t b wrote: >> From: fedora-directory-users-request at redhat.com >> Reply-To: fedora-directory-users at redhat.com >> To: fedora-directory-users at redhat.com >> Subject: Fedora-directory-users Digest, Vol 19, Issue 3 >> Date: Sat, 2 Dec 2006 12:00:05 -0500 (EST) >> >> Send Fedora-directory-users mailing list submissions to >> fedora-directory-users at redhat.com >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> or, via email, send a message with subject or body 'help' to >> fedora-directory-users-request at redhat.com >> >> You can reach the person managing the list at >> fedora-directory-users-owner at redhat.com >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Fedora-directory-users digest..." >> >> >> Today's Topics: >> >> 1. Re: RE: Fedora-directory-users Digest, Vol 19, Issue 1 >> (Richard Megginson) >> 2. Re: AD + FDS sync stops working? (To Ngan) >> 3. Re: Memory usage (koniczynek) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Fri, 01 Dec 2006 12:55:24 -0700 >> From: Richard Megginson <rmeggins at redhat.com> >> Subject: Re: RE: Fedora-directory-users >> Digest, Vol 19, Issue 1 >> To: "General discussion list for the Fedora Directory server project." >> <fedora-directory-users at redhat.com> >> Message-ID: <457088AC.1030004 at redhat.com> >> Content-Type: text/plain; charset="iso-8859-1" >> >> t b wrote: >> > My logs seem to indicate that the connection is being encrypted; I can >> > ssh to a client server and get the password prompt, but when I enter >> > the password it just returns me to the password prompt again >> > >> > [01/Dec/2006:19:47:44 -0500] conn=650 fd=69 slot=69 connection from >> > xxx.xxx.xxx.xxx to xxx.xxx.xxx.xxx >> > [01/Dec/2006:19:47:44 -0500] conn=650 op=0 EXT >> > oid="1.3.6.1.4.1.1466.20037" name="startTLS" >> > [01/Dec/2006:19:47:44 -0500] conn=650 op=0 RESULT err=0 tag=120 >> > nentries=0 etime=0 >> > [01/Dec/2006:19:47:44 -0500] conn=650 SSL 256-bit AES >> All of this means the client was able to successfully perform the >> startTLS extended operation and start using SSL. >> > [01/Dec/2006:19:47:44 -0500] conn=650 op=1 UNBIND >> > [01/Dec/2006:19:47:44 -0500] conn=650 op=1 fd=69 closed - U1 >> The UNBIND means the client had a problem and closed the connection. >> Does the client print any errors? Are there any messages in the server >> error log? > > On the client server it show, > > sshd[24149]: Failed password for invalid user xxxxx from > xxx.xxx.xxx.xxx port xxx ssh2 > > > > > > > > > >> > >> > If I disable TLS everything works fine, the client server can query >> > the FDS and auth the client properly >> > >> > I am not sure if the problem has to do with the pam_ldap not properly >> > formatted or the cert file not in proper format >> > >> > Does anyone have an example of what the pam_ldap config should look >> > like? or suggestions on checking whether the cert file is in proper >> > format >> I'm not sure. PAM needs the ca cert of the CA that issued the directory >> server server cert. See >> http://directory.fedora.redhat.com/wiki/Howto:SSL for more information. >> > > > That was the info I used to do the SSL setup, but I only see a part of > the log output they indicated, > > Their logs, > > [18/Jul/2005:20:33:36 -0400] conn=4 op=0 EXT > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > [18/Jul/2005:20:33:36 -0400] conn=4 op=0 RESULT err=0 tag=120 > nentries=0 etime=0 > [18/Jul/2005:20:33:36 -0400] conn=4 SSL 256-bit AES > [18/Jul/2005:20:33:36 -0400] conn=4 op=1 BIND dn="" method=128 version=3 > [18/Jul/2005:20:33:36 -0400] conn=4 op=1 RESULT err=0 tag=97 > nentries=0 etime=0 dn="" > [18/Jul/2005:20:33:36 -0400] conn=4 op=2 SRCH base="dc=example,dc=com" > scope=2 filter="(uid=testuser)" attrs=ALL > > My Logs, > > [04/Dec/2006:14:35:52 -0500] conn=757 op=0 EXT > oid="1.3.6.1.4.1.1466.20037" name="startTLS" > [04/Dec/2006:14:35:52 -0500] conn=757 op=0 RESULT err=0 tag=120 > nentries=0 etime=0 > [04/Dec/2006:14:35:52 -0500] conn=757 SSL 256-bit AES > [04/Dec/2006:14:35:52 -0500] conn=757 op=1 UNBIND > [04/Dec/2006:14:35:52 -0500] conn=757 op=1 fd=71 closed - U1 > > For some reason my setup dies just before querying the FDS to > determine user details > > Do you know of any tests that I can run just on the client server to > determine proper confuguration? Firstly, try /usr/bin/ldapsearch to see if you can use startTLS and bind as your user. > > > > > >> > Also what's the UNBIND shown in the logs? >> > >> > Thanks >> > >> >> From: fedora-directory-users-request at redhat.com >> >> Reply-To: fedora-directory-users at redhat.com >> >> To: fedora-directory-users at redhat.com >> >> Subject: Fedora-directory-users Digest, Vol 19, Issue 1 >> >> Date: Fri, 1 Dec 2006 12:00:06 -0500 (EST) >> >> >> >> Send Fedora-directory-users mailing list submissions to >> >> fedora-directory-users at redhat.com >> >> >> >> To subscribe or unsubscribe via the World Wide Web, visit >> >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> or, via email, send a message with subject or body 'help' to >> >> fedora-directory-users-request at redhat.com >> >> >> >> You can reach the person managing the list at >> >> fedora-directory-users-owner at redhat.com >> >> >> >> When replying, please edit your Subject line so it is more specific >> >> than "Re: Contents of Fedora-directory-users digest..." >> >> >> >> >> >> Today's Topics: >> >> >> >> 1. pam_ldap with SSL/TLS (t b) >> >> 2. RE: pam_ldap with SSL/TLS (Morris, Patrick) >> >> 3. Re: pam_ldap with SSL/TLS (Richard Megginson) >> >> 4. Problem with SSL console in X in specific circumstances >> >> (Philip Kime) >> >> 5. FW: Extracting details from >> >> ActiveDirectoryto FDS (Paxton, Darren) >> >> 6. alias in fedora directory server (patrick ndjientcheu ngandjui) >> >> 7. Re: FW: Extracting details from >> >> ActiveDirectoryto FDS (Nicholas Byrne) >> >> 8. Re: Memory usage (koniczynek) >> >> 9. Re: Memory usage (David Boreham) >> >> 10. Re: Memory usage (koniczynek) >> >> >> >> >> >> >> ---------------------------------------------------------------------- >> >> >> >> Message: 1 >> >> Date: Thu, 30 Nov 2006 12:31:50 -0500 >> >> From: "t b" <mxheadroom at hotmail.com> >> >> Subject: pam_ldap with SSL/TLS >> >> To: fedora-directory-users at redhat.com >> >> Message-ID: <BAY116-F322745E96D702ED748B1D0CDDB0 at phx.gbl> >> >> Content-Type: text/plain; format=flowed >> >> >> >> I am trying to setup pam_ldap to use TLS to communicate with the FDS, >> >> but >> >> having lots of problems doing so; it works if I use the unencrypted >> >> way but >> >> not if I use ldaps ( port 636 ) >> >> >> >> I used the instructions at, >> >> http://directory.fedora.redhat.com/wiki/Howto:PAM >> >> >> >> Has anyone gotten PAM to work TLS >> >> >> >> >> >> Thanks >> >> >> >> _________________________________________________________________ >> >> Buy, Load, Play. The new Sympatico / MSN Music Store works seamlessly >> >> with >> >> Windows Media Player. Just Click PLAY. >> >> >> http://musicstore.sympatico.msn.ca/content/viewer.aspx?cid=SMS_Sept192006 >> >> >> >> >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 2 >> >> Date: Thu, 30 Nov 2006 13:00:56 -0500 >> >> From: "Morris, Patrick" <patrick.morris at hp.com> >> >> Subject: RE: pam_ldap with SSL/TLS >> >> To: "General discussion list for the Fedora Directory server >> project." >> >> <fedora-directory-users at redhat.com> >> >> Message-ID: >> >> >> <CD18C81835E18A40A64C4A0D16A237BE05FE850D at ATAEXC01.americas.cpqcorp.net> >> >> >> >> >> >> Content-Type: text/plain; charset="US-ASCII" >> >> >> >> > I am trying to setup pam_ldap to use TLS to communicate with >> >> > the FDS, but having