support for rfc2307bis
by Winstanley, Anthony
After reading Trevor's thread on schema, there's a core issue here:
How does one go about choosing between RFC2307 and RFC2307bis? (They are incompatible: You can't have both.)
Is it RedHat's position to mandate the use of RFC2307 and remove RFC2307bis as a supported option?
(In other words, if you want RFC2307bis, you're on your own, and you'll have to deal with the possibility that any changes you make to core schema might be subsequently undone by updates to 389-ds.)
Anthony
6 years, 6 months
Hello
by Joyce Dumbiri
Joywiner
6 years, 6 months
New Install Missing Schema Files
by Trevor Fong
Hi Everyone,
I just did a new install and it looks like no schema files were included with it?
I seem to remember that previously, included schema files would be in /etc/dirsrv/schema and would get copied into any new instances that were set up.
However with this install /etc/dirsrv/schema/ only contained 99user.ldif
Am I missing something?
Thanks a lot,
Trev
Here’s what I did:
[root@eldapdch1 tfong]# uname -a
Linux eldapdch1 3.10.0-693.2.2.el7.x86_64 #1 SMP Sat Sep 9 03:55:24 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@eldapdch1 etc]# yum install 389-ds
Loaded plugins: rhnplugin, search-disabled-repos
This system is receiving updates from RHN Classic or Red Hat Satellite.
Resolving Dependencies
--> Running transaction check
---> Package 389-ds.noarch 0:1.2.2-6.el7 will be installed
--> Processing Dependency: 389-dsgw for package: 389-ds-1.2.2-6.el7.noarch
--> Processing Dependency: 389-ds-console-doc for package: 389-ds-1.2.2-6.el7.noarch
--> Processing Dependency: 389-ds-console for package: 389-ds-1.2.2-6.el7.noarch
--> Processing Dependency: 389-ds-base for package: 389-ds-1.2.2-6.el7.noarch
--> Processing Dependency: 389-console for package: 389-ds-1.2.2-6.el7.noarch
--> Processing Dependency: 389-admin-console-doc for package: 389-ds-1.2.2-6.el7.noarch
--> Processing Dependency: 389-admin-console for package: 389-ds-1.2.2-6.el7.noarch
--> Processing Dependency: 389-admin for package: 389-ds-1.2.2-6.el7.noarch
--> Running transaction check
---> Package 389-admin.x86_64 0:1.1.46-1.el7 will be installed
--> Processing Dependency: libadmsslutil.so.0()(64bit) for package: 389-admin-1.1.46-1.el7.x86_64
--> Processing Dependency: libadminutil.so.0()(64bit) for package: 389-admin-1.1.46-1.el7.x86_64
---> Package 389-admin-console.noarch 0:1.1.12-1.el7 will be installed
---> Package 389-admin-console-doc.noarch 0:1.1.12-1.el7 will be installed
---> Package 389-console.noarch 0:1.1.18-1.el7 will be installed
---> Package 389-ds-base.x86_64 0:1.3.6.1-19.el7_4 will be installed
--> Processing Dependency: 389-ds-base-libs = 1.3.6.1-19.el7_4 for package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
--> Processing Dependency: libnunc-stans.so.0()(64bit) for package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
--> Processing Dependency: libsds.so.0()(64bit) for package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
--> Processing Dependency: libns-dshttpd-1.3.6.1.so()(64bit) for package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
--> Processing Dependency: libslapd.so.0()(64bit) for package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
---> Package 389-ds-console.noarch 0:1.2.16-1.el7 will be installed
---> Package 389-ds-console-doc.noarch 0:1.2.16-1.el7 will be installed
---> Package 389-dsgw.x86_64 0:1.1.11-5.el7 will be installed
--> Running transaction check
---> Package 389-adminutil.x86_64 0:1.1.21-2.el7 will be installed
---> Package 389-ds-base-libs.x86_64 0:1.3.6.1-19.el7_4 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=========================================================================================================================================================================================================
Package Arch Version Repository Size
=========================================================================================================================================================================================================
Installing:
389-ds noarch 1.2.2-6.el7 epel 11 k
Installing for dependencies:
389-admin x86_64 1.1.46-1.el7 epel 391 k
389-admin-console noarch 1.1.12-1.el7 epel 204 k
389-admin-console-doc noarch 1.1.12-1.el7 epel 45 k
389-adminutil x86_64 1.1.21-2.el7 epel 73 k
389-console noarch 1.1.18-1.el7 epel 75 k
389-ds-base x86_64 1.3.6.1-19.el7_4 rhel-x86_64-server-7 1.7 M
389-ds-base-libs x86_64 1.3.6.1-19.el7_4 rhel-x86_64-server-7 678 k
389-ds-console noarch 1.2.16-1.el7 epel 1.4 M
389-ds-console-doc noarch 1.2.16-1.el7 epel 57 k
389-dsgw x86_64 1.1.11-5.el7 epel 513 k
Transaction Summary
=========================================================================================================================================================================================================
Install 1 Package (+10 Dependent packages)
Total download size: 5.1 M
Installed size: 14 M
Is this ok [y/d/N]: y
Downloading packages:
(7/11): 389-ds-base-1.3.6.1-19.el7_4.x86_64.rpm | 1.7 MB 00:00:00
(8/11): 389-ds-base-libs-1.3.6.1-19.el7_4.x86_64.rpm | 678 kB 00:00:00
(1/9): 389-admin-1.1.46-1.el7.x86_64.rpm | 391 kB 00:00:00
(2/9): 389-admin-console-1.1.12-1.el7.noarch.rpm | 204 kB 00:00:00
(3/9): 389-admin-console-doc-1.1.12-1.el7.noarch.rpm | 45 kB 00:00:00
(4/9): 389-adminutil-1.1.21-2.el7.x86_64.rpm | 73 kB 00:00:00
(5/9): 389-console-1.1.18-1.el7.noarch.rpm | 75 kB 00:00:00
(6/9): 389-ds-1.2.2-6.el7.noarch.rpm | 11 kB 00:00:00
(7/9): 389-ds-console-1.2.16-1.el7.noarch.rpm | 1.4 MB 00:00:02
(8/9): 389-ds-console-doc-1.2.16-1.el7.noarch.rpm | 57 kB 00:00:00
(9/9): 389-dsgw-1.1.11-5.el7.x86_64.rpm | 513 kB 00:00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 842 kB/s | 5.1 MB 00:00:06
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 389-adminutil-1.1.21-2.el7.x86_64 1/11
Installing : 389-console-1.1.18-1.el7.noarch 2/11
Installing : 389-ds-base-libs-1.3.6.1-19.el7_4.x86_64 3/11
Installing : 389-ds-base-1.3.6.1-19.el7_4.x86_64 4/11
Installing : 389-admin-1.1.46-1.el7.x86_64 5/11
Installing : 389-admin-console-1.1.12-1.el7.noarch 6/11
Installing : 389-ds-console-1.2.16-1.el7.noarch 7/11
Installing : 389-ds-console-doc-1.2.16-1.el7.noarch 8/11
Installing : 389-admin-console-doc-1.1.12-1.el7.noarch 9/11
Installing : 389-dsgw-1.1.11-5.el7.x86_64 10/11
Installing : 389-ds-1.2.2-6.el7.noarch 11/11
Verifying : 389-adminutil-1.1.21-2.el7.x86_64 1/11
Verifying : 389-dsgw-1.1.11-5.el7.x86_64 2/11
Verifying : 389-admin-console-doc-1.1.12-1.el7.noarch 3/11
Verifying : 389-ds-console-doc-1.2.16-1.el7.noarch 4/11
Verifying : 389-ds-base-1.3.6.1-19.el7_4.x86_64 5/11
Verifying : 389-admin-console-1.1.12-1.el7.noarch 6/11
Verifying : 389-ds-base-libs-1.3.6.1-19.el7_4.x86_64 7/11
Verifying : 389-ds-1.2.2-6.el7.noarch 8/11
Verifying : 389-ds-console-1.2.16-1.el7.noarch 9/11
Verifying : 389-admin-1.1.46-1.el7.x86_64 10/11
Verifying : 389-console-1.1.18-1.el7.noarch 11/11
Installed:
389-ds.noarch 0:1.2.2-6.el7
Dependency Installed:
389-admin.x86_64 0:1.1.46-1.el7 389-admin-console.noarch 0:1.1.12-1.el7 389-admin-console-doc.noarch 0:1.1.12-1.el7 389-adminutil.x86_64 0:1.1.21-2.el7
389-console.noarch 0:1.1.18-1.el7 389-ds-base.x86_64 0:1.3.6.1-19.el7_4 389-ds-base-libs.x86_64 0:1.3.6.1-19.el7_4 389-ds-console.noarch 0:1.2.16-1.el7
389-ds-console-doc.noarch 0:1.2.16-1.el7 389-dsgw.x86_64 0:1.1.11-5.el7
Complete!
