On 05/09/2012 10:09 AM, Ali Jawad wrote:
Hi Rich
Seems I still got a problem, the users can't logon anymore,
I did try to
dn: uid=username,ou=people,dc=domain,dc=local
changetype: delete
delete: lastLoginTime
But I keep getting
ldapmodify: extra lines at end (line 3 of entry
"uid=username,ou=people,dc=domain,dc=local")
I checked for whitespaces, extra lines..but still same
issue
I did also check for lastLoginTime values in the users in
the interface, but the value is empty..so not sure if this
is the problem at all
does ldapmodify -d 1 give any more useful information?
Regards
On Wed, May 9, 2012 at 5:26 PM, Ali
Jawad <ali.jawad@xxxxxxxxxxxx>
wrote:
Hi Rich
Your help is highly appreciated, I got it working,
thanks for your patience.
Regards
On Wed, May 9, 2012 at
5:19 PM, Rich Megginson <rmeggins@xxxxxxxxxx>
wrote:
On 05/09/2012 08:17 AM, Ali Jawad
wrote:
Hi
Thanks Rich, just what I was
searching for, I am facing a problem
though "ldapmodify: No such object
(32) matched DN:
dc=domain,dc=local"at :
[user@server ~]$ ldapmodify -a -D "cn=directory manager" -w secret -p 389 -h server.example.com -x
dn: cn=Account Inactivation Policy,dc=example,dc=com
objectClass: top
objectClass: ldapsubentry
objectClass: extensibleObject
objectClass: accountpolicy
accountInactivityLimit: 2592000
cn: Account Inactivation Policy
I am doing
[root@386-100-16 dirsrv]#
ldapmodify -D "cn=directory
manager" -w password -p 389 -h
x.x.x.x -x
dn: cn=Account Inactivation
Policy,dc=domain,dc=local
objectClass: top
objectClass: ldapsubentry
objectClass: extensibleObject
objectClass: accountpolicy
accountInactivityLimit: 2592000
cn: Account Inactivation Policy
modifying entry "cn=Account
Inactivation
Policy,dc=domain,dc=local"
ldapmodify: No such object (32)
matched DN:
dc=domain,dc=local
Right. You are missing the ldapmodify -a -
see the original instructions
On Wed,
May 9, 2012 at 4:47 PM, Rich
Megginson <rmeggins@xxxxxxxxxx>
wrote:
On 05/09/2012 07:45
AM, Ali Jawad wrote:
Hi
My DS version
is :
rpm -qa |
grep 389
389-admin-console-1.1.8-1.el5
389-ds-base-1.2.9.9-1.el5
389-dsgw-1.1.7-2.el5
389-console-1.1.7-3.el5
389-adminutil-1.1.14-1.el5
389-admin-1.1.23-1.el5
389-admin-console-doc-1.1.8-1.el5
389-ds-1.2.1-1.el5
389-ds-base-libs-1.2.9.9-1.el5
389-ds-console-1.2.6-1.el5
389-ds-console-doc-1.2.6-1.el5
[root@386-100-16
dirsrv]#
ldapsearch -x -D
"cn=Directory
manager" -w
Password -b
"cn=config" -s
base
lastLoginTime
# extended
LDIF
#
# LDAPv3
# base
<cn=config>
with scope
baseObject
# filter:
(objectclass=*)
# requesting:
lastLoginTime
#
# config
dn: cn=config
# search
result
search: 2
result: 0
Success
#
numResponses: 2
# numEntries:
1
and
[root@386-100-16
dirsrv]# grep
-i
lastlogintime
/etc/dirsrv/slapd-386-100-16/schema/*
/etc/dirsrv/slapd-386-100-16/schema/60acctpolicy.ldif:##
lastLoginTime
holds login
state in user
entries
(GeneralizedTime
syntax)
/etc/dirsrv/slapd-386-100-16/schema/60acctpolicy.ldif:attributeTypes:
(
2.16.840.1.113719.1.1.4.1.35
NAME
'lastLoginTime'
I am not sure
how to implement
this though,
please advice.
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/account-policy-plugin.html
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
Ali Jawad
Information
Systems Manager
Splendor
Telecom (www.splendor.net)
Beirut, Lebanon
Phone: +9611373725/ext
116
FAX: +9611375554
--
Ali
Jawad
Information
Systems Manager
Splendor
Telecom (www.splendor.net)
Beirut, Lebanon
Phone: +9611373725/ext 116
FAX: +9611375554
--
Ali Jawad
Information Systems
Manager
Splendor Telecom (www.splendor.net)
Beirut, Lebanon
Phone: +9611373725/ext 116
FAX: +9611375554
|
