When configuring Microsoft Outlook (not Outlook Express) to access an LDAP directory, there is an option to 'Enable Browsing (requires server support)'. If this option is chosen and the directory server supports it, then you should be able to open the LDAP address book and page up and down through the results. I have been unable to get this working properly with 389 DS.
When I try to browse from Outlook against the 389 DS directory, I am able to see the first page of results perfectly. However, if I move to the next page, only the first object returned will have any attributes included, and all of the rest of the objects in the page will have no attributes. I have a test perl script that duplicates this functionality as well.
I can get this to work properly with an older version of Netscape Directory Server, and I can get it working with OpenDS. Since 389 DS advertises support for the controls that are required for this to work, just like the other two servers, then I would expect it to work there also.
Has anyone out there gotten this to work with 389 DS? If so, can you share if there was anything special that you needed to do to get this to work? I'm trying to determine if this is a bug in the server, or if I'm just missing something in the configuration.
You Run Your Business. We'll Run Your Email.
This message is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information of USA.NET, Inc. Any unauthorized review, use, copying, disclosure, or distribution is prohibited. If you are not the intended recipient, please immediately contact the sender by reply email and delete all copies of the original message.
Hello everybody. In our company we have an environment with four directory servers (389-ds-base version 18.104.22.168) with multi-master replication and every master replicates to other six directory servers (389-ds-base version 22.214.171.124) slaves. Our servers have a suffix and several sub-suffixes so that we have a root base for the root suffix and several bases and each sub-suffixes has its base. We are used Owncloud as cloud storage solution that authenticates and searches in the master servers. Certain operations for the Ownclould performs paged searches in directory servers. It turns out that when we point the Owncloud to the root suffix paged searches return several pages without any content and others with content. If we point to one of our sub-suffixes the paged search return correctly. The nsslapd-pagedsizelimit attributes, nsslapd-pagedlookthroughlimit and nsslapd-pagedidlistscanlimit are not configured for any base. The configuration of these attributes can solve the problem of empty pages in paged searches? If not, is there any other configuration that can be done to correct paged searches with empty content?
Thanks a lot
Rede de Suporte Técnico em Diretório
Serpro - Serviço Federal de Processamento de Dados
☎ (11) 2173-1850
"Homo homini lupus"
"Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco."
"This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) -- a government company established under Brazilian law (5.615/70) -- is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you're not the addressee, please send it back, elucidating the failure."
I am Robert Kuska, I am a python co-maintainer
and co-owner of change Python3 as default which aims to provide
python3 only packages by default across different fedora platform
The reason why I am contacting you is, that 389-ds-base package is part
of default installation on fedora server, from the brief look at files
included in package following files are written in python:
Also it seems that they don't support python3.
Do you plan to invest any time to python3 support in near future (meaning months,
specifically, we need python3 support in 389-ds-base before 1st of September)?
Thank you for your time.
Please keep me in cc as I am not subscribed to this mailing list.
Or feel free to contact me on fedora-devel or fedora-python @freenode.
389 Directory Server 126.96.36.199
The 389 Directory Server team is proud to announce 389-ds-base version
Fedora packages are available from the Fedora 22 and Rawhide repositories.
The new packages and versions are:
Source tarballs are available for download at Download 389-ds-base
Source <http://www.port389.org/binaries/389-ds-base-188.8.131.52.tar.bz2> and
Download nunc-stans Source
Highlights in 184.108.40.206
* A new version is available featuring Nunc Stans
Installation and Upgrade
See Download <http://www.port389.org/docs/389ds/download.html> for
information about setting up your yum repositories.
To install, use *yum install 389-ds* yum install 389-ds After install
completes, run *setup-ds-admin.pl* to set up your directory
To upgrade, use *yum upgrade* yum upgrade After upgrade completes, run
*setup-ds-admin.pl -u* to update your directory server/admin
server/console information. setup-ds-admin.pl -u
<http://www.port389.org/docs/389ds/legacy/install-guide.html> for more
information about the initial installation, setup, and upgrade
See Source <http://www.port389.org/docs/389ds/development/source.html>
for information about source tarballs and SCM (git) access.
We are very interested in your feedback!
Please provide feedback and comments to the 389-users mailing list:
https://admin.fedoraproject.org/mailman/listinfo/389-users as well as
If you find a bug, or would like to see a new feature, file it in our
Trac instance: https://fedorahosted.org/389
Detailed Changelog since 220.127.116.11
* Enable nunc-stans in the build.
* Ticket 47490 - test case failing if 47721 is also fixed
* Ticket 47640 - Linked attributes transaction not aborted when linked
entry does not exit
* Ticket 47669 - CI test: added test cases for ticket 47669
* Ticket 47669 - Retro Changelog Plugin accepts invalid value in
* Ticket 47723 - winsync sets AccountUserControl in AD to 544
* Ticket 47787 - Make the test case more robust
* Ticket 47833 - TEST CASE only (modrdn fails if renamed entry member
of a group and is out of memberof scope)
* Ticket 47878 - Improve setup-ds update logging
* Ticket 47893 - should use Sys::Hostname instead Net::Domain
* Ticket 47910 - allow logconv.pl -S/-E switches to work even when
timestamps not present in access log
* Ticket 47913 - remove-ds.pl should not remove /var/lib/dirsrv
* Ticket 47921 - indirect cos does not reflect changes in the
* Ticket 47927 - Uniqueness plugin: should allow to exclude some
subtrees from its scope
* Ticket 47953 - testcase for removing invalid aci
* Ticket 47966 - CI test: added test cases for ticket 47966
* Ticket 47966 - slapd crashes during Dogtag clone reinstallation
* Ticket 47972 - make parsing of nsslapd-changelogmaxage more
* Ticket 47972 - make parsing of nsslapd-changelogmaxage more fool proof
* Ticket 47998 - cleanup WINDOWS ifdef’s
* Ticket 47998 - remove remaining obsolete OS code/files
* Ticket 47998 - remove “windows” files
* Ticket 47999 - address several race conditions in tests
* Ticket 47999 - lib389 individual tests not running correctly when
run as a whole
* Ticket 48003 - build “suite” framework
* Ticket 48008 - db2bak.pl man page should be improved.