[root@eldapdch1 etc]# cd /etc/dirsrv/
[root@eldapdch1 dirsrv]# ll
total 4
drwx------. 2 dirsrv root 4096 Oct 6 14:52 admin-serv
drwxr-xr-x. 2 root root 79 Oct 6 14:52 config
drwxr-xr-x. 2 root root 28 Oct 6 14:53 dsgw
drwxr-xr-x. 2 root root 24 Oct 6 14:52 schema
[root@eldapdch1 dirsrv]# cd schema/
[root@eldapdch1 schema]# ll
total 4
-rw-r--r--. 1 root root 291 Aug 22 06:32 99user.ldif
6 years, 6 months
Re: New Install Missing Schema Files
by Mark Reynolds
On 10/10/2017 02:19 PM, Mark Reynolds wrote:
>
>
> On 10/10/2017 01:12 PM, Trevor Fong wrote:
>> Oh - I get it now; core schema is now immutably maintained in
>> /usr/share/dirsrv/schema/ and is referenced by each slapd instance.
>>
>> How do I go about overriding the core schema?
> You are not supposed to :-/
>
> You can try stopping the server, then replacing the file in
> /usr/dirsrv/share/schema. It looks like it's still pulling it into:
> /etc/dirsrv/slapd-eldapdcp1/schema, so you might have to do it in two
> locations
>> For example, if I wanted to replace 10rfc2307.ldif
>> with 10rfc2307bis.ldif, what would I do?
>> Previously, we would remove
>> /etc/dirsrv/slapd-<instance>/schema/10rfc2307.ldif and add
>> /etc/dirsrv/slapd-<instance>/schema/10rfc2307bis.ldif
>> How would we accomplish this now with core schema immutably
>> maintained in /usr/share/dirsrv/schema/?
>>
>> Currently I get the fatal error:
>>
>> [10/Oct/2017:10:07:50.514409639 -0700] - ERR - dse_read_one_file -
>> The entry cn=schema in file
>> /etc/dirsrv/slapd-eldapdcp1/schema/10rfc2307bis.ldif (lineno: 1) is
>> invalid, error code 20 (Type or value exists) - object class nisMap:
>> The name does not match the OID "1.3.6.1.1.1.2.9". Another object
>> class is already using the name or OID.
>>
>> because it clashes with the
>> default /usr/share/dirsrv/schema/10rfc2307.ldif
>>
>> Thanks,
>> Trev
>>
>>
>> On 10 October 2017 at 09:46, Mark Reynolds <mareynol(a)redhat.com
>> <mailto:mareynol@redhat.com>> wrote:
>>
>>
>>
>> On 10/10/2017 12:36 PM, Trevor Fong wrote:
>>> Hi Mark and Michael,
>>>
>>> Thanks a lot for your replies.
>>> I've run the setup-ds.pl <http://setup-ds.pl/> (and also
>>> tried setup-ds-admin.pl <http://setup-ds-admin.pl/>),
>>> /etc/dirsrv/slapd-<instance>/schema only contains 99user.ldif.
>>> /usr/share/dirsrv/schema does indeed contain all the default
>>> schema files, but it doesn't look like they're copied to the
>>> instance schema dir.
>> Correct, the core schema stays in /usr/share/dirsrv/schema, while
>> custom schema is in the instance directory.
>>
>> Are you running into problems?
>>
>>>
>>> Trev
>>>
>>> On 10 October 2017 at 08:19, Mark Reynolds <mareynol(a)redhat.com
>>> <mailto:mareynol@redhat.com>> wrote:
>>>
>>>
>>>
>>> On 10/10/2017 11:13 AM, Trevor Fong wrote:
>>> > Hi Everyone,
>>> >
>>> > I just did a new install and it looks like no schema files
>>> were included with it?
>>> > I seem to remember that previously, included schema files
>>> would be in /etc/dirsrv/schema and would get copied into any
>>> new instances that were set up.
>>> > However with this install /etc/dirsrv/schema/ only
>>> contained 99user.ldif
>>> > Am I missing something?
>>> Things were changed for the "core" server schema. It should
>>> be in
>>> /usr/share/dirsrv/schema
>>> >
>>> > Thanks a lot,
>>> > Trev
>>> >
>>> > Here’s what I did:
>>> >
>>> > [root@eldapdch1 tfong]# uname -a
>>> > Linux eldapdch1 3.10.0-693.2.2.el7.x86_64 #1 SMP Sat Sep 9
>>> 03:55:24 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux
>>> > [root@eldapdch1 etc]# yum install 389-ds
>>> > Loaded plugins: rhnplugin, search-disabled-repos
>>> > This system is receiving updates from RHN Classic or Red
>>> Hat Satellite.