lots of problems doing so; it works if I >> >> > use the unencrypted way but not if I use ldaps ( port 636 ) >> >> >> >> Someone should jump in here and correct me if I'm wrong, but I >> believe >> >> it's normal for TLS connections to happen on the standard LDAP port. >> >> You should be able to tell from your logs whether the connection is >> >> encrypted or not. >> >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 3 >> >> Date: Thu, 30 Nov 2006 11:08:08 -0700 >> >> From: Richard Megginson <rmeggins at redhat.com> >> >> Subject: Re: pam_ldap with SSL/TLS >> >> To: "General discussion list for the Fedora Directory server >> project." >> >> <fedora-directory-users at redhat.com> >> >> Message-ID: <456F1E08.40601 at redhat.com> >> >> Content-Type: text/plain; charset="iso-8859-1" >> >> >> >> Morris, Patrick wrote: >> >> >> I am trying to setup pam_ldap to use TLS to communicate with >> >> >> the FDS, but having lots of problems doing so; it works if I >> >> >> use the unencrypted way but not if I use ldaps ( port 636 ) >> >> >> >> >> > >> >> > Someone should jump in here and correct me if I'm wrong, but I >> believe >> >> > it's normal for TLS connections to happen on the standard LDAP >> port. >> >> > You should be able to tell from your logs whether the connection is >> >> > encrypted or not. >> >> > >> >> Yes. The LDAP "preferred" way is to use the startTLS extended >> operation >> >> which starts a TLS session on the non-secure port. This will be >> logged >> >> in the access log. >> >> > -- >> >> > Fedora-directory-users mailing list >> >> > Fedora-directory-users at redhat.com >> >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > >> >> -------------- next part -------------- >> >> A non-text attachment was scrubbed... >> >> Name: smime.p7s >> >> Type: application/x-pkcs7-signature >> >> Size: 3178 bytes >> >> Desc: S/MIME Cryptographic Signature >> >> Url : >> >> >> https://www.redhat.com/archives/fedora-directory-users/attachments/20061130/0634e78a/smime.bin >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 4 >> >> Date: Thu, 30 Nov 2006 18:02:55 -0800 >> >> From: "Philip Kime" <pkime at Shopzilla.com> >> >> Subject: Problem with SSL console in X in >> >> specific circumstances >> >> To: <fedora-directory-users at redhat.com> >> >> Message-ID: >> >> <9C0091F428E697439E7A773FFD083427435BE3 at szexchange.Shopzilla.inc> >> >> Content-Type: text/plain; charset="us-ascii" >> >> >> >> Here's the problem: >> >> >> >> Running startconsole (SSL) to a remote display on a PC X-server >> (xwin32) >> >> works fine and requires that my windows home dir on the PC X-server >> >> machine has .fedora-console/ containing cert8.db and key3.db, as >> you'd >> >> expect. If I rename this dir, the console hangs at the splash >> screen. So >> >> far, so good, all makes sense. >> >> >> >> If I try the same thing to cygwin's X server on same machine or to >> an X >> >> server on a Mac running OSX, startconsole always hangs as if it can't >> >> find ~/.fedora-console on the local machine. I've tried copying >> this dir >> >> to what cygwin/OSX thinks is the user's home dir but no luck. Where >> >> should I put the Cert db files under "real" UNIX X to get the SSL >> >> console to work? Also tried ~/.mmc as per the docs but I could >> never get >> >> this to work. >> >> >> >> PK >> >> >> >> -- >> >> Philip Kime >> >> NOPS Systems Architect >> >> 310 401 0407 >> >> >> >> -------------- next part -------------- >> >> An HTML attachment was scrubbed... >> >> URL: >> >> >> https://www.redhat.com/archives/fedora-directory-users/attachments/20061130/054ecbd6/attachment.html >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 5 >> >> Date: Fri, 1 Dec 2006 08:04:30 -0000 >> >> From: "Paxton, Darren" <Darren.Paxton at mercer.com> >> >> Subject: FW: Extracting details from >> >> ActiveDirectoryto FDS >> >> To: <Fedora-directory-users at redhat.com> >> >> Message-ID: >> >> <52F7C07B119CF4439B7EFBFE0FB3256B027CBD02 at eidwpexms06.mercer.com> >> >> Content-Type: text/plain; charset="us-ascii" >> >> >> >> Skipped content of type multipart/alternative-------------- next part >> >> -------------- >> >> -- >> >> Fedora-directory-users mailing list >> >> Fedora-directory-users at redhat.com >> >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> >> >> ------------------------------ >> >> >> >> Message: 6 >> >> Date: Fri, 1 Dec 2006 08:10:42 +0000 (GMT) >> >> From: patrick ndjientcheu ngandjui <tchen_pat at yahoo.fr> >> >> Subject: alias in fedora directory server >> >> To: Fedora-directory-users at redhat.com >> >> Message-ID: <20061201081042.78578.qmail at web25801.mail.ukl.yahoo.com> >> >> Content-Type: text/plain; charset="iso-8859-1" >> >> >> >> Hi, >> >> I would like to know how to use alias in fedora directory server.It >> >> seems that it is used for point to another entry in the directory,but >> >> i don't know how to use this feature.May someone helps me on this >> >> issue? I would really appreciate an example. >> >> >> >> Thanks >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> ___________________________________________________________________________ >> >> >> >> >> D?couvrez une nouvelle fa?on d'obtenir des r?ponses ? toutes vos >> >> questions ! >> >> Profitez des connaissances, des opinions et des exp?riences des >> >> internautes sur Yahoo! Questions/R?ponses >> >> http://fr.answers.yahoo.com >> >> -------------- next part -------------- >> >> An HTML attachment was scrubbed... >> >> URL: >> >> >> https://www.redhat.com/archives/fedora-directory-users/attachments/20061201/0fa54e4f/attachment.html >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 7 >> >> Date: Fri, 01 Dec 2006 11:50:13 +0000 >> >> From: Nicholas Byrne <nicholas.byrne at quadriga.com> >> >> Subject: Re: FW: Extracting details from >> >> ActiveDirectoryto FDS >> >> To: "General discussion list for the Fedora Directory server >> project." >> >> <fedora-directory-users at redhat.com> >> >> Message-ID: <457016F5.5030202 at quadriga.com> >> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> >> >> Your messages got through - you can confirm by checking the >> archives - >> >> https://www.redhat.com/archives/fedora-directory-users/ >> >> >> >> I'm a new user as well so i'm afraid i can't answer your question, >> but >> >> if you keep asking i'm sure someone will know! >> >> Nick >> >> >> >> Paxton, Darren wrote: >> >> > Apologies for mailing yet again, however either my messages are not >> >> > getting through (something I don't believe as I keep getting the >> post >> >> > to the mailing list) - or for some reason, no one is willing to >> even >> >> > acknowledge my issue. >> >> > >> >> > In the spirit of the community - can someone at least acknowledge a >> >> > message as I find it quite disheartening that I have had no >> replies at >> >> > all even if just to point me somewhere for assistance. >> >> > >> >> > >> >> >> ------------------------------------------------------------------------ >> >> > *From:* fedora-directory-users-bounces at redhat.com >> >> > [mailto:fedora-directory-users-bounces at redhat.com] *On Behalf Of >> >> > *Paxton, Darren >> >> > *Sent:* 30 November 2006 08:46 >> >> > *To:* General discussion list for the Fedora Directory server >> project. >> >> > *Subject:* RE: Extracting details from >> >> > ActiveDirectoryto FDS >> >> > >> >> > Hi >> >> > >> >> > Has anyone had any thoughts on my query or can point me in the >> right >> >> > direction? >> >> > >> >> > As is the nature of AD, I would have thought it is possible to >> extract >> >> > this information using a scope setting or something similar. >> >> > >> >> > Thanks >> >> > >> >> > Darren >> >> > >> >> > >> >> >> ------------------------------------------------------------------------ >> >> > *From:* fedora-directory-users-bounces at redhat.com >> >> > [mailto:fedora-directory-users-bounces at redhat.com] *On Behalf Of >> >> > *Paxton, Darren >> >> > *Sent:* 24 November 2006 14:56 >> >> > *To:* fedora-directory-users at redhat.com >> >> > *Subject:* Extracting details from Active >> >> > Directoryto FDS >> >> > >> >> > Hi all, >> >> > >> >> > I've been tinkering with integrating our Linux devices into our AD >> >> > domain for some time and I've hit a few brick walls, however I've >> >> > recently discovered FDS and the synchronisation features with AD. >> >> > >> >> > I've managed to set up a few replication jobs, however due to the >> >> > extensive nature of our AD, I've realised that the sync only takes >> >> > the group and user objects from the OU or CN being specified. >> >> > >> >> > Is there any way I can specify that it should traverse all >> >> > subtrees of an OU and extract all that information back into FDS? >> >> > >> >> > Thanks >> >> > >> >> > Darren >> >> > >> >> > -- >> >> > Darren Paxton >> >> > EMEA Tier2 >> >> > Red Hat Certified Engineer >> >> > VMware Certified Professional >> >> > MGTI Centralised ops >> >> > >> >> > >> >> > This e-mail and any attachments may be confidential or legally >> >> > privileged.If you received this message in error or are not the >> >> > intended recipient, you should destroy the email message and any >> >> > attachments or copies, and you are prohibited from retaining, >> >> > distributing, disclosing or using any information contained herein. >> >> > Please inform us of the erroneous delivery by return e-mail. >> Thank you >> >> > for your co-operation. >> >> > >> >> > Mercer Human Resource Consulting Limited is authorised and >> regulated >> >> > by the Financial Services Authority. Registered in England No. >> 984275. >> >> > Registered Office: 1 Tower Place West, Tower Place, London, EC3R >> 5BU. >> >> > >> >> > >> >> >> ------------------------------------------------------------------------ >> >> > >> >> > -- >> >> > Fedora-directory-users mailing list >> >> > Fedora-directory-users at redhat.com >> >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > >> >> > >> >> >> ------------------------------------------------------------------------ >> >> > >> >> > -- >> >> > Fedora-directory-users mailing list >> >> > Fedora-directory-users at redhat.com >> >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> > >> >> >> >> >> >> >> >> This e-mail is the property of Quadriga Worldwide Ltd, intended for >> >> the addressee only and confidential. Any dissemination, copying or >> >> distribution of this message or any attachments is strictly >> prohibited. >> >> >> >> If you have received this message in error, please notify us >> >> immediately by replying to the message and deleting it from your >> >> computer. >> >> >> >> Messages sent to and from Quadriga may be monitored. >> >> >> >> Quadriga cannot guarantee any message delivery method is secure or >> >> error-free. Information could be intercepted, corrupted, lost, >> >> destroyed, arrive late or incomplete, or contain viruses. >> >> >> >> We do not accept responsibility for any errors or omissions in this >> >> message and/or attachment that arise as a result of transmission. >> >> >> >> You should carry out your own virus checks before opening any >> >> attachment. >> >> >> >> Any views or opinions presented are solely those of the author and do >> >> not necessarily represent those of Quadriga. >> >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 8 >> >> Date: Fri, 01 Dec 2006 16:45:28 +0100 >> >> From: koniczynek <koniczynek at uaznia.net> >> >> Subject: Re: Memory usage >> >> To: "General discussion list for the Fedora Directory server >> project." >> >> <fedora-directory-users at redhat.com> >> >> Message-ID: <45704E18.3070705 at uaznia.net> >> >> Content-Type: text/plain; charset=ISO-8859-2; format=flowed >> >> >> >> Richard Megginson napisa?(a): >> >> > This is an excellent cache/memory tuning document from a Sun >> employee, >> >> > primarily targeted to Sun DS users, but almost all of the >> >> information is >> >> > relevant to Fedora DS (since they share a common lineage). >> >> > >> >> > http://www.directorymanager.org/blogs/ds_cache_sizing.pdf >> >> Lets say I heven't got much time lately so without thinking I've >> changed >> >> in dse.ldif >> >> nsslapd-import-cache-autosize from -1 to 1 and after restarting I've >> >> started to receive errors like: "3 Time limit exceeded" Someone do >> know >> >> what to do? ;) >> >> >> >> -- >> >> xmpp/email: koniczynek at uaznia.net >> >> xmpp/email: koniczynek at gmail.com >> >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 9 >> >> Date: Fri, 01 Dec 2006 09:15:14 -0700 >> >> From: David Boreham <david_list at boreham.org> >> >> Subject: Re: Memory usage >> >> To: "General discussion list for the Fedora Directory server >> project." >> >> <fedora-directory-users at redhat.com> >> >> Message-ID: <45705512.4070808 at boreham.org> >> >> Content-Type: text/plain; charset=ISO-8859-2; format=flowed >> >> >> >> koniczynek wrote: >> >> >> >> > Richard Megginson napisa?(a): >> >> > >> >> >> This is an excellent cache/memory tuning document from a Sun >> >> >> employee, primarily targeted to Sun DS users, but almost all of >> the >> >> >> information is relevant to Fedora DS (since they share a common >> >> >> lineage). >> >> >> >> >> >> http://www.directorymanager.org/blogs/ds_cache_sizing.pdf >> >> > >> >> > Lets say I heven't got much time lately so without thinking I've >> >> > changed in dse.ldif >> >> > nsslapd-import-cache-autosize from -1 to 1 and after restarting >> I've >> >> > started to receive errors like: "3 Time limit exceeded" Someone do >> >> > know what to do? ;) >> >> > >> >> Change it back ? >> >> >> >> >> >> >> >> >> >> >> >> ------------------------------ >> >> >> >> Message: 10 >> >> Date: Fri, 01 Dec 2006 17:53:22 +0100 >> >> From: koniczynek <koniczynek at uaznia.net> >> >> Subject: Re: Memory usage >> >> To: "General discussion list for the Fedora Directory server >> project." >> >> <fedora-directory-users at redhat.com> >> >> Message-ID: <45705E02.7020709 at uaznia.net> >> >> Content-Type: text/plain; charset=ISO-8859-2 >> >> >> >> David Boreham, dnia 2006-12-01 17:15 napisal: >> >> >> Lets say I heven't got much time lately so without thinking I've >> >> >> changed in dse.ldif >> >> >> nsslapd-import-cache-autosize from -1 to 1 and after restarting >> I've >> >> >> started to receive errors like: "3 Time limit exceeded" Someone do >> >> >> know what to do? ;) >> >> > Change it back ? >> >> man, please, show some respect ;) I did change it back, but to no >> avail. >> >> Also I can say (to stop further questions): yes, I've stopped the >> server >> >> before change. >> >> >> >> -- >> >> email/xmpp: koniczynek at uaznia.net >> >> >> >> >> >> >> >> ------------------------------ >> >> >> >> -- >> >> Fedora-directory-users mailing list >> >> Fedora-directory-users at redhat.com >> >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> >> >> >> >> End of Fedora-directory-users Digest, Vol 19, Issue 1 >> >> ***************************************************** >> > >> > _________________________________________________________________ >> > Off to school, going on a trip, or moving? Windows Live (MSN) >> > Messenger lets you stay in touch with friends and family wherever you >> > go. Click here to find out how to sign up! >> > http://www.telusmobility.com/msnxbox/ >> > >> > -- >> > Fedora-directory-users mailing list >> > Fedora-directory-users at redhat.com >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users >> -------------- next part -------------- >> A non-text attachment was scrubbed... >> Name: smime.p7s >> Type: application/x-pkcs7-signature >> Size: 3178 bytes >> Desc: S/MIME Cryptographic Signature >> Url : >> https://www.redhat.com/archives/fedora-directory-users/attachments/20061201/7d15c5b4/smime.bin >> >> >> ------------------------------ >> >> Message: 2 >> Date: Fri, 01 Dec 2006 15:23:28 -0800 >> From: To Ngan <tngan at redhat.com> >> Subject: Re: AD + FDS sync stops working? >> To: "General discussion list for the Fedora Directory server project." >> <fedora-directory-users at redhat.com> >> Message-ID: <4570B970.3070901 at redhat.com> >> Content-Type: text/plain; charset="windows-1252" >> >> Dan Oglesby wrote: >> > I tried the following: >> > >> > In windows registry->HKLM->Software->PasswordSync, try add string >> value ?Log >> > Level? and set it to ?1?. Restart the passsync service. This should >> log >> > all transactions and errors. Turn this back to "0" and restart >> passsync >> > after troubleshooting. >> > >> > All I see in the log is this: >> > >> > 11/30/06 09:12:58: begin log >> > 11/30/06 09:12:59: 0 new entries loaded from file >> > 11/30/06 09:14:20: 0 new entries loaded from file >> > 11/30/06 09:14:20: 0 entries saved to file >> > 11/30/06 09:14:20: end log >> > 11/30/06 09:14:22: begin log >> > 11/30/06 09:14:22: 0 new entries loaded from file >> > >> > That?s after restarting the passsync service twice, and changing a >> user?s >> > password in AD four times. >> > >> >> Hmm... 2 Windows sync stopped working together after 6 months. Any cert >> on AD or DS side expired? >> -- >> toto >> >> -------------- next part -------------- >> A non-text attachment was scrubbed... >> Name: smime.p7s >> Type: application/x-pkcs7-signature >> Size: 3233 bytes >> Desc: S/MIME Cryptographic Signature >> Url : >> https://www.redhat.com/archives/fedora-directory-users/attachments/20061201/b9f1ea83/smime.bin >> >> >> ------------------------------ >> >> Message: 3 >> Date: Sat, 02 Dec 2006 09:28:17 +0100 >> From: koniczynek <koniczynek at uaznia.net> >> Subject: Re: Memory usage >> To: "General discussion list for the Fedora Directory server project." >> <fedora-directory-users at redhat.com> >> Message-ID: <45713921.1080009 at uaznia.net> >> Content-Type: text/plain; charset=ISO-8859-2 >> >> Richard Megginson, dnia 2006-12-01 18:00 napisal: >> >> man, please, show some respect ;) I did change it back, but to no >> avail. >> >> Also I can say (to stop further questions): yes, I've stopped the >> server >> >> before change. >> >> >> > What types of searches are returning time limit exceeded? Can you post >> > relevant excerpts from the access and error logs? >> I'm "benchmarking" my FDS with "ldapsearch -x" and earlier it worked and >> now it does not. In error logs there were "err=3" but I don't remember >> much more and I'll have access to the logs on Monday, so till then, only >> I can provide only this information (because I do not remember anything >> more ;) ) >> >> -- >> email/xmpp: koniczynek at uaznia.net >> >> >> >> ------------------------------ >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> >> >> End of Fedora-directory-users Digest, Vol 19, Issue 3 >> ***************************************************** > > _________________________________________________________________ > Off to school, going on a trip, or moving? Windows Live (MSN) > Messenger lets you stay in touch with friends and family wherever you > go. Click here to find out how to sign up! > http://www.telusmobility.com/msnxbox/ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20061205/ab1314e2/attachment.bin
