You only needed to send that one entry from dse.ldif! You just sent us the whole dse.ldif
with your nsslapd-rootpw hash, and your replication manager password.
You now need to assume these are all compromised, and you need to reset them all, on all
your directory servers. I'm sorry to tell you this ....
You also still haven't sent the nsslapd-errorlog-level in the config. You seem to be
really struggling here ...
On 29 Nov 2021, at 13:22, Dhivagar A <ssdhivagar(a)gmail.com>
wrote:
Hi Team,
Thanks for the clarification.
I have removed the entry from the dse.ldif file and attached it to this email.
On Mon, Nov 29, 2021 at 8:10 AM William Brown <william.brown(a)suse.com> wrote:
I'm sorry if what I said wasn't clear. You need to *send us* that entry from
dse.ldif so that we can look at it, but when you send that to us you need to remove that
line.
By removing this from dse.ldif you just broken your replication agreement, so you'll
need to re-add the credentials.
To set the log level you need to use the dsconf command to change nsslapd-errorlog-level.
> On 29 Nov 2021, at 12:18, Dhivagar A <ssdhivagar(a)gmail.com> wrote:
>
> Hi,
>
> I have removed the line "nsDS5ReplicaCredentials" from dse.ldif. After
restart the service.
>
> Error log:
>
> [29/Nov/2021:07:19:53.908626723 +051800] - INFO - main - 389-Directory/1.3.10.2
B2021.287.1227 starting up
> [29/Nov/2021:07:19:53.908781373 +051800] - INFO - main - Setting the maximum file
descriptor limit to: 16384
> [29/Nov/2021:07:19:58.015480108 +051800] - INFO -
ldbm_instance_config_cachememsize_set - force a minimal value 512000
> [29/Nov/2021:07:19:58.021871694 +051800] - INFO -
ldbm_instance_config_cachememsize_set - force a minimal value 512000
> [29/Nov/2021:07:19:58.027991820 +051800] - NOTICE - ldbm_back_start - found 3880196k
physical memory
> [29/Nov/2021:07:19:58.028167643 +051800] - NOTICE - ldbm_back_start - found 3253888k
available
> [29/Nov/2021:07:19:58.028307714 +051800] - NOTICE - ldbm_back_start - cache
autosizing: db cache: 97004k
> [29/Nov/2021:07:19:58.028455119 +051800] - NOTICE - ldbm_back_start - cache
autosizing: userRoot entry cache (2 total): 131072k
> [29/Nov/2021:07:19:58.029137403 +051800] - NOTICE - ldbm_back_start - cache
autosizing: userRoot dn cache (2 total): 65536k
> [29/Nov/2021:07:19:58.029553007 +051800] - NOTICE - ldbm_back_start - cache
autosizing: NetscapeRoot entry cache (2 total): 131072k
> [29/Nov/2021:07:19:58.030246904 +051800] - NOTICE - ldbm_back_start - cache
autosizing: NetscapeRoot dn cache (2 total): 65536k
> [29/Nov/2021:07:19:58.030633784 +051800] - NOTICE - ldbm_back_start - total cache
size: 482119597 B;
> [29/Nov/2021:07:19:58.132875637 +051800] - ERR - NSMMReplicationPlugin -
agmt_is_valid - Replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping tree,cn=config" is
malformed: a bind DN and password must be supplied for authentication method
"SIMPLE"
> [29/Nov/2021:07:19:58.133160791 +051800] - ERR - NSMMReplicationPlugin -
agmt_new_from_entry - Failed to parse agreement, skipping.
> [29/Nov/2021:07:19:58.140532467 +051800] - INFO - slapd_daemon - slapd started.
Listening on All Interfaces port 389 for LDAP requests
> [29/Nov/2021:07:19:58.140777653 +051800] - INFO - slapd_daemon - Listening on All
Interfaces port 636 for LDAPS requests
> [29/Nov/2021:07:22:08.139657332 +051800] - WARN - NSMMReplicationPlugin -
agmtlist_modify_callback - Received a modification for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping tree,cn=config"
> [29/Nov/2021:07:22:08.152614757 +051800] - WARN - NSMMReplicationPlugin -
agmtlist_modify_callback - Received a modification for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping tree,cn=config"
> [29/Nov/2021:07:23:43.481717340 +051800] - WARN - NSMMReplicationPlugin -
agmtlist_modify_callback - Received a modification for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping tree,cn=config"
> [29/Nov/2021:07:27:39.184573271 +051800] - WARN - NSMMReplicationPlugin -
agmtlist_modify_callback - Received a modification for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping tree,cn=config"
>
>
> Access log:
>
> [29/Nov/2021:07:27:58.246409555 +051800] conn=3 op=1621504 SRCH
base="cn=replication,cn=config" scope=2 filter="(objectClass=*)"
attrs=ALL
> [29/Nov/2021:07:27:58.246495268 +051800] conn=3 op=1621504 RESULT err=0 tag=101
nentries=1 wtime=0.000058722 optime=0.000087634 etime=0.000144687
> [29/Nov/2021:07:27:58.246745817 +051800] conn=3 op=1621505 SRCH
base="cn=mapping tree,cn=config" scope=2
filter="(|(objectClass=nsDS5ReplicationAgreement)(objectClass=LDAPReplica)(objectClass=nsDSWindowsReplicationAgreement))"
attrs=ALL
> [29/Nov/2021:07:27:58.246914678 +051800] conn=3 op=1621505 RESULT err=0 tag=101
nentries=1 wtime=0.000063352 optime=0.000170331 etime=0.000231855
> [29/Nov/2021:07:27:58.247145331 +051800] conn=3 op=1621506 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))"
attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd
nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus
nsds5replicaUpdateInProgress nsds5replicaLastInitStart nsds5replicaLastInitEnd
nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"
> [29/Nov/2021:07:27:58.247227360 +051800] conn=3 op=1621506 RESULT err=0 tag=101
nentries=1 wtime=0.000051133 optime=0.000083721 etime=0.000133737
> [29/Nov/2021:07:28:02.294754452 +051800] conn=3 op=1621507 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
> [29/Nov/2021:07:28:02.294925282 +051800] conn=3 op=1621507 RESULT err=0 tag=101
nentries=1 wtime=0.000079217 optime=0.000173837 etime=0.000251265
> [29/Nov/2021:07:28:02.295800388 +051800] conn=3 op=1621508 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))"
attrs="description"
> [29/Nov/2021:07:28:02.295898180 +051800] conn=3 op=1621508 RESULT err=0 tag=101
nentries=1 wtime=0.000807492 optime=0.000099189 etime=0.000905100
> [29/Nov/2021:07:28:02.297138601 +051800] conn=3 op=1621509 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
> [29/Nov/2021:07:28:02.297229867 +051800] conn=3 op=1621509 RESULT err=0 tag=101
nentries=1 wtime=0.001202980 optime=0.000092490 etime=0.001293973
>
> how to change the
> value 8192 of logs.
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
Sincerely,
William Brown
Senior Software Engineer, Identity and Access Management
SUSE Labs, Australia
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
<dse.zip>_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
Sincerely,
William Brown
Senior Software Engineer, Identity and Access Management
SUSE Labs, Australia