>>> > Resolving Dependencies
>>> > --> Running transaction check
>>> > ---> Package 389-ds.noarch 0:1.2.2-6.el7 will be installed
>>> > --> Processing Dependency: 389-dsgw for package:
>>> 389-ds-1.2.2-6.el7.noarch
>>> > --> Processing Dependency: 389-ds-console-doc for package:
>>> 389-ds-1.2.2-6.el7.noarch
>>> > --> Processing Dependency: 389-ds-console for package:
>>> 389-ds-1.2.2-6.el7.noarch
>>> > --> Processing Dependency: 389-ds-base for package:
>>> 389-ds-1.2.2-6.el7.noarch
>>> > --> Processing Dependency: 389-console for package:
>>> 389-ds-1.2.2-6.el7.noarch
>>> > --> Processing Dependency: 389-admin-console-doc for
>>> package: 389-ds-1.2.2-6.el7.noarch
>>> > --> Processing Dependency: 389-admin-console for package:
>>> 389-ds-1.2.2-6.el7.noarch
>>> > --> Processing Dependency: 389-admin for package:
>>> 389-ds-1.2.2-6.el7.noarch
>>> > --> Running transaction check
>>> > ---> Package 389-admin.x86_64 0:1.1.46-1.el7 will be installed
>>> > --> Processing Dependency: libadmsslutil.so.0()(64bit) for
>>> package: 389-admin-1.1.46-1.el7.x86_64
>>> > --> Processing Dependency: libadminutil.so.0()(64bit) for
>>> package: 389-admin-1.1.46-1.el7.x86_64
>>> > ---> Package 389-admin-console.noarch 0:1.1.12-1.el7 will
>>> be installed
>>> > ---> Package 389-admin-console-doc.noarch 0:1.1.12-1.el7
>>> will be installed
>>> > ---> Package 389-console.noarch 0:1.1.18-1.el7 will be
>>> installed
>>> > ---> Package 389-ds-base.x86_64 0:1.3.6.1-19.el7_4 will be
>>> installed
>>> > --> Processing Dependency: 389-ds-base-libs =
>>> 1.3.6.1-19.el7_4 for package:
>>> 389-ds-base-1.3.6.1-19.el7_4.x86_64
>>> > --> Processing Dependency: libnunc-stans.so.0()(64bit) for
>>> package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
>>> > --> Processing Dependency: libsds.so.0()(64bit) for
>>> package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
>>> > --> Processing Dependency: libns-dshttpd-1.3.6.1.so
>>> <http://libns-dshttpd-1.3.6.1.so>()(64bit) for package:
>>> 389-ds-base-1.3.6.1-19.el7_4.x86_64
>>> > --> Processing Dependency: libslapd.so.0()(64bit) for
>>> package: 389-ds-base-1.3.6.1-19.el7_4.x86_64
>>> > ---> Package 389-ds-console.noarch 0:1.2.16-1.el7 will be
>>> installed
>>> > ---> Package 389-ds-console-doc.noarch 0:1.2.16-1.el7 will
>>> be installed
>>> > ---> Package 389-dsgw.x86_64 0:1.1.11-5.el7 will be installed
>>> > --> Running transaction check
>>> > ---> Package 389-adminutil.x86_64 0:1.1.21-2.el7 will be
>>> installed
>>> > ---> Package 389-ds-base-libs.x86_64 0:1.3.6.1-19.el7_4
>>> will be installed
>>> > --> Finished Dependency Resolution
>>> >
>>> > Dependencies Resolved
>>> >
>>> >
>>> =========================================================================================================================================================================================================
>>> > Package Arch
>>> Version
>>> Repository
>>> Size
>>> >
>>> =========================================================================================================================================================================================================
>>> > Installing:
>>> > 389-ds
>>> noarch 1.2.2-6.el7
>>> epel
>>> 11 k
>>> > Installing for dependencies:
>>> > 389-admin
>>> x86_64 1.1.46-1.el7
>>> epel
>>> 391 k
>>> > 389-admin-console
>>> noarch 1.1.12-1.el7
>>> epel
>>> 204 k
>>> > 389-admin-console-doc
