error log showing Detected Disorderly Shutdown on startup
by Rankin, Kent
Upon startup, this is occurring:
[23/Jan/2010:12:31:42 -0500] - 389-Directory/1.2.4 B2009.307.1545 starting up
[23/Jan/2010:12:31:42 -0500] - Detected Disorderly Shutdown last time Directory Server was running, recovering database.
Any ideas?
Thanks.
14 years, 2 months
8.1 font weirdness on CentOS 5.3
by Mister Anonyme
Hi,
I have CentOS 5.3 installed with Redhat Directory Server 8.1 and Java 1.6.0
Here's the following installed packages:
adminutil-1.1.8-2.el5dsrv.x86_64.rpm
adminutil-devel-1.1.8-2.el5dsrv.x86_64.rpm
idm-console-framework-1.1.3-9.el5idm.noarch.rpm
jss-4.2.5-1.el5idm.x86_64.rpm
redhat-admin-console-8.1.0-2.el5dsrv.noarch.rpm
redhat-ds-8.1.0-1.el5dsrv.x86_64.rpm
redhat-ds-admin-8.1.0-9.el5dsrv.x86_64.rpm
redhat-ds-base-8.1.0-0.14.el5dsrv.x86_64.rpm
redhat-ds-base-devel-8.1.0-0.14.el5dsrv.x86_64.rpm
redhat-ds-console-8.1.0-5.el5dsrv.noarch.rpm
redhat-idm-console-1.0.1-1.el5idm.x86_64.rpm
java-1.6.0-openjdk-1.6.0.0-0.25.b09.el5
When I start redhat-idm-console, fonts aren't smooth and are hard to read in some tabs, unlike DS 8.0, see screenshots:
http://img402.imageshack.us/img402/6193/toto.png
http://img32.imageshack.us/img32/6838/toto1s.png
Probably some fonts are missing ? If yes, I would like to know what package to install ?
Thank you in advance!
_________________________________________________________________
Reinvent how you stay in touch with the new Windows Live Messenger.
http://go.microsoft.com/?linkid=9706116
14 years, 3 months
LDAP chaining issue with password changes
by Randall Wood
I have a Fedora Directory Server (version 1.1) on an appliance that is
chained to a CentOS Directory Server version 8.1 that is storing my
user's accounts. The appliance manages client systems that the users log
onto.
I am attempting to implement a password policy on the system that:
1) requires users to change their password on first logon after the
account is created or on first logon after an administrator has reset
their password.
2) requires that users are not allowed to change their password more
than once per day.
For some reason, users are only able to change their password on first
logon if I set the minimum age of the password to 0.
Does anyone have any recommendations concerning how to determine what
may be going on?
Thank you,
Randall Wood
Secure Systems Engineer
Trusted Computer Solutions
2350 Corporate Park Drive, Suite 500
Herndon, Virginia 20170
Tel (703) 537-4382 | Fax (703) 318-5041
rwood(a)trustedcs.com
http://www.trustedcs.com
14 years, 3 months
/usr/sbin/setup-ds-admin.pl failing on Fedora 11
by Andrew Commons
Hi,
I am trying to get the directory server running on a fresh install of Fedora
11. The setup-ds-admin.pl script is failing with the following message:
Can't locate Util.pm in @INC (@INC contains: /usr/lib/dirsrv/perl
/usr/local/lib/perl5/site_perl/5.10.0/i386-linux-thread-multi
/usr/local/lib/perl5/site_perl/5.10.0
/usr/lib/perl5/vendor_perl/5.10.0/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl
/usr/lib/perl5/5.10.0/i386-linux-thread-multi /usr/lib/perl5/5.10.0
/usr/lib/perl5/site_perl .) at /usr/lib/dirsrv/perl/AdminUtil.pm line 41.
BEGIN failed--compilation aborted at /usr/lib/dirsrv/perl/AdminUtil.pm line
41.
Compilation failed in require at /usr/sbin/setup-ds-admin.pl line 30.
BEGIN failed--compilation aborted at /usr/sbin/setup-ds-admin.pl line 30.
I can run setup-ds.pl through to completion without any trouble.
Using the Add/Remove software GUI I eventually installed every component
that came up when I searched for 389 just in case it was a dependency issue.
This made no difference at all.
I also copied DSUtil.pm to Util.pm in /usr/lib/dirsrv/perl/ just in
case....this removed the error above but it still failed with a further
compilation error.
Any ideas?
Regards,
Andrew
14 years, 3 months
id: cannot find name for group ID 505
by Ajeet S Raina
When I try logging into client it says:
login as: somuth
somuth(a)10.209.37.77's password:
Last login: Tue Jan 19 21:45:17 2010 from 10.209.37.146
id: cannot find name for group ID 505
[somuth@389-Client1 ~]$
[somuth@389-Client1 ~]$
any idea what could be the issue?
14 years, 3 months
Question about ADS and 389DS
by Sergio A. Morales
I have a question about ADS and 389DS sync.
I have 2 servers with 389DS in *multimaster replication* and one of this
server is in sync with active directory. All works just fine. I have no
problem at this point.
But i don't trust in Windows. I had nightmares of Windows, which for
some reason, automatically deletes all accounts and all my user
information is lost (over 2500 users).
There any way to make sure that if an account is deleted in Windows,
389DS will ignore the change and re-create this account in Windows?
Thanks for your time and sorry for my poor english
--
Sergio A. Morales <sergiomorales(a)archlinux.cl>
uSCI & CSRG Sysadmin
Archlinux Chile
14 years, 3 months
util.pm not found
by Suhel Momin
Hi,
I recently installed a fresh FC 11 and did a
[root@FC11 ~]#yum install 389-ds
This went fine but when I am trying to setup admin pl it says util.pm not
found in @INC
[root@FC11 ~]# /usr/sbin/setup-ds-admin.pl
Can't locate Util.pm in @INC (@INC contains: /usr/lib/dirsrv/perl
/usr/local/lib/perl5/site_perl/5.10.0/i386-linux-thread-multi
/usr/local/lib/perl5/site_perl/5.10.0
/usr/lib/perl5/vendor_perl/5.10.0/i386-linux-thread-multi
/usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl
/usr/lib/perl5/5.10.0/i386-linux-thread-multi /usr/lib/perl5/5.10.0
/usr/lib/perl5/site_perl .) at /usr/lib/dirsrv/perl/AdminUtil.pm line 41.
BEGIN failed--compilation aborted at /usr/lib/dirsrv/perl/AdminUtil.pm line
41.
Compilation failed in require at /usr/sbin/setup-ds-admin.pl line 30.
BEGIN failed--compilation aborted at /usr/sbin/setup-ds-admin.pl line 30.
Is there a quick workaround for this or am I doing some thing wrong?
I am referring to this document
http://directory.fedoraproject.org/wiki/Install_Guide#Installation_via_yum
Regards,
Suhel
14 years, 3 months
Re: [389-users] Change password of entries to clear-text
by Eric
Thanks
Can we have passwords encrypted in directory and between ldap server and
its client(proxy server)simultaneous? If not why? How can secure them?
>* Hi,
*>* I'm new in ldap and have installed ldap-389. The password of entries
*>* in database are saved in SSHA. How to config it to be clear-text? and
*>* how to change entries that are saved until now?
*>* thanks
*>*
*
With 389-console you can configure your server in order to save password
in CLEAR text or other algorithms. Just open the console, administrate
your server, then Configuration->DATA, and in the Password tab in the
bottom you can change the configuration.
You can't restore password already saved in SSHA. Your users will have
to change the password in order to apply changes.
Saludos
14 years, 3 months
VM Experiences
by Andreas Andersson
Hi!
I have some questions regarding experience with using production 389
DS / RedHat DS in a production environment.
Some info about our environment:
I'm running an environment consisting of two masters in a multimaster
setup replicating to eight consumers.
Our database is divided into several backend databases which results
in a total of 40+ replication agreements.
Our load is approximately around 24000 returned entries a minute and
we try to keep all entries in the entry cache.
We are thinking about virtualizing parts of this environment and I'm
wondering if anyone on this mailinglist has experience with
virtualizing whole or parts of a production environment.
Database size: Around 350 000.
Entries returned: 400 entries / s per replica.
Connections: 30 / s per replica (total 1000+ replica)
Current hardware: Blade servers, RHEL 5, 8gb memory.
Previous experience:
We have tested to run larger environments in virtual machines (VMWare)
in our lab which resulted in replication errors. This was a couple of
years ago and related to timestamps. Consumers with times older than
the replication, master, timestamp. Masters halted and other
replication errors worried us.
We were of course using ntp and there was some kind of fix for the
time shifting.
Another thing that comes in mind was "hickups" that was pretty common
in our load tests.
It would be very nice to hear other experiences with using 389 DS in
larger production environments.
Everything from replication stability to performance figures comparing
using hardware and virtualized machines.
Regards - Andreas
14 years, 3 months