Re: creating replication user from 389-console

[Derek Belcher <jderekbelcher@xxxxxxxxx>]

Yes I created mine in the dse.ldif as well a while back. Though I put the user into an LDIF file and used ldapmodify to add it.

cat replication_manager.ldif 

dn: cn=replication manager,cn=config

objectClass: inetorgperson

objectClass: person

objectClass: top

cn: replication manager

sn: manager

userPassword: (cleartext password)

passwordExpirationTime: 20380119031407Z

nsIdleTimeout: 0

Stop dirsrv

ldapmodify -D "cn=directory manager" -W -f replication_manager.ldif

Start dirsrv

grep "dn: cn=replication manager" -A 15 /etc/dirsrv/slapd-kat-ds-02/dse.ldif

dn: cn=replication manager,cn=config

objectClass: inetorgperson

objectClass: person

objectClass: top

objectClass: organizationalPerson

cn: replication manager

sn: manager

passwordExpirationTime: 20380119031407Z

nsIdleTimeout: 0

userPassword:: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==

creatorsName: cn=directory manager

modifiersName: cn=directory manager

createTimestamp: 20120708014028Z

modifyTimestamp: 20120708014028Z

--Derek

On Thu, Dec 6, 2012 at 9:53 AM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:

On 12/06/2012 08:20 AM, Sharuzzaman Ahmat Raslan wrote:

In the URL https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_the_Supplier_Bind_DN_Entry.html

Quote:
However, although Red Hat recommends not storing simple user entries under cn=config for performance reasons, it can be useful to store special user entries such as the Directory Manager entry or replication manager (supplier bind DN) entry under cn=config since this centralizes configuration information.

Quote:

1. Stop the Directory Server. If the server is not stopped, the changes to the dse.ldif file will not be saved. See Section 1.3, “Starting and Stopping Servers” for more information on stopping the server.
2. Create a new entry, such as cn=replication manager,cn=config, in the dse.ldif file.

Ok.  Please file a doc bug.  We should not encourage people to edit the dse.ldif when it is not necessary.

I cannot give the error message now, as I'm not at customer site. When I get back to office, I will give the exact error.

Thanks.

On Thu, Dec 6, 2012 at 10:19 PM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote:

On 12/05/2012 10:07 PM, Sharuzzaman Ahmat Raslan wrote:

Hi all,

According to RH document, if you want to create the replication user, you must edit the dse.ldif file and put the user information there.

No.  Where does it say that you must edit the dse.ldif?

I tried to use 389-console, create user (which use uid=repman) then try to enable cn=repman, but there is error saying that directory server refuse to do the renaming.

Can you provide the exact error message?

What is the correct way to create cn=repman only by using 389 console?

Thanks.


https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Creating_the_Supplier_Bind_DN_Entry.html



--
Sharuzzaman Ahmat Raslan

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
Sharuzzaman Ahmat Raslan

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users