>>> noarch 1.1.12-1.el7
>>> epel
>>> 45 k
>>> > 389-adminutil
>>> x86_64 1.1.21-2.el7
>>> epel
>>> 73 k
>>> > 389-console
>>> noarch 1.1.18-1.el7
>>> epel
>>> 75 k
>>> > 389-ds-base
>>> x86_64 1.3.6.1-19.el7_4
>>> rhel-x86_64-server-7
>>> 1.7 M
>>> > 389-ds-base-libs
>>> x86_64 1.3.6.1-19.el7_4
>>> rhel-x86_64-server-7
>>> 678 k
>>> > 389-ds-console
>>> noarch 1.2.16-1.el7
>>> epel
>>> 1.4 M
>>> > 389-ds-console-doc
>>> noarch 1.2.16-1.el7
>>> epel
>>> 57 k
>>> > 389-dsgw
>>> x86_64 1.1.11-5.el7
>>> epel
>>> 513 k
>>> >
>>> > Transaction Summary
>>> >
>>> =========================================================================================================================================================================================================
>>> > Install 1 Package (+10 Dependent packages)
>>> >
>>> > Total download size: 5.1 M
>>> > Installed size: 14 M
>>> > Is this ok [y/d/N]: y
>>> > Downloading packages:
>>> > (7/11): 389-ds-base-1.3.6.1-19.el7_4.x86_64.rpm
>>>
>>> |
>>> 1.7 MB 00:00:00
>>> > (8/11): 389-ds-base-libs-1.3.6.1-19.el7_4.x86_64.rpm
>>>
>>>
>>> | 678 kB 00:00:00
>>> > (1/9): 389-admin-1.1.46-1.el7.x86_64.rpm
>>>
>>>
>>> | 391 kB 00:00:00
>>> > (2/9): 389-admin-console-1.1.12-1.el7.noarch.rpm
>>>
>>>
>>> | 204 kB 00:00:00
>>> > (3/9): 389-admin-console-doc-1.1.12-1.el7.noarch.rpm
>>>
>>>
>>> | 45 kB 00:00:00
>>> > (4/9): 389-adminutil-1.1.21-2.el7.x86_64.rpm
>>>
>>>
>>> | 73 kB 00:00:00
>>> > (5/9): 389-console-1.1.18-1.el7.noarch.rpm
>>>
>>>
>>> | 75 kB 00:00:00
>>> > (6/9): 389-ds-1.2.2-6.el7.noarch.rpm
>>>
>>>
>>> | 11 kB 00:00:00
>>> > (7/9): 389-ds-console-1.2.16-1.el7.no
>>> <http://389-ds-console-1.2.16-1.el7.no>arch.rpm
>>>
>>> |
>>> 1.4 MB 00:00:02
>>> > (8/9): 389-ds-console-doc-1.2.16-1.el7.noarch.rpm
>>>
>>>
>>> | 57 kB 00:00:00
>>> > (9/9): 389-dsgw-1.1.11-5.el7.x86_64.rpm
>>>
>>> |
>>> 513 kB 00:00:00
>>> >
>>> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>>> > Total
>>>
>>> 842 kB/s |
>>> 5.1 MB 00:00:06
>>> > Running transaction check
>>> > Running transaction test
>>> > Transaction test succeeded
>>> > Running transaction
>>> > Installing : 389-adminutil-1.1.21-2.el7.x86_64
>>>
>>>
>>> 1/11
>>> > Installing : 389-console-1.1.18-1.el7.noarch
>>>
>>>
>>> 2/11
>>> > Installing : 389-ds-base-libs-1.3.6.1-19.el7_4.x86_64
>>>
>>>
>>> 3/11
>>> > Installing : 389-ds-base-1.3.6.1-19.el7_4.x86_64
>>>
>>>
>>> 4/11
>>> > Installing : 389-admin-1.1.46-1.el7.x86_64
>>>
>>>
>>> 5/11
>>> > Installing : 389-admin-console-1.1.12-1.el7.noarch
>>>
>>>
>>> 6/11
>>> > Installing : 389-ds-console-1.2.16-1.el7.no
>>> <http://389-ds-console-1.2.16-1.el7.no>arch
>>>
>>>
>>> 7/11
>>> > Installing : 389-ds-console-doc-1.2.16-1.el7.noarch
>>>
>>>
>>> 8/11
>>> > Installing : 389-admin-console-doc-1.1.12-1.el7.noarch
>>>
>>>
>>> 9/11
>>> > Installing : 389-dsgw-1.1.11-5.el7.x86_64
>>>
>>>
>>> 10/11
>>> > Installing : 389-ds-1.2.2-6.el7.noarch
>>>
>>>
>>> 11/11
>>> > Verifying : 389-adminutil-1.1.21-2.el7.x86_64
>>>
>>>
>>> 1/11
>>> > Verifying : 389-dsgw-1.1.11-5.el7.x86_64
>>>
>>>
>>> 2/11
>>> > Verifying : 389-admin-console-doc-1.1.12-1.el7.noarch
>>>
>>>
>>> 3/11
>>> > Verifying : 389-ds-console-doc-1.2.16-1.el7.noarch
>>>
>>>
>>> 4/11
>>> > Verifying : 389-ds-base-1.3.6.1-19.el7_4.x86_64
>>>
>>>
>>> 5/11
>>> > Verifying : 389-admin-console-1.1.12-1.el7.noarch
>>>
>>>
>>> 6/11
>>> > Verifying : 389-ds-base-libs-1.3.6.1-19.el7_4.x86_64
