurs,cn=orleans,dc=ird,dc=fr
>>>
>>> since replication assistant asked for each sub tree, i thought it
>>> was easy to map it together.
>>>
>>> Logs say :
>>> [19/Mar/2009:14:53:33 +0100] NSMMReplicationPlugin - received entry
>>> from dirsync: CN=toutou,CN=Users,DC=ird,DC=fr
>>> [19/Mar/2009:14:53:33 +0100] NSMMReplicationPlugin - agmt="cn=j"
>>> (porlsvrdc0003:636): windows_process_total_entry: Looking
>>> dn="uid=zizou,ou=People,dc=orleans,dc=ird,dc=fr" (ours)
>>> [19/Mar/2009:14:53:33 +0100] NSMMReplicationPlugin - agmt="cn=j"
>>> (porlsvrdc0003:636): map_entry_dn_outbound: looking for AD entry for
>>> DS dn="uid=zizou,ou=People,dc=orleans,dc=ird,dc=fr" guid="(null)"
>>> [19/Mar/2009:14:53:33 +0100] NSMMReplicationPlugin - agmt="cn=j"
>>> (porlsvrdc0003:636): map_entry_dn_outbound: looking for AD entry for
>>> DS dn="uid=zizou,ou=People,dc=orleans,dc=ird,dc=fr" username="zizou"
>>> [19/Mar/2009:14:53:33 +0100] - Calling windows entry search request
>>> plugin
>>> [19/Mar/2009:14:53:33 +0100] NSMMReplicationPlugin - agmt="cn=j"
>>> (porlsvrdc0003:636): map_entry_dn_outbound: entry not found - rc -1
>>>
>>> Any idea ?
>>>
>>> BR,
>>>
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users(a)redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
I finally found what the pb was (cn/ou confusion)
Sync is working
--
==========================================
Emmanuel BILLOT
IRD - Orléans
Délégation aux Systèmes d'Information (DSI)
tél : 02 38 49 95 88
==========================================
15 years