Announcing 389 Admin Server 1.1.45 and Console packages
by Mark Reynolds
The 389 Directory Server team is proud to announce 389-admin,
389-adminutil, 389-console, 389-ds-console, 389-admin-console,
and idm-console-framework.
Fedora packages are available from the Fedora 24, Fedora 25, and
Rawhide repositories.
The new packages and versions are:
* 389-admin-1.1.45-1
* 389-adminutil-1.1.23-1
* 389-console-1.1.18-1
* 389-ds-console-1.2.15
* 389-admin-console-1.1.12-1
* idm-console-framework-1.1.17-1
Source tarballs are available for download at
Download Admin Source
<http://www.port389.org/binaries/389-admin-1.1.45.tar.bz2>
Download Adminutil Source
<http://www.port389.org/binaries/389-adminutil-1.1.23.tar.bz2>
Download 389-console Source
<http://www.port389.org/binaries/389-console-1.1.18.tar.bz2>
Download 389-ds-console Source
<http://www.port389.org/binaries/389-ds-console-1.2.15.tar.bz2>
Download 389-admin-console Source
<http://www.port389.org/binaries/389-admin-console-1.1.12.tar.bz2>
Download idm-console-framework Source
<http://www.port389.org/binaries/idm-console-framework-1.1.17.tar.bz2>
Highlights
* Several bugs are fixed.
Installation and Upgrade
See Download <http://www.port389.org/docs/389ds/download.html> for
information about setting up your yum repositories.
To install, use *yum install 389-ds* yum install 389-ds After install
completes, run *setup-ds-admin.pl* to set up your directory
server. setup-ds-admin.pl
To upgrade, use *yum upgrade* yum upgrade After upgrade completes, run
*setup-ds-admin.pl -u* to update your directory server/admin
server/console information. setup-ds-admin.pl -u
See Install_Guide
<http://www.port389.org/docs/389ds/legacy/install-guide.html> for more
information about the initial installation, setup, and upgrade
See Source <http://www.port389.org/docs/389ds/development/source.html>
for information about source tarballs and SCM (git) access.
Feedback
We are very interested in your feedback!
Please provide feedback and comments to the 389-users mailing list:
https://lists.fedoraproject.org/admin/lists/389-users.lists.fedoraproject...
and following pages:
* 389-admin-1.1.45-1.f25
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-9a07c81afa>
* 389-admin-1.1.45-1.f24
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-b1ec7bb18a>
* 389-adminutil-1.1.23-1.f25
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-7657a741a3>
* 389-adminutil-1.1.23-1.f24
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-e01c252a2a>
* idm-console-framework-1.1.17-1.f25
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-58834f0b0e>
* idm-console-framework-1.1.17-1.f24
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-f2af3ec61a>
* 389-console-1.1.18-1.f25
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-d95465347c>
* 389-console-1.1.18-1.f24
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-07d7111669>
* 389-ds-console-1.2.15-1.f25
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-ca30ede300>
* 389-ds-console-1.2.15-1.f24
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-e37b304df2>
* 389-admin-console-1.1.12-1.f25
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab72039c92>
* 389-admin-console-1.1.12-1.f24
<https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ea0ab2142>
If you find a bug, or would like to see a new feature, file it in our
Trac instance: https://fedorahosted.org/389
Detailed Changelog since 389-admin-1.1.44
* Bug 1236635 - 389-admin TPS srpmtest failure
* Ticket 48932 - stopping admin server stops all httpd processes
* Ticket 47413 - 389-admin fails to build with latest httpd
* Ticket 48931 - start-ds-admin should use systemctl
* Ticket 48823 - Admin Server - Add IPv6 support
* Ticket 48907 - register-ds-admin fails to find local config DS
* Ticket 48306 - perl module conditional test is not conditional when
checking SELinux policies
* Ticket 48213 - Admin server registration requires anonymous binds
* Ticket 48429 - running remove-ds-admin.pl multiple times will make
it so you cannot install DS
* Ticket 48410 - 389-admin - Unable to remove / unregister a DS
instance from admin server
* Ticket 48409 - RHDS upgrade change Ownership of certificate files
upon upgrade.