>>>
>>>
>>> 7/11
>>> > Verifying : 389-ds-1.2.2-6.el7.noarch
>>>
>>>
>>> 8/11
>>> > Verifying : 389-ds-console-1.2.16-1.el7.no
>>> <http://389-ds-console-1.2.16-1.el7.no>arch
>>>
>>>
>>> 9/11
>>> > Verifying : 389-admin-1.1.46-1.el7.x86_64
>>>
>>>
>>> 10/11
>>> > Verifying : 389-console-1.1.18-1.el7.noarch
>>>
>>>
>>> 11/11
>>> >
>>> > Installed:
>>> > 389-ds.noarch 0:1.2.2-6.el7
>>> >
>>> > Dependency Installed:
>>> > 389-admin.x86_64 0:1.1.46-1.el7
>>> 389-admin-console.noarch 0:1.1.12-1.el7
>>> 389-admin-console-doc.noarch 0:1.1.12-1.el7
>>> 389-adminutil.x86_64 0:1.1.21-2.el7
>>> > 389-console.noarch 0:1.1.18-1.el7
>>> 389-ds-base.x86_64 0:1.3.6.1-19.el7_4
>>> 389-ds-base-libs.x86_64 0:1.3.6.1-19.el7_4
>>> 389-ds-console.noarch 0:1.2.16-1.el7
>>> > 389-ds-console-doc.noarch 0:1.2.16-1.el7
>>> 389-dsgw.x86_64 0:1.1.11-5.el7
>>> >
>>> > Complete!
>>> > [root@eldapdch1 etc]# cd /etc/dirsrv/
>>> > [root@eldapdch1 dirsrv]# ll
>>> > total 4
>>> > drwx------. 2 dirsrv root 4096 Oct 6 14:52 admin-serv
>>> > drwxr-xr-x. 2 root root 79 Oct 6 14:52 config
>>> > drwxr-xr-x. 2 root root 28 Oct 6 14:53 dsgw
>>> > drwxr-xr-x. 2 root root 24 Oct 6 14:52 schema
>>> > [root@eldapdch1 dirsrv]# cd schema/
>>> > [root@eldapdch1 schema]# ll
>>> > total 4
>>> > -rw-r--r--. 1 root root 291 Aug 22 06:32 99user.ldif
>>> > _______________________________________________
>>> > 389-users mailing list --
>>> 389-users(a)lists.fedoraproject.org
>>> <mailto:389-users@lists.fedoraproject.org>
>>> > To unsubscribe send an email to
>>> 389-users-leave(a)lists.fedoraproject.org
>>> <mailto:389-users-leave@lists.fedoraproject.org>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
>>> <mailto:389-users@lists.fedoraproject.org>
>>> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
>>> <mailto:389-users-leave@lists.fedoraproject.org>
>>
>>
>
6 years, 6 months
USN and single-master replication?
by Thomas Walker
Hi,
We're currently using 389ds as a backend for sssd and would like to try to improve the performance by enabling USN on the server side. Our current architecture, however, hides the individual client facing ldap servers behind a load-balanced VIP so the client never actually knows which backend it may hit. This poses a problem with USNs because successive requests may not hit the same server and the USNs are local to the server and explicitily not replicated. I understand why this is the case (so that multimaster configs work correctly) but we only run a single master that replicates out to the client-facing ldap servers (which in turn refer any updates back to the master).
It sounds like we would actually *want* to force the replication of the USNs out to the client facing servers (so that it doesn't matter which backend you hit, the numbers will always match) but I can't figure out how to do that (or even if it is possible). The USN plugin adds 'EXCLUDE entryusn' to the default nsDS5ReplicatedAttributeList on startup and my attempts to override it this on the individual replication agreemetns have, thus far, not worked.
Is there some way to make this setup work with USNs?
Thanks...
6 years, 6 months
389DS console with HTTPS
by Vincent CAZAUBON
Hello,
Is it possible to secure communication between my 389DS console on my
Window7 client computer and my 389-admin server on my Centos Server ?
I want to use HTTPS instead HTTP.
