hi,
On Fri, Nov 22, 2019 at 4:41 AM William Brown <wbrown(a)suse.de> wrote:
> On 21 Nov 2019, at 16:13, cool dharma06 <cooldharma06(a)gmail.com> wrote:
>
> Hi,
>
>
> On Thu, Nov 21, 2019 at 7:48 AM William Brown <wbrown(a)suse.de> wrote:
> >
> >
> > > On 21 Nov 2019, at 10:49, cool dharma06 <cooldharma06(a)gmail.com>
wrote:
> > >
> >
> > > Hi William,
> > >
> > > Thanks for your reply.
> > >
> > > I want to enable 389ds to generate nsUniqueID, modifiedTimestamp, creators
name for all enteries which is added/getting added to 389-ds. Any suggestions or reference
link to enable this.
> >
> > They are all generated by default as part of the server - it may be the access
controls preventing you from viewing them instead ....
>
> Sure, I will verify the access policy. And I used following commands to retrieve the
user information.
>
> $ dsidm ceenext-sles account get-by-dn
> Enter dn to retrieve : cn=sudo,ou=Groups,dc=cee,dc=test,dc=com
> dn: cn=sudo,ou=Groups,dc=cee,dc=test,dc=com
> cn: sudo
> gidNumber: 1950
> objectClass: posixGroup
> objectClass: groupOfNames
> objectClass: top
You already have dsidm as a command ?! Which suse version are you on.
I am using
SLES 15.1. I installed 389-ds-base from SUSE repo.
Lib386-XXX.rpm i took from Tumbleweed.
Anyway, trying looking at the entry as "cn=Directory
Manager" instead of anonymous, as cn=dm bypasses aci's.
Thanks for your suggestions, now i am able to view all the attributes.
>
> > >
> > >
> > > I have OpenLdap set up with replication enabled and I want to make one
more 389-ds with replication in sles 15.1 machine . I am unable to find admin-console
package.
> > > So I installed lib389 rpm and I am using dsctl, dsidm, dsconf tools to
experiment and add users in my local 389ds setup.
> >
> > SUSE does not ship admin-console, and never will - we are in the process of
actually bringing the new ds* tools into SLE 15.0 and 15.1 which will make it much easier
to administer the server. You can see these on the wiki or on Red Hat's correspending
389 docs
> >
> >
http://www.port389.org/docs/389ds/howto/quickstart.html
> >
https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/
> >
> > We are also in the progress of releasing 389-ds docs for SUSE as well,
>
> It will be very helpful if you share the ds* tools and 389-ds docs release dates.
I don't have a release date yet I'm sorry - not because I can't share, but
because there is some administration going on with the packages and I'm not sure of
when it will be done (but it's necessary steps :) )
No issue and thanks for the information. If official SUSE packages are
there it will very useful.
>
> > >
> > > Once it's done I am planning to enable sync and replication in
389-ds.
> > >
> > > It will be very helpful if u have any guidelines on this.
> >
> > 389-ds can replicate with other 389-ds servers, but *not* openldap. So I think
you need to do a datamigration ....
>
> Yes, with multiple 389-ds i am planning for replication. Any guidelines or reference
link to configure replication.
In the red_hat_directory_server/11 link from redhat, look at their replication section :)
Thank you, I will verify the redhat Guide links.
> >
> > >
> > > >
> > > > Thanks & Regards
> > > > cooldharma06
> > > >
> > > >
> > > > On Thu, Nov 21, 2019, 4:33 AM William Brown <wbrown(a)suse.de>
wrote:
> > > >
> > > >
> > > > > On 20 Nov 2019, at 15:41, cool dharma06
<cooldharma06(a)gmail.com> wrote:
> > > > >
> > > > > Hi all,
> > > > >
> > > > > i have OpenLDAP in my environment. And i am experimenting 389-ds
and their functionalities. In my OpenLDAP, i have entries with following attributes:
> > > > > entryCSN, contextCSN, entryUUID.
> > > > >
> > > > > 1. For entryCSN and contextCSN - any equivalent attribute
available in 389-ds
> > > > >
> > > > > 2. When i check for the above attributes in 389-ds, i am unable
to find those attributes. From the post link, its mentioned like we can use nsUniqueID in
place of entryUUID. but we might face issue during Sync/repl.
> > > > >
> > > > > Is this issue got fixed.
> > > > >
https://pagure.io/389-ds-base/issue/137
> > > > >
> > > > > Any suggestions for the above queries.
> > > >
> > > > OpenLDAP and 389-ds use a really different replication model.
That's probably why you can't find the same types and datapoints.
> > > >
> > > > My question is "what are you trying to achieve". You
shouldn't need to look at our replication state, that's an internal detail.
> > > >
> > > > If you want a "did this entry change" look at the entryUSN
plugin.
> > > >
> > > > If you need the entries unique id, look at nsUniqueID attribute - we
have spoken about adding entryUUID too, but it's just never materialised.
> > > >
> > > > It's not recommended to set nsUniqueID manually, you should let
389-ds generate that itself.
> > > >
> > > > Does that help? Really happy to help as much as possible with your
389-ds experimenting :)
> > > >
> > > > >
> > > > > Thanks & Regards
> > > > > cooldharma06
> > > > > _______________________________________________
> > > > > 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> > > > > To unsubscribe send an email to
389-users-leave(a)lists.fedoraproject.org
> > > > > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > > List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> > > >
> > > > —
> > > > Sincerely,
> > > >
> > > > William Brown
> > > >
> > > > Senior Software Engineer, 389 Directory Server
> > > > SUSE Labs
> > > > _______________________________________________
> > > > 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> > > > To unsubscribe send an email to
389-users-leave(a)lists.fedoraproject.org
> > > > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> > > > _______________________________________________
> > > > 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> > > > To unsubscribe send an email to
389-users-leave(a)lists.fedoraproject.org
> > > > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > > List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> > >
> > > —
> > > Sincerely,
> > >
> > > William Brown
> > >
> > > Senior Software Engineer, 389 Directory Server
> > > SUSE Labs
> > > _______________________________________________
> > > 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> > > To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> > > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> > _______________________________________________
> > 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> > To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
>
> —
> Sincerely,
>
> William Brown
>
> Senior Software Engineer, 389 Directory Server
> SUSE Labs
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...