* Ticket 47840 - Fix setup-ds-admin.pl to create adm.conf with
sbin scripts
Detailed Changelog since 389-adminutil-1.1.22
* Ticket 48345 - bad check for NUL char in psetc.c
Detailed Changelog since 389-ds-console-1.1.12
* Ticket 49003 - Managed role error dialog empty
* Ticket 49003 - Add the host and port to the ldapurl in the role form
* Ticket 48926 - Fixed reset & save button behavior in the
password/account lockout panels
* Bumped version to 1.2.14
* Ticket 48926 - fix “expiresin” entry definition
* Bumped version to 1.2.13
* Ticket #48933 - drop support for legacy replication - need to clean code
* Ticket 48926 - Inactive “save” button in “Password policy” dialog
* Ticket 47469 - Cannot enter time in Replication schedule in console
* Ticket 48823 - ds-console - add IPv6 support
* Ticket #48417 - ds-console: lower password history minimum to 1
Detailed Changelog since 389-admin-console-1.1.10
* bump version to 1.1.12
* Ticket 48823 - admin-console - Add IPv6 support
* Ticket 48809 - Admin console displays the wrong log names
* bump version to 1.1.11
* Bug 1234441 - Security info from Help should be removed
Detailed Changelog since idm-console-framework-1.1.14
* Bump version to 1.1.17
* Ticket 49003 - Allow LDAP Urls without host and port
* Ticket 49003 - Add host and port to LDAP URL construction
* Bump version to 1.1.16
* Ticket 48565 - Provide better error message in console when there is
architecture mismatch
* Ticket 48743 - idm-console-framework - disable fortezza ciphers
by default
* Ticket 48823 - idm-console-framework - Add IPv6 support
* Bump version to 1.1.15
* Ticket #48811 - Console window could be hidden after login via
consoles on multiple hosts
7 years, 6 months
Re: ds-admin setup error
by Ghiurea, Isabella
Hi Noriko,
Thank you for reply! The Sysadmin here was able to build and compile the 389-DS 1.3.4.4 on rhel6-scientific linux 6, we have 3 other hosts with same cfg running fine, I am seeing this issues after we had to re-image this host , re-install the 389-ds packages from puppet we have , I am unable to rebuild the 389-DS now , any tips were to look for ?
Thank you
Isabella
7 years, 6 months
ds-admin setup error
by ghiureai
Hi LIst,
I am seeing a segmentation fault (Error updating console.conf: ) r when
trying to build 389-ds admin console ,
see details : running setup-ds-admin.pl , my OS and packages installed
Any clues , much appreciate.
Thank you
>>> setup-ds-admin.pl -ddd
+++check_and_add_entry: Entry not found cn=Commands,cn=admin-serv-xxx
cn=389 Administration Server, cn=Server Group, cn=..., ou=.....,
o=NetscapeRoot error No such object
+Entry cn=Commands,cn=admin-servxxxxxxxx, cn=389 Administration Server,
cn=Server Group, xxxxxxxxxxxxx, o=NetscapeRoot is added
+++updateLocalConf: writing Commands.objectclass: top
+++updateLocalConf: writing Commands.objectclass: nsResourceRef
+++check_and_add_entry: Entry not found
cn=sync-task-sie-data,cn=Commands,cn=xxxxxxxxxxxx, cn=389 Administration
Server, cn=Server Group, cn=xxxxxxxxxxx, ou=xxxxxxxxxxx, o=NetscapeRoot
error No such object
+++check_and_add_entry: attepting to modify the entry
cn=sync-task-sie-data,cn=Commands,cn=xxxxxxxxxxxx, cn=389 Administration
Server, cn=Server Group, xxxxxxxxxxxxx, o=NetscapeRoot that does not exist
+++updateLocalConf: writing Commands.sync-task-sie-data.changetype: modify
+++updateLocalConf: writing Commands.sync-task-sie-data.replace: nsHelpRef
+++updateLocalConf: writing Commands.sync-task-sie-data.nshelpref:
/usr/share/dirsrv/manual/help/sync-task-sie-data.html
+++check_and_add_entry: Entry not found
cn=sync-task-sie-data,cn=Commands,cn=xxxxxxxxxxxx cn=389 Administration
Server, cn=Server Group, xxxxxxxxxxxxxxxx, o=NetscapeRoot error No such
object
+Entry cn=sync-task-sie-data,cn=Commands,cn=admin-serv-xxxxxxxxxxxxxx,
cn=Server Group, xxxxxxxxxx, o=NetscapeRoot is added
+++updateLocalConf: writing Commands.sync-task-sie-data.objectclass: top
+++updateLocalConf: writing Commands.sync-task-sie-data.objectclass: nstask
+++updateLocalConf: writing Commands.sync-task-sie-data.nshelpref:
/usr/share/dirsrv/manual/help/sync-task-sie-data.html
+++updateLocalConf: writing Commands.sync-task-sie-data.nsexecref: runtime
+++check_and_add_entry: Entry not found
cn=change-sie-password,cn=Commands,cn=admin-serv-xxxxxxxxxxxxxxx
ou=xxxxxxxxxx, o=NetscapeRoot error No such object
+Entry cn=change-sie-password,cn=Commands,xxxxxxxxxxxxxxxxxxxxxxxxx
o=NetscapeRoot is added
+++updateLocalConf: writing Commands.change-sie-password.objectclass: top
+++updateLocalConf: writing Commands.change-sie-password.objectclass: nstask
+++updateLocalConf: writing Commands.change-sie-password.nsexecref: runtime
Updating adm.conf with information from configuration directory server . . .
Updating the configuration for the httpd engine . . .
+Running /usr/lib64/dirsrv/cgi-bin/config op=set
configuration.nsSuiteSpotUser="ldap-d"
configuration.nsServerAddress="0.0.0.0" ..._sh: line 1: 28656
Segmentation fault /usr/lib64/dirsrv/cgi-bin/config op=set
configuration.nsSuiteSpotUser="ldap-ds"
configuration.nsServerAddress="0.0.0.0" 2>&1__
_Error updating console.conf:
Could not update the httpd engine configuration.
Failed to create and configure the admin server
************************************************
my OS:
Linux 2.6.32-431.el6.x86_64 #1 SMP Thu Nov 21 13:35:52 CST 2013 x86_64
x86_64 x86_64 GNU/Linux
************************************************
rpm -qa | grep 389-*
389-admin-console-1.1.10-000.noarch
389-console-1.1.9-000.noarch
389-admin-1.1.42-000.x86_64
389-ds-base-1.3.4.4-000.x86_64
389-adminutil-1.1.22-000.x86_64
389-ds-console-1.2.12-000.noarch
*******************************************************
7 years, 6 months
Announcing Nunc-Stans 0.2.0
by William Brown
Nunc-Stans 0.2.0
The 389 Directory Server team is proud to announce nunc-stans version
0.2.0.
Source tarballs are available for download at:
http://www.port389.org/binaries/nunc-stans-0.2.0.tar.xz
sha256sum nunc-stans-0.2.0.tar.xz
975bf4f4df4a6592bafd957e7af09472f04aca70a4bd23cec1217dcd8c7a5864
Highlights in 0.2.0
* Code quality and stability improvements
* Performance improvements in all cases
* API simplification
* Test coverage and stress testing
Installation
See Source http://www.port389.org/docs/389ds/development/source.html
for information about source tarballs and SCM (git) access.
Feedback
We are very interested in your feedback!
Please provide feedback and comments to the 389-users mailing list:
https://lists.fedoraproject.org/admin/lists/389-users.lists.fedoraproject...
If you find a bug, or would like to see a new feature, file it in our
Trac instance: https://fedorahosted.org/nunc-stans/
Detailed Changelog since 0.1.8
* Ticket 65 - fix get set valid states
* Ticket 64 - Remove ns_job_modify
* Ticket 63 - segfault in thr_stack_create.
* Ticket 61 - Convert barriers to monitor on job.
* Ticket 55 - Remove the thread pool scaleup / down skeleton
* Ticket 62 - Remove unnecessary counters from jobs
* Ticket 60 - Fix nuncstans spec file
* Ticket 45 - Upgrade liblfds to 710
* Ticket 59 - Heap use after free in ns_job_done
* Ticket 58 - Add stress test
* Ticket 57 - Ability to disarm a persistent job from within it's
callback
* Ticket 52 - ns_job_modify should not rearm
* Ticket 57 - Update the configure and autotools files
* Ticket 57 - Implement a strict state machine for nunc-stans jobs
* Ticket 54 - Move job done callback
* Ticket 51 - Job rearm should ignore if ns_persist is set
* Ticket 54 - job done callback
* Ticket 50 - Add ns_job_set_data helper
* Ticket 49 - pkgconfig missing -L option
--
Sincerely,
William Brown
Software Engineer
Red Hat, Brisbane
7 years, 6 months
Remote Management Console doesn't show "Directory Server" entry anymore
by wodel youchi
Hi,
I am using 389DS on Centos7 x64
[root@idm01 ~]# rpm -qa | grep 389
389-admin-console-doc-1.1.10-1.el7.noarch
389-console-1.1.9-1.el7.noarch
389-adminutil-1.1.22-1.el7.x86_64
389-admin-1.1.42-1.el7.x86_64
389-ds-base-1.3.4.0-33.el7_2.x86_64
389-ds-console-1.2.12-1.el7.noarch
389-ds-base-libs-1.3.4.0-33.el7_2.x86_64
389-admin-console-1.1.10-1.el7.noarch
389-ds-console-doc-1.2.12-1.el7.noarch
A week ago I started having a weird problem using the 389DS's java
management console remotely.
If I connect locally with the console, I get the two entries of the
directory server under server group :
- Administration server
- Directory server
But when I use the console from another machine, a Windows machine with the
management console installed on it, I get only the "Administration server"
entry.
So I cannot access the directory server to modify entries.
I am using the 'Directoy Manager' to login to the console.
I didn't find anything special on the error and access logs from neither
the admin server no from the directory server.
any idea where to search.
Regards.
7 years, 6 months
389 Directory Password Expiry Behaviour
by jamoflaw@gmail.com
Hi,
We are seeing some odd behaviour with 389 compared to what the diagram below suggests (from RHDS Documentation)
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8....
We have a user with an expired password with no grace logons, that user is unable to change their own password. On bind they receive "Invalid Credentials 49 Additinoal Info: password expired!" which is the same we see when manually trying to change the password (using their account to bind) using ldappasswd as well.
According to the flow diagram we should be expecting 389 to basically force change the password, which incidentally works fine when the passwordexpirytime attribute is set to epoch but not when it is any other value.
My question is basically how should we expect this to work? and how should a user with an expired password be able to change their password without admin assistance.
Thanks
James
7 years, 6 months