Is there any limitation between the server's FQDN and the subject of the
Centos HTTPS server certificate ?
You will find below releases and versions of my main 389 components:
Centos Linux release 7.3.1611 (Core)
389-admin Version: 1.1.46 Release: 1.el7
389-ds-base Version: 1.3.5.10 Release 15.el7_3
389-admin-console Version 1.1.12 Release 1.el7
389-console Version 1.1.18 Release 1.el7
389 Management Console on Windows 7: Console Framework 1.1.14
Best regards,
Vincent CAZAUBON
Centre informatique - Cirti
SI-SECURITE
Architecture/intégrateur ldap
2 rue de Coulongé CS 61911 44319 NANTES Cedex 03
vincent.cazaubon(a)urssaf.fr
Contribuons au respect de l'environnement, n'imprimez ce courriel qu'en
cas de nécessité et ayez le réflexe recto-verso
6 years, 6 months
Announcing 389 Directory Server 1.3.6.9
by Mark Reynolds
389 Directory Server 1.3.6.9
The 389 Directory Server team is proud to announce 389-ds-base
version 1.3.6.9
Fedora packages are available from the Fedora 26.
https://bodhi.fedoraproject.org/updates/FEDORA-2017-800c2374d3
<https://bodhi.fedoraproject.org/updates/FEDORA-2017-c95a212f02>
The new packages and versions are:
* 389-ds-base-1.3.6.9-1 Fedora 26
Source tarballs are available for download at Download
389-ds-base Source
<https://releases.pagure.org/389-ds-base/389-ds-base-1.3.6.9.tar.bz2>
Highlights in 1.3.6.9
* Bug fix
Installation and Upgrade
See Download <http://www.port389.org/docs/389ds/download.html> for
information about setting up your yum repositories.
To install, use *yum install 389-ds* yum install 389-ds After install
completes, run *setup-ds-admin.pl* if you have 389-admin installed,
otherwise please run *setup-ds.pl* to set up your directory server.
To upgrade, use *yum upgrade* yum upgrade After upgrade completes, run
*setup-ds-admin.pl -u* if you have 389-admin installed, otherwise please
run *setup-ds.pl* to update your directory server/admin
server/console information.
See Install_Guide
<http://www.port389.org/docs/389ds/legacy/install-guide.html> for more
information about the initial installation, setup, and upgrade
See Source <http://www.port389.org/docs/389ds/development/source.html>
for information about source tarballs and SCM (git) access.
Feedback
We are very interested in your feedback!
Please provide feedback and comments to the 389-users mailing list:
https://lists.fedoraproject.org/admin/lists/389-users.lists.fedoraproject...
If you find a bug, or would like to see a new feature, file it in our
Pagure project: https://pagure.io/389-ds-base
* Bump version to 1.3.6.9
* Ticket 49392 - memavailable not available
* Ticket 49389 - unable to retrieve specific cosAttribute when subtree
password policy is configured
* Ticket 49180 - backport 1.3.6 errors log filled with
attrlist_replace - attr_replace
* Ticket 49379 - Allowed sasl mapping requires restart
* Ticket 49327 - password expired control not sent during grace logins
* Ticket 49380 - Add CI test
* Ticket 49380 - Crash when adding invalid replication agreement
* Ticket 49370 - local password policies should use the same defaults
as the global policy
* Ticket 49364 - incorrect function declaration.
* Ticket 49368 - Fix typo in log message
6 years, 6 months
Announcing 389 Directory Server 1.3.7.6
by Mark Reynolds
389 Directory Server 1.3.7.6
The 389 Directory Server team is proud to announce 389-ds-base
version 1.3.7.6
Fedora packages are available on Fedora 27.
https://koji.fedoraproject.org/koji/taskinfo?taskID=22353280
<https://koji.fedoraproject.org/koji/buildinfo?buildID=974124> - Fedora 27
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f8b8ef6e03
The new packages and versions are:
* 389-ds-base-1.3.7.6-1
Source tarballs are available for download at Download
389-ds-base Source
<https://releases.pagure.org/389-ds-base/389-ds-base-1.3.7.6.tar.bz2>
Highlights in 1.3.7.6
* Bug fixes
Installation and Upgrade
See Download <http://www.port389.org/docs/389ds/download.html> for
information about setting up your yum repositories.
To install, use *yum install 389-ds* yum install 389-ds After install
completes, run *setup-ds-admin.pl* if you have 389-admin installed,
otherwise please run *setup-ds.pl* to set up your directory server.
To upgrade, use *yum upgrade* yum upgrade After upgrade completes, run
*setup-ds-admin.pl -u* if you have 389-admin installed, otherwise please
run *setup-ds.pl* to update your directory server/admin
server/console information.
See Install_Guide
<http://www.port389.org/docs/389ds/legacy/install-guide.html> for more
information about the initial installation, setup, and upgrade
See Source <http://www.port389.org/docs/389ds/development/source.html>
for information about source tarballs and SCM (git) access.
Feedback
We are very interested in your feedback!
Please provide feedback and comments to the 389-users mailing list:
https://lists.fedoraproject.org/admin/lists/389-users.lists.fedoraproject...
If you find a bug, or would like to see a new feature, file it in our
Pagure project: https://pagure.io/389-ds-base
* Bump verson to 1.3.7.6
* Ticket 49038 - remove legacy replication - change cleanup
script precedence
* Ticket 49392 - memavailable not available
* Ticket 49320 - Activating already active role returns error 16
* Ticket 49389 - unable to retrieve specific cosAttribute when subtree
password policy is configured
* Ticket 49092 - Add CI test for schema-reload
* Ticket 49388 - repl-monitor - matches null string many times in regex
* Ticket 49385 - Fix coverity warnings
* Ticket 49305 - Need to wrap atomic calls
* Ticket 49180 - errors log filled with attrlist_replace - attr_replace
6 years, 6 months
Announcing 389 Directory Server 1.4.0.1
by Mark Reynolds
389 Directory Server 1.4.0.1
The 389 Directory Server team is proud to announce 389-ds-base
version 1.4.0.1
Fedora packages are available on Fedora 28(rawhide).
https://koji.fedoraproject.org/koji/taskinfo?taskID=22352819
<https://koji.fedoraproject.org/koji/buildinfo?buildID=974103> - Fedora
28 (rawhide)
The new packages and versions are:
* 389-ds-base-1.4.0.1-1
Source tarballs are available for download at Download
389-ds-base Source
<https://releases.pagure.org/389-ds-base/389-ds-base-1.4.0.1.tar.bz2>
Highlights in 1.4.0.1
* Version change
Installation and Upgrade
See Download <http://www.port389.org/docs/389ds/download.html> for
information about setting up your yum repositories.
To install, use *yum install 389-ds* yum install 389-ds After install
completes, run *setup-ds-admin.pl* if you have 389-admin installed,
otherwise please run *setup-ds.pl* to set up your directory server.
To upgrade, use *yum upgrade* yum upgrade After upgrade completes, run
*setup-ds-admin.pl -u* if you have 389-admin installed, otherwise please
run *setup-ds.pl* to update your directory server/admin
server/console information.
See Install_Guide
<http://www.port389.org/docs/389ds/legacy/install-guide.html> for more
information about the initial installation, setup, and upgrade
See Source <http://www.port389.org/docs/389ds/development/source.html>
for information about source tarballs and SCM (git) access.
Feedback
We are very interested in your feedback!
Please provide feedback and comments to the 389-users mailing list:
https://lists.fedoraproject.org/admin/lists/389-users.lists.fedoraproject...
If you find a bug, or would like to see a new feature, file it in our
Pagure project: https://pagure.io/389-ds-base
* Bump version to 1.4.0.1
* Ticket 49038 - remove legacy replication - change cleanup
script precedence
* Ticket 49392 - memavailable not available
* Ticket 49235 - pbkdf2 by default
* Ticket 49279 - remove dsktune
* Ticket 49372 - filter optimisation improvements for common queries
* Ticket 49320 - Activating already active role returns error 16
* Ticket 49389 - unable to retrieve specific cosAttribute when subtree
password policy is configured
* Ticket 49092 - Add CI test for schema-reload
* Ticket 49388 - repl-monitor - matches null string many times in regex
* Ticket 49387 - pbkdf2 settings were too aggressive
* Ticket 49385 - Fix coverity warnings
* Ticket 49305 - Need to wrap atomic calls
* Ticket 48973 - Indexing a ExactIA5Match attribute with a
IgnoreIA5Match matching rule triggers a warning
* Ticket 49378 - server init fails
* Ticket 49305 - Need to wrap atomic calls
* Ticket 49180 - add CI test
* Ticket 49180 - errors log filled with attrlist_replace - attr_replace
6 years, 6 months
Outreachy 2017
by Dristi Butola
Hi
I hope to participate in Outreachy 2017 under Fedora in the project 389
Directory, mentored by William Brown.
I am fluent with the skills mentioned for the project. How should I start
the application process and my contributions to be a strong candidate for
this project.
Gratitude.
6 years, 6 months