Hi,
I have attached nsslapd-errorlog. Please check and let me know.
On Mon, Nov 29, 2021 at 9:06 AM William Brown <william.brown(a)suse.com>
wrote:
You only needed to send that one entry from dse.ldif! You just sent
us the
whole dse.ldif with your nsslapd-rootpw hash, and your replication manager
password.
You now need to assume these are all compromised, and you need to reset
them all, on all your directory servers. I'm sorry to tell you this ....
You also still haven't sent the nsslapd-errorlog-level in the config. You
seem to be really struggling here ...
> On 29 Nov 2021, at 13:22, Dhivagar A <ssdhivagar(a)gmail.com> wrote:
>
> Hi Team,
>
> Thanks for the clarification.
>
> I have removed the entry from the dse.ldif file and attached it to this
email.
>
> On Mon, Nov 29, 2021 at 8:10 AM William Brown <william.brown(a)suse.com>
wrote:
> I'm sorry if what I said wasn't clear. You need to *send us* that entry
from dse.ldif so that we can look at it, but when you send that to us you
need to remove that line.
>
> By removing this from dse.ldif you just broken your replication
agreement, so you'll need to re-add the credentials.
>
>
> To set the log level you need to use the dsconf command to change
nsslapd-errorlog-level.
>
> > On 29 Nov 2021, at 12:18, Dhivagar A <ssdhivagar(a)gmail.com> wrote:
> >
> > Hi,
> >
> > I have removed the line "nsDS5ReplicaCredentials" from dse.ldif.
After
restart the service.
> >
> > Error log:
> >
> > [29/Nov/2021:07:19:53.908626723 +051800] - INFO - main - 389-Directory/
1.3.10.2 B2021.287.1227 starting up
> > [29/Nov/2021:07:19:53.908781373 +051800] - INFO - main - Setting the
maximum file descriptor limit to: 16384
> > [29/Nov/2021:07:19:58.015480108 +051800] - INFO -
ldbm_instance_config_cachememsize_set - force a minimal value 512000
> > [29/Nov/2021:07:19:58.021871694 +051800] - INFO -
ldbm_instance_config_cachememsize_set - force a minimal value 512000
> > [29/Nov/2021:07:19:58.027991820 +051800] - NOTICE - ldbm_back_start -
found 3880196k physical memory
> > [29/Nov/2021:07:19:58.028167643 +051800] - NOTICE - ldbm_back_start -
found 3253888k available
> > [29/Nov/2021:07:19:58.028307714 +051800] - NOTICE - ldbm_back_start -
cache autosizing: db cache: 97004k
> > [29/Nov/2021:07:19:58.028455119 +051800] - NOTICE - ldbm_back_start -
cache autosizing: userRoot entry cache (2 total): 131072k
> > [29/Nov/2021:07:19:58.029137403 +051800] - NOTICE - ldbm_back_start -
cache autosizing: userRoot dn cache (2 total): 65536k
> > [29/Nov/2021:07:19:58.029553007 +051800] - NOTICE - ldbm_back_start -
cache autosizing: NetscapeRoot entry cache (2 total): 131072k
> > [29/Nov/2021:07:19:58.030246904 +051800] - NOTICE - ldbm_back_start -
cache autosizing: NetscapeRoot dn cache (2 total): 65536k
> > [29/Nov/2021:07:19:58.030633784 +051800] - NOTICE - ldbm_back_start -
total cache size: 482119597 B;
> > [29/Nov/2021:07:19:58.132875637 +051800] - ERR - NSMMReplicationPlugin
- agmt_is_valid - Replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" is malformed: a bind DN and password must be supplied for
authentication method "SIMPLE"
> > [29/Nov/2021:07:19:58.133160791 +051800] - ERR - NSMMReplicationPlugin
- agmt_new_from_entry - Failed to parse agreement, skipping.