* Ticket 48017 - add script to generate lib389 CI test script
* Ticket 48019 - Remove refs to constants.py and backup/restore from
* Ticket 48023 - replace old replication check with lib389 function
* Ticket 48025 - add an option ‘-u’ to dbgen.pl for adding group
entries with uniquemembers
* Ticket 48026 - fix invalid write for friendly attribute names
* Ticket 48026 - Fix memory leak in uniqueness plugin
* Ticket 48026 - Support for uniqueness plugin to enforce uniqueness
on a set of attributes.
* Ticket 48032 - change C code license to GPLv3; change C code license
to allow openssl
* Ticket 48035 - nunc-stans - Revise shutdown sequence
* Ticket 48036 - ns_set_shutdown should call ns_job_done
* Ticket 48037 - ns_thrpool_new should take a config struct rather
than many parameters
* Ticket 48038 - logging should be pluggable
* Ticket 48039 - nunc-stans malloc should be pluggable
* Ticket 48040 - preserve the FD when disabling a listener
* Ticket 48043 - use nunc-stans config initializer
* Ticket 48103 - update DS for new nunc-stans header file
* Ticket 48110 - Free all the nunc-stans signal jobs when shutdown
* Ticket 48111 - “make clean” wipes out original files
* Ticket 48122 - nunc-stans FD leak
* Ticket 48127 - Using RPM, allows non root user to create/remove
* Ticket 48141 - aci with wildcard and macro not correctly evaluated
* Ticket 48143 - Password is not correctly passed to perl command line
tools if it contains shell special characters.
* Ticket 48149 - ns-slapd double free or corruption crash
* Ticket 48154 - abort cleanAllRUV tasks should not certify-all by default
* Ticket 48169 - support NSS 3.18
* Ticket 48170 - Parse nsIndexType correctly
* Ticket 48175 - Avoid using regex in ACL if possible
* Ticket 48178 - add config param to enable nunc-stans
* Ticket 48191 - CI test: added test cases for ticket 48191
* Ticket 48191 - RFE: Adding nsslapd-maxsimplepaged-per-conn
* Ticket 48191 - RFE: Adding nsslapd-maxsimplepaged-per-conn
* Ticket 48194 - CI test: added test cases for ticket 48194
* Ticket 48197 - error texts from preop plugins not sent to client
excuse me if you get this more than once. For those interested, see
below the reminder for the CfP for LDAPCon 2015.
-------- Forwarded Message --------
Subject: LDAPCon 2015 submission deadline approaching
Date: Fri, 19 Jun 2015 13:36:30 +0100
From: Andrew Findlay <andrew.findlay(a)skills-1st.co.uk>
To: LDAP mailing list <ldap(a)umich.edu>
LDAPCon 2015 will be held in Edinburgh on 11-13 November.
The submission deadline for paper and tutorial proposals is 28th June
so you have just one week to send us your ideas:
| From Andrew Findlay, Skills 1st Ltd |
| Consultant in large-scale systems, networks, and directory services |
| http://www.skills-1st.co.uk/ +44 1628 782565 |
we are using the branch 1.3.2 on CentOS7 in our production environment (version 18.104.22.168 with some additional patches from the git of this branch).
There are three MMR replicating servers. It's one month of uptime and the servers wanted to trim the replication log. Here is what i've found in error log on each of them :
[18/Jun/2015:08:04:31 +0200] - libdb: BDB2055 Lock table is out of available lock entries
[18/Jun/2015:08:04:31 +0200] NSMMReplicationPlugin - changelog program - _cl5CompactDBs: failed to compact a45fa684-f28d11e4-af27aa63-5121b7ef; db error - 12 Cannot allocate memory
[18/Jun/2015:08:10:34 +0200] - libdb: BDB2055 Lock table is out of available lock entries
[18/Jun/2015:08:10:34 +0200] NSMMReplicationPlugin - changelog program - _cl5CompactDBs: failed to compact acb7e184-f28d11e4-9b13d240-c66923c8; db error - 12 Cannot allocate memory
[18/Jun/2015:08:18:10 +0200] - libdb: BDB2055 Lock table is out of available lock entries
[18/Jun/2015:08:18:10 +0200] NSMMReplicationPlugin - changelog program - _cl5CompactDBs: failed to compact acb7e184-f28d11e4-8067eff8-b1ca763b; db error - 12 Cannot allocate memory
The changelog itself is not huge :
[root@ldap-ens]# ll -h /Local/dirsrv/var/lib/dirsrv/slapd-ens/changelogdb/
-rw------- 1 ldap ldap 390M Jun 18 10:18 a45fa684-f28d11e4-af27aa63-5121b7ef_5547be40000000010000.db
-rw-r--r-- 1 ldap ldap 0 May 19 08:02 a45fa684-f28d11e4-af27aa63-5121b7ef.sema
-rw------- 1 ldap ldap 30 May 4 20:45 DBVERSION
The server are working correctky, the replication is also working
What are the potential consequences of this error? How can we avoid it?