> > [29/Nov/2021:07:19:58.140532467 +051800] - INFO - slapd_daemon - slapd
started. Listening on All Interfaces port 389 for LDAP requests
> > [29/Nov/2021:07:19:58.140777653 +051800] - INFO - slapd_daemon -
Listening on All Interfaces port 636 for LDAPS requests
> > [29/Nov/2021:07:22:08.139657332 +051800] - WARN -
NSMMReplicationPlugin - agmtlist_modify_callback - Received a modification
for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config"
> > [29/Nov/2021:07:22:08.152614757 +051800] - WARN -
NSMMReplicationPlugin - agmtlist_modify_callback - Received a modification
for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config"
> > [29/Nov/2021:07:23:43.481717340 +051800] - WARN -
NSMMReplicationPlugin - agmtlist_modify_callback - Received a modification
for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config"
> > [29/Nov/2021:07:27:39.184573271 +051800] - WARN -
NSMMReplicationPlugin - agmtlist_modify_callback - Received a modification
for unknown replication agreement
"cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config"
> >
> >
> > Access log:
> >
> > [29/Nov/2021:07:27:58.246409555 +051800] conn=3 op=1621504 SRCH
base="cn=replication,cn=config" scope=2 filter="(objectClass=*)"
attrs=ALL
> > [29/Nov/2021:07:27:58.246495268 +051800] conn=3 op=1621504 RESULT
err=0 tag=101 nentries=1 wtime=0.000058722 optime=0.000087634
etime=0.000144687
> > [29/Nov/2021:07:27:58.246745817 +051800] conn=3 op=1621505 SRCH
base="cn=mapping tree,cn=config" scope=2
filter="(|(objectClass=nsDS5ReplicationAgreement)(objectClass=LDAPReplica)(objectClass=nsDSWindowsReplicationAgreement))"
attrs=ALL
> > [29/Nov/2021:07:27:58.246914678 +051800] conn=3 op=1621505 RESULT
err=0 tag=101 nentries=1 wtime=0.000063352 optime=0.000170331
etime=0.000231855
> > [29/Nov/2021:07:27:58.247145331 +051800] conn=3 op=1621506 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))"
attrs="nsds5replicaLastUpdateStart nsds5replicaLastUpdateEnd
nsds5replicaChangesSentSinceStartup nsds5replicaLastUpdateStatus
nsds5replicaUpdateInProgress nsds5replicaLastInitStart
nsds5replicaLastInitEnd nsds5replicaLastInitStatus nsds5BeginReplicaRefresh"
> > [29/Nov/2021:07:27:58.247227360 +051800] conn=3 op=1621506 RESULT
err=0 tag=101 nentries=1 wtime=0.000051133 optime=0.000083721
etime=0.000133737
> > [29/Nov/2021:07:28:02.294754452 +051800] conn=3 op=1621507 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
> > [29/Nov/2021:07:28:02.294925282 +051800] conn=3 op=1621507 RESULT
err=0 tag=101 nentries=1 wtime=0.000079217 optime=0.000173837
etime=0.000251265
> > [29/Nov/2021:07:28:02.295800388 +051800] conn=3 op=1621508 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))"
attrs="description"
> > [29/Nov/2021:07:28:02.295898180 +051800] conn=3 op=1621508 RESULT
err=0 tag=101 nentries=1 wtime=0.000807492 optime=0.000099189
etime=0.000905100
> > [29/Nov/2021:07:28:02.297138601 +051800] conn=3 op=1621509 SRCH
base="cn=winsync,cn=replica,cn=dc\3Dldapauth\2Cdc\3Dcom,cn=mapping
tree,cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
> > [29/Nov/2021:07:28:02.297229867 +051800] conn=3 op=1621509 RESULT
err=0 tag=101 nentries=1 wtime=0.001202980 optime=0.000092490
etime=0.001293973
> >
> > how to change the
> > value 8192 of logs.
> > _______________________________________________
> > 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> > To unsubscribe send an email to
389-users-leave(a)lists.fedoraproject.org
> > Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> > Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
>
> --
> Sincerely,
>
> William Brown
>
> Senior Software Engineer, Identity and Access Management
> SUSE Labs, Australia
> _______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
> <dse.zip>_______________________________________________
> 389-users mailing list -- 389-users(a)lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
> Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
Sincerely,
William Brown
Senior Software Engineer, Identity and Access Management
SUSE Labs, Australia
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure